I have some baddies after format of XP Home

Answers to your tech questions

Computer forums for help with removing malicious software (malware) and improving computer security

Home Forums Contact

HijackThis Members

Welcome ( Log In | Register )

What the Tech > Spyware / Malware / Virus Removal > Infections Removal

5 Pages

1 2 3 > »

Reply to this topic

Start new topic

I have some baddies after format of XP Home, Format and still slow

Rhineus View Member Profile	Nov 1 2009, 02:01 AM Post #1
Authentic Member Group: Authentic Member Posts: 68 Joined: 27-October 07 From: St. Joseph, TN (USA) Member No.: 73,804 Operating System: XP Home	Hello, I think I had some bad ware on my computer but I thought I got it all off but I guess I didn't... Anyway, I re-formatted this evening after for about 2 or 3 weeks of going slower and slower. Everything went fine, but about 30 minutes or an hour it all of a sudden started like starting and stopping, almost like slipping and sticking friction wise. Sometimes its slow... Iv'e noticed, that I have more svchost.exe and I think one more explorer.exe. I ran Malwarebytes Anti-malware and it fount 5 baddies, and I deleted them all. I re-started and all was going good until like maybe 10 or 15 minutes and then it started doing like it was before, and the baddies came back. And it's slow on shut down too I will put my Malwarebytes Anti-malware log and my HJT log. Malwarebytes' Anti-Malware 1.33 Database version: 1654 Windows 5.1.2600 Service Pack 2 11/1/2009 1:22:23 AM mbam-log-2009-11-01 (01-22-17).txt Scan type: Full Scan (C:\\|) Objects scanned: 56967 Time elapsed: 15 minute(s), 43 second(s) Memory Processes Infected: 1 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: c:\WINDOWS\svchost.exe (Heuristics.Reserved.Word.Exploit) -> No action taken. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{y479c6d0-otrw-u5gh-s1ee-e0ac10b4e666} (Trojan.Agent) -> No action taken. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\svchost (Trojan.Agent) -> No action taken. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\svchost.exe (Trojan.Agent) -> No action taken. C:\WINDOWS\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> No action taken. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:49:00 AM, on 11/1/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wscntfy.exe C:\windows\system32\explorer.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe c:\windows\svchost.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\SpywareGuard\sgmain.exe c:\windows\system32\vttimer.exe' C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\FlashGet Network\FlashGet 3\Flashget3.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\PROGRA~1\FREEDO~1\fdm.exe F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe c:\windows\system32\explorer.exe O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\Home\Application Data\FlashGetBHO\FlashGetBHO3.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\RunOnce: [Explorer] c:\windows\system32\explorer.exe RO O4 - HKLM\..\RunOnce: [Svchost] c:\windows\svchost.exe RO O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Download All By FlashGet3 - C:\Documents and Settings\Home\Application Data\FlashGetBHO\GetAllUrl.htm O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download By FlashGet3 - C:\Documents and Settings\Home\Application Data\FlashGetBHO\GetUrl.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{FA63A28A-E34E-4B49-A236-136840D8CF76}: NameServer = 76.164.173.1 76.164.173.2 O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 5774 bytes I hope you can help, Thank you Michael This post has been edited by Rhineus: Nov 1 2009, 08:50 AM

oldman960 View Member Profile	Nov 1 2009, 01:23 PM Post #2
SuperMember Group: Classroom Teacher Posts: 3,910 Joined: 27-April 08 Member No.: 78,707 Operating System: win98se, XP pro	Hi ,Rhineus welcome to the forum. To make cleaning this machine easier Please do not uninstall/install any programs unless asked to It is more difficult when files/programs are appearing in/disappearing from the logs. Please do not run any scans other than those requested Please follow all instructions in the order posted All logs/reports, etc.. must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked. Do not attach any logs/reports, etc.. unless specifically requested to do so. If you have problems with or do not understand the instructions, Please ask before continuing. Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine. Before we get started, unless I missed it, where is your anti virus program? According to the MBAM log you posted, you took "No action taken". That will not remove the flagged items. Open hijackthis, do a system scan only and checkmark these lines, if present F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe c:\windows\system32\explorer.exe O4 - HKLM\..\RunOnce: [Explorer] c:\windows\system32\explorer.exe RO O4 - HKLM\..\RunOnce: [Svchost] c:\windows\svchost.exe RO Close ALL other windows/browsers and click Fix Checked. Answer Yes if prompted. Close HJT. You have this program installed, Malwarebytes' Anti-Malware (MBAM). Please update it and run a scan. Open MBAM Click the Update tab Click Check for Updates If an update is found, it will download and install the latest version. The program will close to update and reopen. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly. Download OTListIt2 to your desktop. Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted. When the window appears, underneath Output at the top change it to Minimal Output Check the boxes beside LOP Check and Purity Check. In the Custom Scans/Fixes box near the bottom, copy and paste this line Drivers Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in. Please post back with MBAM log both OTL logs No need for a HJT (hijackthis) log this time. Thanks

Rhineus View Member Profile	Nov 1 2009, 03:56 PM Post #3
Authentic Member Group: Authentic Member Posts: 68 Joined: 27-October 07 From: St. Joseph, TN (USA) Member No.: 73,804 Operating System: XP Home	My Anti-virus program is Comodo Internet Security the free version... It has the anti-virus and firewall together. Sorry, I was installing the windows updates but I wont anymore. I didn't think about that. I restarted the computer right after I scanned the it, I was just involved in updating it. Malwarebytes' Anti-Malware 1.41 Database version: 2775 Windows 5.1.2600 Service Pack 2 11/1/2009 3:26:31 PM mbam-log-2009-11-01 (15-26-31).txt Scan type: Quick Scan Objects scanned: 80187 Time elapsed: 2 minute(s), 53 second(s) Memory Processes Infected: 1 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: c:\WINDOWS\svchost.exe (Trojan.Agent) -> Unloaded process successfully. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{y479c6d0-otrw-u5gh-s1ee-e0ac10b4e666} (Generic.Bot.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{f146c9b1-vmvq-a9rc-nufl-d0ba00b4e999} (Trojan.Agent) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\svchost (Trojan.Agent) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot. OTL Extras logfile created on: 11/1/2009 3:38:15 PM - Run 1 OTL by OldTimer - Version 3.1.2.0 Folder = C:\Documents and Settings\Home\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 447.48 Mb Total Physical Memory \| 225.10 Mb Available Physical Memory \| 50.30% Memory free 1.03 Gb Paging File \| 0.83 Gb Available in Paging File \| 80.51% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 74.52 Gb Total Space \| 68.38 Gb Free Space \| 91.76% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: \| 232.83 Gb Total Space \| 20.75 Gb Free Space \| 8.91% Space Free \| Partition Type: FAT32 Computer Name: MICHAEL Current User Name: Home Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP::Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP::Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP::Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP::Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe::Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.) "$INSTDIR\FlvDetector.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlvDetector.exe::Enabled:FGFlvDetector -- File not found "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "COMODO Internet Security" = COMODO Internet Security "FlashGet 3.0 Beta" = FlashGet 3.0 Beta "Free Download Manager_is1" = Free Download Manager 3.0 "GOM Player" = GOM Player "HijackThis" = HijackThis 2.0.2 "JDownloader" = JDownloader "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.5.4)" = Mozilla Firefox (3.5.4) "S3" = VIA/S3G Display Driver "SpywareGuard_is1" = SpywareGuard v2.2 "Unlocker" = Unlocker 1.8.8 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "AI RoboForm" = AI RoboForm ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 11/1/2009 2:58:41 AM \| Computer Name = MICHAEL \| Source = crypt32 \| ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired. Error - 11/1/2009 11:32:50 AM \| Computer Name = MICHAEL \| Source = crypt32 \| ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired. Error - 11/1/2009 1:09:49 PM \| Computer Name = MICHAEL \| Source = crypt32 \| ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired. Error - 11/1/2009 1:28:06 PM \| Computer Name = MICHAEL \| Source = crypt32 \| ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired. Error - 11/1/2009 1:33:04 PM \| Computer Name = MICHAEL \| Source = Application Error \| ID = 1000 Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x001f1cb0. Error - 11/1/2009 1:41:03 PM \| Computer Name = MICHAEL \| Source = crypt32 \| ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired. Error - 11/1/2009 2:18:46 PM \| Computer Name = MICHAEL \| Source = Application Error \| ID = 1000 Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting module svchost.exe, version 5.1.2600.2180, fault address 0x00001361. Error - 11/1/2009 2:28:20 PM \| Computer Name = MICHAEL \| Source = crypt32 \| ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired. Error - 11/1/2009 3:26:50 PM \| Computer Name = MICHAEL \| Source = crypt32 \| ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired. Error - 11/1/2009 3:49:22 PM \| Computer Name = MICHAEL \| Source = crypt32 \| ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired. [ System Events ] Error - 11/1/2009 1:28:30 PM \| Computer Name = MICHAEL \| Source = SideBySide \| ID = 16842784 Description = Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system. Error - 11/1/2009 1:28:30 PM \| Computer Name = MICHAEL \| Source = SideBySide \| ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. . Error - 11/1/2009 1:28:30 PM \| Computer Name = MICHAEL \| Source = SideBySide \| ID = 16842811 Description = Generate Activation Context failed for C:\WINDOWS\system32\Ms16.exe. Reference error message: The operation completed successfully. . Error - 11/1/2009 1:34:08 PM \| Computer Name = MICHAEL \| Source = Service Control Manager \| ID = 7032 Description = The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: %%1056 Error - 11/1/2009 3:11:33 PM \| Computer Name = MICHAEL \| Source = Service Control Manager \| ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Domain Services service to connect. Error - 11/1/2009 3:11:33 PM \| Computer Name = MICHAEL \| Source = Service Control Manager \| ID = 7000 Description = The Domain Services service failed to start due to the following error: %%1053 Error - 11/1/2009 3:12:35 PM \| Computer Name = MICHAEL \| Source = Service Control Manager \| ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Domain Services service to connect. Error - 11/1/2009 3:12:35 PM \| Computer Name = MICHAEL \| Source = Service Control Manager \| ID = 7000 Description = The Domain Services service failed to start due to the following error: %%1053 Error - 11/1/2009 3:21:37 PM \| Computer Name = MICHAEL \| Source = Service Control Manager \| ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Domain Services service to connect. Error - 11/1/2009 3:21:37 PM \| Computer Name = MICHAEL \| Source = Service Control Manager \| ID = 7000 Description = The Domain Services service failed to start due to the following error: %%1053 < End of report >

Rhineus View Member Profile	Nov 1 2009, 04:00 PM Post #4
Authentic Member Group: Authentic Member Posts: 68 Joined: 27-October 07 From: St. Joseph, TN (USA) Member No.: 73,804 Operating System: XP Home	OTL logfile created on: 11/1/2009 3:38:15 PM - Run 1 OTL by OldTimer - Version 3.1.2.0 Folder = C:\Documents and Settings\Home\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 447.48 Mb Total Physical Memory \| 225.10 Mb Available Physical Memory \| 50.30% Memory free 1.03 Gb Paging File \| 0.83 Gb Available in Paging File \| 80.51% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 74.52 Gb Total Space \| 68.38 Gb Free Space \| 91.76% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: \| 232.83 Gb Total Space \| 20.75 Gb Free Space \| 8.91% Space Free \| Partition Type: FAT32 Computer Name: MICHAEL Current User Name: Home Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - c:\WINDOWS\svchost.exe 3740 PRC - C:\Documents and Settings\Home\Desktop\OTL.exe (OldTimer Tools) PRC - C:\WINDOWS\system32\vttimer.exe' (S3 Graphics, Inc.) PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems) PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO) PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) PRC - C:\WINDOWS\system32\explorer.exe () PRC - C:\Program Files\Unlocker\UnlockerAssistant.exe () PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) PRC - C:\Program Files\SpywareGuard\sgmain.exe () PRC - C:\Program Files\SpywareGuard\sgbhp.exe () ========== Win32 Services (SafeList) ========== SRV - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) SRV - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO) SRV - C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - C:\WINDOWS\system32\drivers\cmdguard.sys (COMODO) DRV - C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO) DRV - C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO) DRV - C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - C:\WINDOWS\system32\drivers\vtmini.sys (Copyright © VIA/S3 Graphics Co, Ltd.) DRV - C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.) DRV - C:\WINDOWS\system32\drivers\secdrv.sys () DRV - C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - C:\WINDOWS\system32\drivers\ltmdmnt.sys (LT) DRV - C:\WINDOWS\system32\drivers\fetnd5.sys (VIA Technologies, Inc. ) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Home\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\guard32.dll (COMODO) MOD - C:\Program Files\Unlocker\UnlockerHook.dll () MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" FF - prefs.js..browser.search.openintab: true FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1 FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.0.6 FF - prefs.js..extensions.enabledItems: alertstopper@dorian.meric:100.001 FF - prefs.js..extensions.enabledItems: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0 FF - prefs.js..extensions.enabledItems: {c4d362ec-1cff-4ca0-9031-99a8fad7995a}:1.10.2009073101 FF - prefs.js..extensions.enabledItems: delicioustagbykeywords@pratikpoddar:1.3 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.7 FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.7 FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4 FF - prefs.js..extensions.enabledItems: statusbar@status.bar:1.0 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090920.2 FF - prefs.js..extensions.enabledItems: guiconfig@slosd.net:0.4.4 FF - prefs.js..extensions.enabledItems: {7102aba3-045c-4ec2-b921-46d87636d84b}:2.01 FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090525 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {a3b24d40-bac4-11dc-95ff-0800200c9a66}:0.2.2 FF - prefs.js..extensions.enabledItems: {8b68fd37-ac54-4c6c-a165-e369ce5ea38e}:2.2 FF - prefs.js..extensions.enabledItems: mintrayr@tn123.ath.cx:0.5 FF - prefs.js..extensions.enabledItems: {9a7a67d3-3048-47fb-acde-d0f7ae51f86a}:1.2.1 FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.3.4 FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:4.0 FF - prefs.js..extensions.enabledItems: mybookmarks@ma2ten.catsyawn.net:0.5.7 FF - prefs.js..extensions.enabledItems: openbookmarkintab@piro.sakura.ne.jp:0.1.2009100801 FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2 FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.2.0.2 FF - prefs.js..extensions.enabledItems: PrivacyPlus@PeterOlayev.com:1.0.1 FF - prefs.js..extensions.enabledItems: quickdrag@mozilla.ktechcomputing.com:2.0.2.1 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.5.1 FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.6.2 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.7 FF - prefs.js..extensions.enabledItems: tabkit@jomel.me.uk:0.5.8 FF - prefs.js..extensions.enabledItems: {2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}:1.2.4 FF - prefs.js..extensions.enabledItems: VacuumPlacesImproved@lultimouomo-gmail.com:1 FF - prefs.js..extensions.enabledItems: {89f8dde0-010a-11da-8cd6-0800200c9a66}:1.0.0.18 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/10/31 14:20:20 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/31 15:25:51 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/31 14:20:29 \| 00,000,000 \| ---D \| M] [2009/10/31 19:27:51 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\VacuumPlacesImproved@lultimouomo-gmail.com [2009/10/31 19:27:51 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\tabkit@jomel.me.uk [2009/10/31 19:11:01 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\statusbar@status.bar [2009/10/31 19:27:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\quickdrag@mozilla.ktechcomputing.com [2009/10/31 19:27:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\PrivacyPlus@PeterOlayev.com [2009/10/31 19:44:17 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\openbookmarkintab@piro.sakura.ne.jp [2009/10/31 19:44:17 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\mybookmarks@ma2ten.catsyawn.net [2009/10/31 19:28:02 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\mintrayr@tn123.ath.cx [2009/10/31 19:10:51 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\guiconfig@slosd.net [2009/10/31 19:08:08 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\elemhidehelper@adblockplus.org [2009/10/31 19:08:07 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\delicioustagbykeywords@pratikpoddar [2009/10/31 19:08:08 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\alertstopper@dorian.meric [2009/10/31 19:28:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033} [2009/10/31 19:11:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2009/10/31 19:44:10 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2009/10/31 21:37:58 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} [2009/10/31 19:08:06 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2009/10/31 19:08:08 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009/10/31 19:08:07 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{c4d362ec-1cff-4ca0-9031-99a8fad7995a} [2009/10/31 19:28:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492} [2009/10/31 19:10:52 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{a3b24d40-bac4-11dc-95ff-0800200c9a66} [2009/10/31 19:28:02 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{9a7a67d3-3048-47fb-acde-d0f7ae51f86a} [2009/10/31 19:07:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC} [2009/10/31 19:28:02 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{8b68fd37-ac54-4c6c-a165-e369ce5ea38e} [2009/10/31 19:52:24 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66} [2009/10/31 19:27:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2009/10/31 19:10:53 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2009/10/31 19:44:15 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{7102aba3-045c-4ec2-b921-46d87636d84b} [2009/10/31 19:44:29 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2009/10/31 19:28:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2009/10/31 19:27:50 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0} [2009/10/31 19:44:09 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2009/10/31 19:27:58 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2009/10/31 19:08:08 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F} [2009/10/31 21:38:09 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions [2009/10/31 15:26:01 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/10/31 15:26:01 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Extensions [2009/10/31 15:26:01 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Extensions [2009/10/31 15:26:01 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/10/31 21:38:09 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions [2009/10/31 19:08:08 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F} [2009/10/31 19:27:58 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2009/10/31 19:44:09 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2009/10/31 19:27:50 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0} [2009/10/31 19:28:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2009/10/31 19:44:29 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2009/10/31 19:44:15 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{7102aba3-045c-4ec2-b921-46d87636d84b} [2009/10/31 19:10:53 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2009/10/31 19:27:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2009/10/31 19:52:24 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66} [2009/10/31 19:28:02 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{8b68fd37-ac54-4c6c-a165-e369ce5ea38e} [2009/10/31 19:07:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC} [2009/10/31 19:28:02 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{9a7a67d3-3048-47fb-acde-d0f7ae51f86a} [2009/10/31 19:10:52 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{a3b24d40-bac4-11dc-95ff-0800200c9a66} [2009/10/31 19:28:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492} [2009/10/31 19:08:07 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{c4d362ec-1cff-4ca0-9031-99a8fad7995a} [2009/10/31 19:08:08 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009/10/31 19:08:06 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2009/10/31 21:37:58 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} [2009/10/31 19:44:10 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2009/10/31 19:11:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2009/10/31 19:28:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033} [2009/10/31 19:08:08 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\alertstopper@dorian.meric [2009/10/31 19:08:07 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\delicioustagbykeywords@pratikpoddar [2009/10/31 19:08:08 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\elemhidehelper@adblockplus.org [2009/10/31 19:10:51 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\guiconfig@slosd.net [2009/10/31 19:28:02 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\mintrayr@tn123.ath.cx [2009/10/31 19:44:17 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\mybookmarks@ma2ten.catsyawn.net [2009/10/31 19:44:17 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\openbookmarkintab@piro.sakura.ne.jp [2009/10/31 19:27:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\PrivacyPlus@PeterOlayev.com [2009/10/31 19:27:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\quickdrag@mozilla.ktechcomputing.com [2009/10/31 19:11:01 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\statusbar@status.bar [2009/10/31 19:27:51 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\tabkit@jomel.me.uk [2009/10/31 19:27:51 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\kuqfe9a4.default\extensions\VacuumPlacesImproved@lultimouomo-gmail.com [2009/10/31 14:20:31 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2009/10/31 14:18:37 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/10/31 21:38:09 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions [2009/10/31 21:38:09 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions [2009/10/31 14:18:37 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/10/31 14:20:31 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2009/10/16 14:08:14 \| 00,023,544 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2009/10/16 14:08:15 \| 00,137,208 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2009/10/31 14:20:19 \| 00,411,368 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll [2009/10/16 14:08:16 \| 00,065,016 \| ---- \| M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2009/10/16 11:58:44 \| 00,001,394 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml [2009/10/16 11:58:44 \| 00,002,193 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml [2009/10/16 11:58:44 \| 00,001,534 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml [2009/10/16 11:58:44 \| 00,002,344 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml [2009/10/16 11:58:44 \| 00,002,371 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2009/10/16 11:58:44 \| 00,001,178 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml [2009/10/16 11:58:44 \| 00,000,792 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll () O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\Home\Application Data\FlashGetBHO\FlashGetBHO3.dll (FlashGet) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll () O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [SoundMan] File not found O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe () O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O4 - HKLM..\RunOnce: [Explorer] C:\WINDOWS\System32\explorer.exe () O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [Svchost] c:\windows\svchost.exe () O4 - Startup: C:\Documents and Settings\Home\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: Download All By FlashGet3 - C:\Documents and Settings\Home\Application Data\FlashGetBHO\GetAllUrl.htm () O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Download By FlashGet3 - C:\Documents and Settings\Home\Application Data\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (C:\WINDOWS\explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (c:\windows\system32\explorer.exe) - C:\WINDOWS\system32\explorer.exe () O24 - Desktop Components:0 (My Current Home Page) - About:Home O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll () O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/10/31 13:53:00 \| 00,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006/08/08 09:59:46 \| 00,000,000 \| ---D \| M] - J:\autorun -- [ FAT32 ] O32 - AutoRun File - [2004/01/22 15:47:32 \| 00,000,038 \| R--- \| M] () - J:\AUTORUN.INF -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: () - File not found O35 - comfile [open] -- "%1" % File not found O35 - exefile [open] -- "%1" %* File not found ========== Files/Folders - Created Within 30 Days ========== [2009/11/01 15:31:43 \| 00,527,360 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Home\Desktop\OTL.exe [2009/11/01 15:19:42 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\TaskManager [2009/11/01 14:59:02 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Desktop\I_have_some_baddies_after_format_XP_Home_t108043_files [2009/11/01 14:58:57 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\My Documents\Downloads [2009/11/01 13:46:15 \| 00,017,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009/11/01 13:46:10 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\LastGood [2009/11/01 09:29:30 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2009/11/01 09:29:00 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\$hf_mig$ [2009/11/01 03:14:01 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\My Documents\GomPlayer [2009/11/01 03:14:00 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\GRETECH [2009/11/01 02:14:39 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Trend Micro [2009/11/01 01:51:03 \| 00,000,000 \| ---D \| C] -- C:\Program Files\JDownloader [2009/11/01 00:54:41 \| 00,053,248 \| -HS- \| C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\vttimer.exe' [2009/11/01 00:30:18 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Hagel Technologies [2009/11/01 00:30:14 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Hagel Technologies [2009/11/01 00:23:31 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\pss [2009/11/01 00:15:13 \| 00,000,000 \| ---D \| C] -- C:\Program Files\GRETECH [2009/10/31 20:53:47 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\BITS [2009/10/31 20:53:37 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\FlashGetBHO [2009/10/31 20:53:36 \| 00,000,000 \| ---D \| C] -- C:\Program Files\FlashGet Network [2009/10/31 20:49:27 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\Malwarebytes [2009/10/31 20:49:24 \| 00,019,160 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/10/31 20:49:20 \| 00,038,224 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/10/31 20:49:16 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/10/31 20:49:16 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2009/10/31 20:38:24 \| 00,006,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys [2009/10/31 20:38:24 \| 00,006,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys [2009/10/31 20:38:22 \| 00,082,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys [2009/10/31 20:38:22 \| 00,082,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys [2009/10/31 20:38:20 \| 00,052,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys [2009/10/31 20:38:20 \| 00,052,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys [2009/10/31 20:38:14 \| 00,054,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys [2009/10/31 20:38:14 \| 00,054,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys [2009/10/31 20:38:12 \| 00,142,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys [2009/10/31 20:38:12 \| 00,142,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys [2009/10/31 20:38:10 \| 00,171,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys [2009/10/31 20:38:10 \| 00,171,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys [2009/10/31 20:38:09 \| 00,002,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys [2009/10/31 20:38:09 \| 00,002,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys [2009/10/31 20:38:07 \| 00,060,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys [2009/10/31 20:38:07 \| 00,060,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys [2009/10/31 20:38:04 \| 00,007,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys [2009/10/31 20:38:04 \| 00,007,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys [2009/10/31 20:38:01 \| 00,004,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys [2009/10/31 20:38:01 \| 00,004,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys [2009/10/31 20:37:59 \| 00,005,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys [2009/10/31 20:37:59 \| 00,005,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys [2009/10/31 20:37:29 \| 00,145,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys [2009/10/31 20:37:29 \| 00,145,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys [2009/10/31 20:37:28 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll [2009/10/31 20:37:28 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll [2009/10/31 20:37:27 \| 00,060,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys [2009/10/31 20:37:27 \| 00,060,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys [2009/10/31 20:37:26 \| 00,130,048 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax [2009/10/31 20:37:26 \| 00,130,048 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax [2009/10/31 20:34:38 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\My Documents\Michael's Stuff [2009/10/31 20:32:32 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Home\My Documents\Music [2009/10/31 20:21:07 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\My Documents\Programs [2009/10/31 20:17:55 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\My Documents\eBooks [2009/10/31 20:17:54 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Home\My Documents\My Pictures [2009/10/31 20:17:43 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\My Documents\Tutorial Files [2009/10/31 20:16:47 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\My Documents\Zeitgeist - transcript_files [2009/10/31 19:24:51 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\SoftwareDistribution [2009/10/31 15:35:15 \| 00,000,000 \| ---D \| C] -- C:\Downloads [2009/10/31 15:33:10 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\Macromedia [2009/10/31 15:33:10 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\Adobe [2009/10/31 14:20:29 \| 00,411,368 \| ---- \| C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll [2009/10/31 14:20:29 \| 00,149,280 \| ---- \| C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2009/10/31 14:20:29 \| 00,145,184 \| ---- \| C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2009/10/31 14:20:29 \| 00,145,184 \| ---- \| C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2009/10/31 14:20:29 \| 00,073,728 \| ---- \| C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2009/10/31 14:19:00 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\Free Download Manager [2009/10/31 14:18:57 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG [2009/10/31 14:18:36 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Mozilla Firefox [2009/10/31 14:13:49 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Thinstall [2009/10/31 14:12:28 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Comodo [2009/10/31 14:12:26 \| 00,179,792 \| ---- \| C] (COMODO) -- C:\WINDOWS\System32\guard32.dll [2009/10/31 14:12:26 \| 00,132,296 \| ---- \| C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys [2009/10/31 14:12:26 \| 00,087,104 \| ---- \| C] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys [2009/10/31 14:12:26 \| 00,025,160 \| ---- \| C] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys [2009/10/31 14:09:21 \| 00,000,000 \| -HSD \| C] -- C:\Config.Msi [2009/10/31 14:05:05 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\Identities [2009/10/31 14:05:04 \| 00,000,000 \| -H-D \| C] -- C:\Program Files\Uninstall Information [2009/10/31 14:04:58 \| 00,000,000 \| --SD \| C] -- C:\Documents and Settings\Home\Cookies [2009/10/31 14:04:58 \| 00,000,000 \| --SD \| C] -- C:\Documents and Settings\Home\Application Data\Microsoft [2009/10/31 14:04:58 \| 00,000,000 \| RH-D \| C] -- C:\Documents and Settings\Home\SendTo [2009/10/31 14:04:58 \| 00,000,000 \| RH-D \| C] -- C:\Documents and Settings\Home\Recent [2009/10/31 14:04:58 \| 00,000,000 \| RH-D \| C] -- C:\Documents and Settings\Home\Application Data [2009/10/31 14:04:58 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Home\Start Menu [2009/10/31 14:04:58 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Home\My Documents [2009/10/31 14:04:58 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\Home\Favorites [2009/10/31 14:04:58 \| 00,000,000 \| -H-D \| C] -- C:\Documents and Settings\Home\Templates [2009/10/31 14:04:58 \| 00,000,000 \| -H-D \| C] -- C:\Documents and Settings\Home\PrintHood [2009/10/31 14:04:58 \| 00,000,000 \| -H-D \| C] -- C:\Documents and Settings\Home\NetHood [2009/10/31 14:04:58 \| 00,000,000 \| -H-D \| C] -- C:\Documents and Settings\Home\Local Settings [2009/10/31 14:04:58 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Desktop [2009/10/31 14:04:58 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Microsoft [2009/10/31 13:56:34 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\SoftwareDistribution [2009/10/31 13:56:33 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Prefetch [2009/10/31 13:56:32 \| 00,000,000 \| --SD \| C] -- C:\WINDOWS\System32\Microsoft [2009/10/31 13:55:20 \| 00,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime [2009/10/31 13:55:20 \| 00,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime [2009/10/31 13:55:19 \| 00,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime [2009/10/31 13:55:19 \| 00,069,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime [2009/10/31 13:55:19 \| 00,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime [2009/10/31 13:55:18 \| 00,079,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime [2009/10/31 13:55:17 \| 00,041,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll [2009/10/31 13:55:17 \| 00,031,232 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys [2009/10/31 13:55:16 \| 00,086,073 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll [2009/10/31 13:55:16 \| 00,048,256 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll [2009/10/31 13:55:15 \| 00,426,041 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll [2009/10/31 13:55:14 \| 00,076,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll [2009/10/31 13:55:13 \| 00,065,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime [2009/10/31 13:55:13 \| 00,014,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe [2009/10/31 13:55:12 \| 00,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll [2009/10/31 13:55:11 \| 00,571,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime [2009/10/31 13:55:11 \| 00,455,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe [2009/10/31 13:55:11 \| 00,044,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe [2009/10/31 13:55:10 \| 00,185,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll [2009/10/31 13:55:10 \| 00,021,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys [2009/10/31 13:55:10 \| 00,019,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys [2009/10/31 13:55:10 \| 00,013,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys [2009/10/31 13:55:08 \| 00,101,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll [2009/10/31 13:55:06 \| 00,143,422 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll [2009/10/31 13:55:06 \| 00,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll [2009/10/31 13:55:05 \| 00,358,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll [2009/10/31 13:55:05 \| 00,188,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll [2009/10/31 13:55:05 \| 00,040,448 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll [2009/10/31 13:55:05 \| 00,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll [2009/10/31 13:55:05 \| 00,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe [2009/10/31 13:55:05 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll [2009/10/31 13:55:04 \| 00,456,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll [2009/10/31 13:55:04 \| 00,259,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll [2009/10/31 13:55:04 \| 00,032,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe [2009/10/31 13:55:03 \| 00,236,544 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe [2009/10/31 13:55:03 \| 00,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll [2009/10/31 13:55:03 \| 00,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll [2009/10/31 13:55:03 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll [2009/10/31 13:55:03 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll [2009/10/31 13:55:02 \| 00,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll [2009/10/31 13:55:02 \| 00,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll [2009/10/31 13:55:02 \| 00,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll [2009/10/31 13:55:02 \| 00,026,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll [2009/10/31 13:55:02 \| 00,026,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll [2009/10/31 13:55:02 \| 00,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll [2009/10/31 13:55:02 \| 00,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll [2009/10/31 13:55:01 \| 00,030,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll [2009/10/31 13:55:01 \| 00,030,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll [2009/10/31 13:55:01 \| 00,029,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll [2009/10/31 13:55:01 \| 00,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll [2009/10/31 13:55:01 \| 00,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll [2009/10/31 13:55:01 \| 00,025,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll [2009/10/31 13:55:00 \| 00,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll [2009/10/31 13:54:58 \| 00,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll [2009/10/31 13:54:57 \| 00,057,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll [2009/10/31 13:54:56 \| 00,079,872 \| ---- \| C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2009/10/31 13:54:56 \| 00,079,872 \| ---- \| C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2009/10/31 13:54:56 \| 00,026,624 \| ---- \| C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2009/10/31 13:54:55 \| 00,024,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll [2009/10/31 13:54:54 \| 00,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime [2009/10/31 13:54:54 \| 00,023,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe [2009/10/31 13:54:53 \| 00,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe [2009/10/31 13:54:52 \| 00,077,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime [2009/10/31 13:54:52 \| 00,020,736 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys [2009/10/31 13:54:52 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe [2009/10/31 13:54:51 \| 00,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe [2009/10/31 13:54:50 \| 00,131,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2009/10/31 13:54:50 \| 00,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2009/10/31 13:54:49 \| 00,482,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2009/10/31 13:54:49 \| 00,070,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2009/10/31 13:54:49 \| 00,067,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2009/10/31 13:54:49 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2009/10/31 13:54:48 \| 00,079,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime [2009/10/31 13:54:48 \| 00,053,760 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll [2009/10/31 13:54:47 \| 00,036,927 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2009/10/31 13:54:47 \| 00,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll [2009/10/31 13:54:47 \| 00,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll [2009/10/31 13:54:47 \| 00,014,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll [2009/10/31 13:54:45 \| 00,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2009/10/31 13:54:42 \| 00,229,439 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2009/10/31 13:54:42 \| 00,111,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe [2009/10/31 13:54:39 \| 00,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe [2009/10/31 13:54:38 \| 01,875,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2009/10/31 13:54:38 \| 00,098,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2009/10/31 13:54:32 \| 00,092,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2009/10/31 13:54:32 \| 00,092,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2009/10/31 13:54:32 \| 00,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe [2009/10/31 13:54:31 \| 00,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2009/10/31 13:54:30 \| 00,022,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll [2009/10/31 13:54:30 \| 00,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll [2009/10/31 13:54:29 \| 00,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll [2009/10/31 13:54:28 \| 00,070,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2009/10/31 13:54:28 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2009/10/31 13:54:27 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2009/10/31 13:54:27 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2009/10/31 13:54:27 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2009/10/31 13:54:27 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2009/10/31 13:54:27 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2009/10/31 13:54:27 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2009/10/31 13:54:26 \| 00,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2009/10/31 13:54:26 \| 00,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2009/10/31 13:54:26 \| 00,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2009/10/31 13:54:26 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2009/10/31 13:54:26 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2009/10/31 13:54:25 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll [2009/10/31 13:54:25 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll [2009/10/31 13:54:25 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2009/10/31 13:54:25 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2009/10/31 13:54:25 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2009/10/31 13:54:25 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2009/10/31 13:54:24 \| 00,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll [2009/10/31 13:54:24 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2009/10/31 13:54:24 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2009/10/31 13:54:24 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2009/10/31 13:54:24 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2009/10/31 13:54:24 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2009/10/31 13:54:23 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll [2009/10/31 13:54:23 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2009/10/31 13:54:23 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2009/10/31 13:54:23 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2009/10/31 13:54:23 \| 00,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2009/10/31 13:54:22 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll [2009/10/31 13:54:22 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll [2009/10/31 13:54:22 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll [2009/10/31 13:54:22 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2009/10/31 13:54:22 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2009/10/31 13:54:22 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2009/10/31 13:54:22 \| 00,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2009/10/31 13:54:22 \| 00,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2009/10/31 13:54:21 \| 00,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll [2009/10/31 13:54:21 \| 00,018,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2009/10/31 13:54:19 \| 00,471,102 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2009/10/31 13:54:19 \| 00,315,452 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2009/10/31 13:54:19 \| 00,102,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2009/10/31 13:54:19 \| 00,059,904 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe [2009/10/31 13:54:18 \| 00,274,489 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2009/10/31 13:54:18 \| 00,262,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2009/10/31 13:54:18 \| 00,233,527 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2009/10/31 13:54:18 \| 00,208,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2009/10/31 13:54:18 \| 00,045,109 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2009/10/31 13:54:17 \| 00,716,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2009/10/31 13:54:17 \| 00,307,257 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2009/10/31 13:54:17 \| 00,155,705 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2009/10/31 13:54:17 \| 00,081,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2009/10/31 13:54:17 \| 00,057,398 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2009/10/31 13:54:16 \| 00,811,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2009/10/31 13:54:16 \| 00,368,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2009/10/31 13:54:16 \| 00,340,023 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2009/10/31 13:54:16 \| 00,311,359 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2009/10/31 13:54:15 \| 00,106,496 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll [2009/10/31 13:54:15 \| 00,102,463 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2009/10/31 13:54:15 \| 00,094,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime [2009/10/31 13:54:15 \| 00,086,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll [2009/10/31 13:54:15 \| 00,044,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe [2009/10/31 13:54:11 \| 10,129,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll [2009/10/31 13:54:04 \| 10,096,640 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2009/10/31 13:54:03 \| 00,039,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll [2009/10/31 13:54:02 \| 00,036,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll [2009/10/31 13:54:01 \| 00,400,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll [2009/10/31 13:54:01 \| 00,397,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll [2009/10/31 13:54:01 \| 00,246,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll [2009/10/31 13:54:01 \| 00,192,512 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll [2009/10/31 13:54:01 \| 00,154,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll [2009/10/31 13:54:00 \| 00,562,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll [2009/10/31 13:54:00 \| 00,267,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe [2009/10/31 13:54:00 \| 00,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2009/10/31 13:54:00 \| 00,023,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll [2009/10/31 13:54:00 \| 00,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2009/10/31 13:54:00 \| 00,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll [2009/10/31 13:54:00 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll [2009/10/31 13:53:59 \| 00,285,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll [2009/10/31 13:53:59 \| 00,229,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe [2009/10/31 13:53:59 \| 00,132,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2009/10/31 13:53:59 \| 00,072,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll [2009/10/31 13:53:59 \| 00,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll [2009/10/31 13:53:59 \| 00,027,136 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll [2009/10/31 13:53:59 \| 00,023,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll [2009/10/31 13:53:58 \| 00,452,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll [2009/10/31 13:53:58 \| 00,143,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe [2009/10/31 13:53:58 \| 00,111,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2009/10/31 13:53:58 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2009/10/31 13:53:57 \| 00,020,541 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll [2009/10/31 13:53:56 \| 00,618,605 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll [2009/10/31 13:53:56 \| 00,024,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe [2009/10/31 13:53:55 \| 00,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2009/10/31 13:53:55 \| 00,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2009/10/31 13:53:55 \| 00,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll [2009/10/31 13:53:54 \| 00,101,888 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll [2009/10/31 13:53:54 \| 00,092,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe [2009/10/31 13:53:54 \| 00,025,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2009/10/31 13:53:54 \| 00,024,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe [2009/10/31 13:53:53 \| 00,057,856 \| ---- \| C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2009/10/31 13:53:53 \| 00,045,056 \| ---- \| C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2009/10/31 13:53:53 \| 00,031,744 \| ---- \| C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2009/10/31 13:53:52 \| 00,514,587 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll [2009/10/31 13:53:48 \| 00,078,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime [2009/10/31 13:53:47 \| 00,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2009/10/31 13:53:46 \| 00,057,399 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe [2009/10/31 13:53:44 \| 00,480,256 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2009/10/31 13:53:44 \| 00,198,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2009/10/31 13:53:44 \| 00,021,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2009/10/31 13:53:43 \| 00,097,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2009/10/31 13:53:43 \| 00,056,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2009/10/31 13:53:42 \| 01,677,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2009/10/31 13:53:42 \| 00,838,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2009/10/31 13:53:41 \| 00,078,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime [2009/10/31 13:53:41 \| 00,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2009/10/31 13:53:41 \| 00,014,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2009/10/31 13:53:41 \| 00,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2009/10/31 13:53:41 \| 00,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2009/10/31 13:53:40 \| 00,054,528 \| ---- \| C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2009/10/31 13:53:39 \| 00,218,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll [2009/10/31 13:53:39 \| 00,010,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2009/10/31 13:53:39 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll [2009/10/31 13:53:28 \| 00,331,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll [2009/10/31 13:53:27 \| 00,045,056 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2009/10/31 13:53:27 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll [2009/10/31 13:53:27 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll [2009/10/31 13:53:27 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll [2009/10/31 13:53:27 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll [2009/10/31 13:53:26 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll [2009/10/31 13:53:26 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll [2009/10/31 13:53:26 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2009/10/31 13:53:21 \| 00,032,827 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe [2009/10/31 13:53:21 \| 00,016,437 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe [2009/10/31 13:53:21 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll [2009/10/31 13:53:20 \| 00,020,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll [2009/10/31 13:53:16 \| 00,598,071 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll [2009/10/31 13:53:16 \| 00,208,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll [2009/10/31 13:53:16 \| 00,020,541 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll [2009/10/31 13:53:16 \| 00,020,538 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe [2009/10/31 13:53:15 \| 00,876,653 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll [2009/10/31 13:53:15 \| 00,188,494 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe [2009/10/31 13:53:15 \| 00,109,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe [2009/10/31 13:53:15 \| 00,049,212 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll [2009/10/31 13:53:15 \| 00,032,826 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll [2009/10/31 13:53:15 \| 00,014,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe [2009/10/31 13:53:14 \| 00,184,435 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll [2009/10/31 13:53:14 \| 00,147,513 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll [2009/10/31 13:53:14 \| 00,102,509 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll [2009/10/31 13:53:14 \| 00,082,035 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll [2009/10/31 13:53:14 \| 00,049,210 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll [2009/10/31 13:53:14 \| 00,041,020 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll [2009/10/31 13:53:13 \| 00,188,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe [2009/10/31 13:53:13 \| 00,020,540 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll [2009/10/31 13:53:13 \| 00,016,439 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe [2009/10/31 13:53:13 \| 00,016,439 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe [2009/10/31 13:53:11 \| 00,020,540 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll [2009/10/31 13:53:09 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\xircom [2009/10/31 13:53:09 \| 00,000,000 \| ---D \| C] -- C:\Program Files\xerox [2009/10/31 13:53:09 \| 00,000,000 \| ---D \| C] -- C:\Program Files\microsoft frontpage [2009/10/31 13:52:42 \| 00,112,128 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll [2009/10/31 13:52:02 \| 00,000,000 \| -HSD \| C] -- C:\Documents and Settings\All Users\DRM [2009/10/31 13:51:53 \| 00,000,000 \| --SD \| C] -- C:\WINDOWS\Downloaded Program Files [2009/10/31 13:51:53 \| 00,000,000 \| R--D \| C] -- C:\WINDOWS\Offline Web Pages [2009/10/31 13:51:42 \| 00,000,000 \| -H-D \| C] -- C:\Program Files\WindowsUpdate [2009/10/31 13:51:19 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\DirectX [2009/10/31 13:50:54 \| 00,028,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe [2009/10/31 13:50:52 \| 00,099,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe [2009/10/31 13:50:52 \| 00,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe [2009/10/31 13:50:52 \| 00,021,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll [2009/10/31 13:50:52 \| 00,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll [2009/10/31 13:50:52 \| 00,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll [2009/10/31 13:50:52 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll [2009/10/31 13:50:43 \| 00,047,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe [2009/10/31 13:50:42 \| 00,118,784 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm [2009/10/31 13:50:42 \| 00,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll [2009/10/31 13:50:42 \| 00,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll [2009/10/31 13:50:41 \| 00,064,512 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll [2009/10/31 13:50:41 \| 00,064,512 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll [2009/10/31 13:50:41 \| 00,039,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe [2009/10/31 13:50:41 \| 00,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe [2009/10/31 13:50:41 \| 00,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe [2009/10/31 13:50:40 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Services [2009/10/31 13:50:36 \| 00,073,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe [2009/10/31 13:50:36 \| 00,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll [2009/10/31 13:50:36 \| 00,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll [2009/10/31 13:50:36 \| 00,025,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll [2009/10/31 13:50:36 \| 00,023,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll [2009/10/31 13:50:36 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe [2009/10/31 13:50:36 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll [2009/10/31 13:50:36 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll [2009/10/31 13:50:36 \| 00,000,000 \| --SD \| C] -- C:\WINDOWS\Tasks [2009/10/31 13:50:35 \| 00,235,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll [2009/10/31 13:50:35 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\MSSoap [2009/10/31 13:50:34 \| 00,093,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx [2009/10/31 13:50:32 \| 00,725,566 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll [2009/10/31 13:50:32 \| 00,058,434 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll [2009/10/31 13:50:31 \| 03,166,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll [2009/10/31 13:50:31 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\srchasst [2009/10/31 13:50:30 \| 00,848,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll [2009/10/31 13:50:30 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Macromed [2009/10/31 13:50:29 \| 00,774,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2009/10/31 13:50:29 \| 00,098,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2009/10/31 13:50:28 \| 00,786,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe [2009/10/31 13:50:28 \| 00,368,640 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll [2009/10/31 13:50:28 \| 00,221,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2009/10/31 13:50:28 \| 00,028,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll [2009/10/31 13:50:27 \| 00,364,544 \| ---- \| C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll [2009/10/31 13:50:27 \| 00,226,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll [2009/10/31 13:50:27 \| 00,073,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2009/10/31 13:50:27 \| 00,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll [2009/10/31 13:50:26 \| 00,323,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll [2009/10/31 13:50:26 \| 00,323,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll [2009/10/31 13:50:26 \| 00,202,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll [2009/10/31 13:50:26 \| 00,202,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll [2009/10/31 13:50:26 \| 00,183,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll [2009/10/31 13:50:26 \| 00,183,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll [2009/10/31 13:50:26 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll [2009/10/31 13:50:26 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll [2009/10/31 13:50:25 \| 01,809,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll [2009/10/31 13:50:25 \| 01,809,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll [2009/10/31 13:50:25 \| 00,561,688 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll [2009/10/31 13:50:25 \| 00,561,688 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll [2009/10/31 13:50:25 \| 00,213,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl [2009/10/31 13:50:25 \| 00,213,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl [2009/10/31 13:50:25 \| 00,165,888 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe [2009/10/31 13:50:25 \| 00,165,888 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe [2009/10/31 13:50:25 \| 00,051,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe [2009/10/31 13:50:25 \| 00,051,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe [2009/10/31 13:50:25 \| 00,034,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll [2009/10/31 13:50:25 \| 00,034,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll [2009/10/31 13:50:25 \| 00,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll [2009/10/31 13:50:25 \| 00,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll [2009/10/31 13:50:25 \| 00,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll [2009/10/31 13:50:25 \| 00,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll [2009/10/31 13:50:24 \| 00,382,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll [2009/10/31 13:50:24 \| 00,382,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll [2009/10/31 13:50:24 \| 00,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll [2009/10/31 13:50:24 \| 00,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll [2009/10/31 13:50:22 \| 04,256,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll [2009/10/31 13:50:22 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll [2009/10/31 13:50:22 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll [2009/10/31 13:50:21 \| 00,502,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll [2009/10/31 13:50:21 \| 00,402,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll [2009/10/31 13:50:21 \| 00,325,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll [2009/10/31 13:50:21 \| 00,167,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll [2009/10/31 13:50:21 \| 00,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll [2009/10/31 13:50:20 \| 03,555,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2009/10/31 13:50:20 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Movie Maker [2009/10/31 13:50:18 \| 00,561,664 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll [2009/10/31 13:50:18 \| 00,122,368 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll [2009/10/31 13:50:18 \| 00,030,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll [2009/10/31 13:50:18 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll [2009/10/31 13:50:17 \| 00,051,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe [2009/10/31 13:50:17 \| 00,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll [2009/10/31 13:50:15 \| 00,150,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe [2009/10/31 13:50:15 \| 00,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll [2009/10/31 13:50:15 \| 00,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll [2009/10/31 13:50:15 \| 00,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll [2009/10/31 13:50:15 \| 00,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll [2009/10/31 13:50:15 \| 00,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll [2009/10/31 13:50:15 \| 00,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll [2009/10/31 13:50:15 \| 00,029,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll [2009/10/31 13:50:15 \| 00,029,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll [2009/10/31 13:50:14 \| 00,102,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll [2009/10/31 13:50:14 \| 00,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll [2009/10/31 13:50:13 \| 00,158,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe [2009/10/31 13:50:12 \| 00,768,512 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe [2009/10/31 13:50:12 \| 00,743,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2009/10/31 13:50:12 \| 00,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe [2009/10/31 13:50:11 \| 00,380,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe [2009/10/31 13:50:11 \| 00,124,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys [2009/10/31 13:50:11 \| 00,124,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys [2009/10/31 13:50:11 \| 00,022,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe [2009/10/31 13:50:11 \| 00,022,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe [2009/10/31 13:50:11 \| 00,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll [2009/10/31 13:50:11 \| 00,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll [2009/10/31 13:50:10 \| 00,239,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll [2009/10/31 13:50:10 \| 00,239,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll [2009/10/31 13:50:10 \| 00,170,496 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll [2009/10/31 13:50:10 \| 00,170,496 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll [2009/10/31 13:50:10 \| 00,073,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys [2009/10/31 13:50:10 \| 00,073,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys [2009/10/31 13:50:10 \| 00,067,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll [2009/10/31 13:50:10 \| 00,067,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll [2009/10/31 13:50:10 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Restore [2009/10/31 13:50:09 \| 00,188,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv [2009/10/31 13:50:09 \| 00,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll [2009/10/31 13:50:09 \| 00,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll [2009/10/31 13:50:09 \| 00,069,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll [2009/10/31 13:50:09 \| 00,069,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll [2009/10/31 13:50:09 \| 00,034,560 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll [2009/10/31 13:50:09 \| 00,034,560 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll [2009/10/31 13:50:09 \| 00,032,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe [2009/10/31 13:50:09 \| 00,032,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe [2009/10/31 13:50:09 \| 00,032,768 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll [2009/10/31 13:50:09 \| 00,032,768 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll [2009/10/31 13:50:09 \| 00,028,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll [2009/10/31 13:50:09 \| 00,028,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll [2009/10/31 13:50:08 \| 00,385,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll [2009/10/31 13:50:08 \| 00,229,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll [2009/10/31 13:50:08 \| 00,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll [2009/10/31 13:50:08 \| 00,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll [2009/10/31 13:50:08 \| 00,028,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll [2009/10/31 13:50:07 \| 00,274,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll [2009/10/31 13:50:07 \| 00,221,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll [2009/10/31 13:50:07 \| 00,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll [2009/10/31 13:50:07 \| 00,077,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll [2009/10/31 13:50:07 \| 00,057,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll [2009/10/31 13:50:07 \| 00,057,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll [2009/10/31 13:50:07 \| 00,045,056 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll [2009/10/31 13:50:06 \| 01,032,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe [2009/10/31 13:50:06 \| 00,188,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll [2009/10/31 13:50:06 \| 00,172,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll [2009/10/31 13:50:06 \| 00,151,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll [2009/10/31 13:50:06 \| 00,105,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll [2009/10/31 13:50:06 \| 00,105,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll [2009/10/31 13:50:06 \| 00,000,000 \| ---D \| C] -- C:\Program Files\NetMeeting [2009/10/31 13:50:05 \| 00,504,832 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll [2009/10/31 13:50:05 \| 00,252,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll [2009/10/31 13:50:05 \| 00,252,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll [2009/10/31 13:50:05 \| 00,084,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll [2009/10/31 13:50:05 \| 00,046,080 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2009/10/31 13:50:05 \| 00,032,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll [2009/10/31 13:50:05 \| 00,030,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe [2009/10/31 13:50:04 \| 00,678,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll [2009/10/31 13:50:04 \| 00,678,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2009/10/31 13:50:04 \| 00,249,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll [2009/10/31 13:50:04 \| 00,081,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll [2009/10/31 13:50:04 \| 00,048,128 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll [2009/10/31 13:50:04 \| 00,048,128 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll [2009/10/31 13:50:03 \| 01,311,232 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll [2009/10/31 13:50:03 \| 00,104,448 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll [2009/10/31 13:50:03 \| 00,060,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe [2009/10/31 13:50:02 \| 02,479,616 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll [2009/10/31 13:50:02 \| 00,060,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe [2009/10/31 13:50:02 \| 00,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll [2009/10/31 13:50:01 \| 00,274,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll [2009/10/31 13:50:01 \| 00,274,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll [2009/10/31 13:50:01 \| 00,190,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll [2009/10/31 13:50:01 \| 00,190,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll [2009/10/31 13:50:01 \| 00,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe [2009/10/31 13:50:01 \| 00,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe [2009/10/31 13:50:01 \| 00,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe [2009/10/31 13:50:01 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Outlook Express [2009/10/31 13:50:00 \| 00,274,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll [2009/10/31 13:50:00 \| 00,274,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll [2009/10/31 13:50:00 \| 00,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll [2009/10/31 13:50:00 \| 00,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll [2009/10/31 13:50:00 \| 00,073,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll [2009/10/31 13:50:00 \| 00,073,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll [2009/10/31 13:50:00 \| 00,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll [2009/10/31 13:50:00 \| 00,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll [2009/10/31 13:49:59 \| 00,172,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll [2009/10/31 13:49:59 \| 00,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll [2009/10/31 13:49:59 \| 00,049,152 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll [2009/10/31 13:49:59 \| 00,032,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll [2009/10/31 13:49:59 \| 00,024,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe [2009/10/31 13:49:58 \| 00,561,179 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll [2009/10/31 13:49:58 \| 00,217,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll [2009/10/31 13:49:58 \| 00,214,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe [2009/10/31 13:49:58 \| 00,086,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe [2009/10/31 13:49:58 \| 00,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe [2009/10/31 13:49:57 \| 00,487,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll [2009/10/31 13:49:57 \| 00,204,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll [2009/10/31 13:49:57 \| 00,094,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll [2009/10/31 13:49:57 \| 00,077,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll [2009/10/31 13:49:57 \| 00,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll [2009/10/31 13:49:56 \| 00,315,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll [2009/10/31 13:49:56 \| 00,233,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll [2009/10/31 13:49:56 \| 00,024,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll [2009/10/31 13:49:56 \| 00,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll [2009/10/31 13:49:56 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll [2009/10/31 13:49:56 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll [2009/10/31 13:49:56 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll [2009/10/31 13:49:56 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll [2009/10/31 13:49:56 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll [2009/10/31 13:49:56 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll [2009/10/31 13:49:56 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll [2009/10/31 13:49:55 \| 00,200,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll [2009/10/31 13:49:55 \| 00,180,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll [2009/10/31 13:49:55 \| 00,102,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll [2009/10/31 13:49:55 \| 00,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb [2009/10/31 13:49:55 \| 00,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb [2009/10/31 13:49:55 \| 00,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb [2009/10/31 13:49:55 \| 00,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb [2009/10/31 13:49:55 \| 00,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb [2009/10/31 13:49:55 \| 00,057,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll [2009/10/31 13:49:55 \| 00,057,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll [2009/10/31 13:49:54 \| 00,536,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll [2009/10/31 13:49:54 \| 00,200,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll [2009/10/31 13:49:54 \| 00,118,784 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll [2009/10/31 13:49:54 \| 00,036,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll [2009/10/31 13:49:54 \| 00,024,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll [2009/10/31 13:49:54 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll [2009/10/31 13:49:53 \| 00,331,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2009/10/31 13:49:53 \| 00,155,648 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll [2009/10/31 13:49:53 \| 00,143,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll [2009/10/31 13:49:53 \| 00,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll [2009/10/31 13:49:53 \| 00,053,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll [2009/10/31 13:49:53 \| 00,024,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll [2009/10/31 13:49:53 \| 00,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll [2009/10/31 13:49:53 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll [2009/10/31 13:49:53 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll [2009/10/31 13:49:53 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll [2009/10/31 13:49:52 \| 00,153,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll [2009/10/31 13:49:52 \| 00,128,000 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx [2009/10/31 13:49:52 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\System [2009/10/31 13:49:51 \| 00,093,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe [2009/10/31 13:49:51 \| 00,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll [2009/10/31 13:49:51 \| 00,018,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe [2009/10/31 13:49:51 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Internet Explorer [2009/10/31 13:49:50 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Documents\My Pictures [2009/10/31 13:49:40 \| 00,000,000 \| ---D \| C] -- C:\Program Files\ComPlus Applications [2009/10/31 13:49:33 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Registration [2009/10/31 13:49:06 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Documents\My Music [2009/10/31 13:49:06 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Windows Media Player [2009/10/31 13:49:06 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Online Services [2009/10/31 13:49:01 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Messenger [2009/10/31 13:49:00 \| 01,817,687 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll [2009/10/31 13:49:00 \| 00,042,577 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe [2009/10/31 13:48:59 \| 02,178,131 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll [2009/10/31 13:48:59 \| 00,780,885 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll [2009/10/31 13:48:59 \| 00,753,236 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll [2009/10/31 13:48:59 \| 00,082,501 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll [2009/10/31 13:48:59 \| 00,066,113 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll [2009/10/31 13:48:59 \| 00,048,706 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll [2009/10/31 13:48:59 \| 00,042,575 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe [2009/10/31 13:48:59 \| 00,042,574 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe [2009/10/31 13:48:59 \| 00,042,573 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe [2009/10/31 13:48:59 \| 00,040,515 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll [2009/10/31 13:48:58 \| 01,175,635 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll [2009/10/31 13:48:58 \| 00,057,409 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll [2009/10/31 13:48:58 \| 00,042,573 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe [2009/10/31 13:48:58 \| 00,041,029 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll [2009/10/31 13:48:58 \| 00,032,339 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll [2009/10/31 13:48:58 \| 00,013,894 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll [2009/10/31 13:48:58 \| 00,004,677 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll [2009/10/31 13:48:57 \| 01,039,955 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll [2009/10/31 13:48:57 \| 00,217,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll [2009/10/31 13:48:57 \| 00,113,222 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll [2009/10/31 13:48:57 \| 00,036,937 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe [2009/10/31 13:48:57 \| 00,029,760 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll [2009/10/31 13:48:56 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe [2009/10/31 13:48:56 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe [2009/10/31 13:48:56 \| 00,000,000 \| ---D \| C] -- C:\Program Files\MSN Gaming Zone [2009/10/31 13:48:44 \| 00,138,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe [2009/10/31 13:48:44 \| 00,138,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe [2009/10/31 13:48:44 \| 00,044,544 \| ---- \| C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll [2009/10/31 13:48:44 \| 00,013,312 \| ---- \| C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll [2009/10/31 13:48:43 \| 00,227,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll [2009/10/31 13:48:43 \| 00,227,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll [2009/10/31 13:48:43 \| 00,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll [2009/10/31 13:48:43 \| 00,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll [2009/10/31 13:48:43 \| 00,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe [2009/10/31 13:48:43 \| 00,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe [2009/10/31 13:48:43 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll [2009/10/31 13:48:43 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll [2009/10/31 13:48:34 \| 00,605,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll [2009/10/31 13:48:34 \| 00,605,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll [2009/10/31 13:48:33 \| 00,114,688 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe [2009/10/31 13:48:33 \| 00,114,688 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe [2009/10/31 13:48:33 \| 00,080,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe [2009/10/31 13:48:33 \| 00,080,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe [2009/10/31 13:48:33 \| 00,056,832 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe [2009/10/31 13:48:33 \| 00,056,832 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe [2009/10/31 13:48:32 \| 00,126,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe [2009/10/31 13:48:32 \| 00,126,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe [2009/10/31 13:48:32 \| 00,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe [2009/10/31 13:48:32 \| 00,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe [2009/10/31 13:48:32 \| 00,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe [2009/10/31 13:48:32 \| 00,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe [2009/10/31 13:48:32 \| 00,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe [2009/10/31 13:48:32 \| 00,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe [2009/10/31 13:48:31 \| 00,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe [2009/10/31 13:48:31 \| 00,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe [2009/10/31 13:48:31 \| 00,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe [2009/10/31 13:48:31 \| 00,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe [2009/10/31 13:48:31 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe [2009/10/31 13:48:31 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe [2009/10/31 13:48:31 \| 00,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe [2009/10/31 13:48:31 \| 00,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe [2009/10/31 13:48:31 \| 00,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe [2009/10/31 13:48:31 \| 00,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe [2009/10/31 13:48:31 \| 00,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe [2009/10/31 13:48:31 \| 00,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe [2009/10/31 13:48:31 \| 00,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe [2009/10/31 13:48:31 \| 00,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe [2009/10/31 13:48:30 \| 00,022,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe [2009/10/31 13:48:30 \| 00,022,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe [2009/10/31 13:48:30 \| 00,020,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe [2009/10/31 13:48:30 \| 00,020,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe [2009/10/31 13:48:30 \| 00,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe [2009/10/31 13:48:30 \| 00,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe [2009/10/31 13:48:30 \| 00,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll [2009/10/31 13:48:30 \| 00,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll [2009/10/31 13:48:30 \| 00,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe [2009/10/31 13:48:30 \| 00,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe [2009/10/31 13:48:30 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll [2009/10/31 13:48:30 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll [2009/10/31 13:48:29 \| 00,025,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll [2009/10/31 13:48:29 \| 00,025,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll [2009/10/31 13:48:29 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb [2009/10/31 13:48:29 \| 00,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe [2009/10/31 13:48:29 \| 00,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe [2009/10/31 13:48:29 \| 00,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe [2009/10/31 13:48:29 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll [2009/10/31 13:48:29 \| 00,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll [2009/10/31 13:48:28 \| 00,147,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll [2009/10/31 13:48:28 \| 00,147,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll [2009/10/31 13:48:28 \| 00,082,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll [2009/10/31 13:48:28 \| 00,082,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll [2009/10/31 13:48:28 \| 00,054,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll [2009/10/31 13:48:28 \| 00,054,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll [2009/10/31 13:48:28 \| 00,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll [2009/10/31 13:48:28 \| 00,025,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll [2009/10/31 13:48:28 \| 00,025,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll [2009/10/31 13:48:28 \| 00,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll [2009/10/31 13:48:28 \| 00,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll [2009/10/31 13:48:23 \| 00,116,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll [2009/10/31 13:48:23 \| 00,075,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll [2009/10/31 13:48:23 \| 00,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll [2009/10/31 13:48:23 \| 00,059,904 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb [2009/10/31 13:48:23 \| 00,052,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll [2009/10/31 13:48:23 \| 00,031,232 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb [2009/10/31 13:48:23 \| 00,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe [2009/10/31 13:48:23 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll [2009/10/31 13:48:23 \| 00,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe [2009/10/31 13:48:23 \| 00,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll [2009/10/31 13:48:22 \| 00,273,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll [2009/10/31 13:48:22 \| 00,120,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll [2009/10/31 13:48:22 \| 00,061,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll [2009/10/31 13:48:22 \| 00,059,904 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll [2009/10/31 13:48:22 \| 00,053,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll [2009/10/31 13:48:22 \| 00,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll [2009/10/31 13:48:11 \| 00,000,000 \| ---D \| C] -- C:\Program Files\MSN [2009/10/31 13:48:10 \| 00,281,088 \| ---- \| C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2009/10/31 13:48:10 \| 00,214,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe [2009/10/31 13:48:10 \| 00,183,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe [2009/10/31 13:48:10 \| 00,183,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe [2009/10/31 13:48:10 \| 00,068,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl [2009/10/31 13:48:10 \| 00,068,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl [2009/10/31 13:48:09 \| 00,539,136 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe [2009/10/31 13:48:09 \| 00,345,088 \| ---- \| C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll [2009/10/31 13:48:09 \| 00,131,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe [2009/10/31 13:48:09 \| 00,131,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe [2009/10/31 13:48:09 \| 00,123,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe [2009/10/31 13:48:09 \| 00,123,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2009/10/31 13:48:08 \| 00,538,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe [2009/10/31 13:48:08 \| 00,538,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe [2009/10/31 13:48:08 \| 00,343,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe [2009/10/31 13:48:08 \| 00,343,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe [2009/10/31 13:48:08 \| 00,102,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe [2009/10/31 13:48:08 \| 00,102,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe [2009/10/31 13:48:08 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Windows NT [2009/10/31 13:48:07 \| 00,139,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys [2009/10/31 13:48:07 \| 00,139,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2009/10/31 13:48:07 \| 00,093,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll [2009/10/31 13:48:07 \| 00,093,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll [2009/10/31 13:48:07 \| 00,021,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys [2009/10/31 13:48:07 \| 00,021,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys [2009/10/31 13:48:07 \| 00,012,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys [2009/10/31 13:48:07 \| 00,012,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys [2009/10/31 13:48:06 \| 00,655,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll [2009/10/31 13:48:06 \| 00,655,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll [2009/10/31 13:48:06 \| 00,407,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe [2009/10/31 13:48:06 \| 00,407,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe [2009/10/31 13:48:06 \| 00,147,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll [2009/10/31 13:48:06 \| 00,147,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll [2009/10/31 13:48:06 \| 00,140,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe [2009/10/31 13:48:06 \| 00,140,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe [2009/10/31 13:48:06 \| 00,067,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe [2009/10/31 13:48:06 \| 00,067,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe [2009/10/31 13:48:06 \| 00,060,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll [2009/10/31 13:48:06 \| 00,060,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll [2009/10/31 13:48:06 \| 00,044,544 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe [2009/10/31 13:48:06 \| 00,044,544 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe [2009/10/31 13:48:06 \| 00,013,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe [2009/10/31 13:48:06 \| 00,013,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe [2009/10/31 13:48:05 \| 00,295,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll [2009/10/31 13:48:05 \| 00,295,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll [2009/10/31 13:48:05 \| 00,087,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll [2009/10/31 13:48:05 \| 00,087,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll [2009/10/31 13:48:05 \| 00,062,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe [2009/10/31 13:48:05 \| 00,062,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe [2009/10/31 13:48:05 \| 00,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll [2009/10/31 13:48:05 \| 00,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll [2009/10/31 13:48:05 \| 00,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe [2009/10/31 13:48:05 \| 00,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe [2009/10/31 13:48:05 \| 00,019,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll [2009/10/31 13:48:05 \| 00,019,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll [2009/10/31 13:48:05 \| 00,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll [2009/10/31 13:48:05 \| 00,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll [2009/10/31 13:48:04 \| 00,949,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll [2009/10/31 13:48:04 \| 00,949,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll [2009/10/31 13:48:04 \| 00,425,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll [2009/10/31 13:48:04 \| 00,425,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll [2009/10/31 13:48:04 \| 00,161,280 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll [2009/10/31 13:48:04 \| 00,161,280 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll [2009/10/31 13:48:04 \| 00,090,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll [2009/10/31 13:48:04 \| 00,090,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll [2009/10/31 13:48:04 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\MsDtc [2009/10/31 13:48:03 \| 00,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll [2009/10/31 13:48:03 \| 00,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll [2009/10/31 13:48:03 \| 00,011,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll [2009/10/31 13:48:03 \| 00,011,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll [2009/10/31 13:48:03 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe [2009/10/31 13:48:03 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe [2009/10/31 13:48:02 \| 00,628,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll [2009/10/31 13:48:02 \| 00,628,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll [2009/10/31 13:48:02 \| 00,195,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll [2009/10/31 13:48:02 \| 00,110,080 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll [2009/10/31 13:48:02 \| 00,110,080 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll [2009/10/31 13:48:02 \| 00,085,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll [2009/10/31 13:48:02 \| 00,085,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll [2009/10/31 13:48:02 \| 00,062,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll [2009/10/31 13:48:02 \| 00,062,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll [2009/10/31 13:48:02 \| 00,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe [2009/10/31 13:48:02 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Com [2009/10/31 13:48:01 \| 01,251,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll [2009/10/31 13:48:01 \| 01,251,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll [2009/10/31 13:48:01 \| 00,540,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll [2009/10/31 13:48:01 \| 00,540,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll [2009/10/31 13:48:01 \| 00,229,888 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll [2009/10/31 13:48:01 \| 00,229,888 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll [2009/10/31 13:48:00 \| 00,501,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll [2009/10/31 13:48:00 \| 00,501,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll [2009/10/31 13:47:59 \| 00,437,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll [2009/10/31 13:47:59 \| 00,218,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe [2009/10/31 13:47:59 \| 00,144,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll [2009/10/31 13:47:59 \| 00,144,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll [2009/10/31 13:47:59 \| 00,095,232 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll [2009/10/31 13:47:59 \| 00,041,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll [2009/10/31 13:47:58 \| 00,197,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll [2009/10/31 13:47:58 \| 00,196,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe [2009/10/31 13:47:58 \| 00,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll [2009/10/31 13:47:58 \| 00,140,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll [2009/10/31 13:47:58 \| 00,132,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll [2009/10/31 13:47:58 \| 00,126,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe [2009/10/31 13:47:58 \| 00,116,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe [2009/10/31 13:47:58 \| 00,089,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll [2009/10/31 13:47:58 \| 00,062,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll [2009/10/31 13:47:58 \| 00,062,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll [2009/10/31 13:47:58 \| 00,060,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll [2009/10/31 13:47:58 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll [2009/10/31 13:47:57 \| 00,530,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll [2009/10/31 13:47:57 \| 00,273,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll [2009/10/31 13:47:57 \| 00,214,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll [2009/10/31 13:47:57 \| 00,196,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll [2009/10/31 13:47:57 \| 00,178,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll [2009/10/31 13:47:57 \| 00,071,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll [2009/10/31 13:47:57 \| 00,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll [2009/10/31 13:47:57 \| 00,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll [2009/10/31 13:47:56 \| 00,237,056 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll [2009/10/31 13:47:56 \| 00,212,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll [2009/10/31 13:47:56 \| 00,177,152 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll [2009/10/31 13:47:56 \| 00,131,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll [2009/10/31 13:47:56 \| 00,086,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll [2009/10/31 13:47:56 \| 00,036,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe [2009/10/31 13:47:55 \| 00,185,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll [2009/10/31 13:47:55 \| 00,123,904 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll [2009/10/31 13:47:55 \| 00,047,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll [2009/10/31 13:47:55 \| 00,024,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll [2009/10/31 13:47:55 \| 00,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe [2009/10/31 13:47:54 \| 00,472,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll [2009/10/31 13:47:54 \| 00,247,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll [2009/10/31 13:47:53 \| 01,352,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll [2009/10/31 13:47:53 \| 00,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll [2009/10/31 13:47:53 \| 00,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll [2009/10/31 13:47:53 \| 00,056,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll [2009/10/31 13:47:53 \| 00,056,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll [2009/10/31 13:47:53 \| 00,017,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll [2009/10/31 13:47:53 \| 00,017,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll [2009/10/31 13:47:52 \| 00,185,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll [2009/10/31 13:47:52 \| 00,185,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll [2009/10/31 13:47:50 \| 00,196,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys [2009/10/31 13:47:50 \| 00,040,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys [2009/10/31 13:43:59 \| 00,000,000 \| ---D \| C] -- C:\RECYCLER [2009/10/31 13:39:32 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\WinPatrol [2009/10/31 13:35:46 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\Thinstall [2009/10/31 13:31:42 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Local Settings\Application Data\Mozilla [2009/10/31 13:31:42 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\Mozilla [2009/10/31 13:30:43 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\RoboForm [2009/10/31 13:30:21 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Siber Systems [2009/10/31 13:28:06 \| 00,000,000 \| ---D \| C] -- C:\Program Files\COMODO [2009/10/31 13:27:41 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Adobe [2009/10/31 13:27:27 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Mozilla Firefox(2) [2009/10/31 13:27:12 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Free Download Manager [2009/10/31 13:27:05 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Java [2009/10/31 13:26:19 \| 00,000,000 \| ---D \| C] -- C:\Program Files\SpywareGuard [2009/10/31 13:26:05 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Unlocker [2009/10/31 13:25:45 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Home\Application Data\Sun [2009/10/31 07:40:54 \| 00,003,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys [2009/10/31 07:40:10 \| 00,057,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys [2009/10/31 07:39:39 \| 00,006,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys [2009/10/31 07:39:35 \| 00,027,165 \| ---- \| C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\drivers\fetnd5.sys [2009/10/31 07:39:27 \| 00,044,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\UAGP35.SYS [2009/10/31 07:39:24 \| 00,606,684 \| ---- \| C] (LT) -- C:\WINDOWS\System32\drivers\ltmdmnt.sys [2009/10/31 07:39:12 \| 00,074,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll [2009/10/31 07:38:19 \| 00,000,000 \| -HSD \| C] -- C:\WINDOWS\Installer [2009/10/31 07:38:18 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\ODBC [2009/10/31 07:38:17 \| 00,077,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll [2009/10/31 07:38:17 \| 00,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll [2009/10/31 07:38:16 \| 00,774,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll [2009/10/31 07:38:15 \| 00,741,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll [2009/10/31 07:38:15 \| 00,155,648 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl [2009/10/31 07:38:15 \| 00,036,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe [2009/10/31 07:38:15 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\SpeechEngines [2009/10/31 07:38:14 \| 00,000,000 \| R--D \| C] -- C:\Program Files [2009/10/31 07:38:14 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Microsoft Shared [2009/10/31 07:38:14 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files [2009/10/31 07:38:13 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll [2009/10/31 07:38:11 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll [2009/10/31 07:38:11 \| 00,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll [2009/10/31 07:38:11 \| 00,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll [2009/10/31 07:38:11 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll [2009/10/31 07:38:11 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll [2009/10/31 07:38:11 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll [2009/10/31 07:38:11 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll [2009/10/31 07:38:08 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll [2009/10/31 07:38:08 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll [2009/10/31 07:38:08 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll [2009/10/31 07:38:08 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll [2009/10/31 07:38:08 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll [2009/10/31 07:38:08 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll [2009/10/31 07:38:08 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll [2009/10/31 07:38:08 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll [2009/10/31 07:38:08 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll [2009/10/31 07:38:08 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll [2009/10/31 07:38:08 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll [2009/10/31 07:38:08 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll [2009/10/31 07:38:08 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll [2009/10/31 07:38:08 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll [2009/10/31 07:38:07 \| 00,022,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll [2009/10/31 07:38:07 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll [2009/10/31 07:38:07 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll [2009/10/31 07:38:07 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll [2009/10/31 07:38:07 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll [2009/10/31 07:38:07 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll [2009/10/31 07:38:07 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll [2009/10/31 07:38:07 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll [2009/10/31 07:38:07 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll [2009/10/31 07:38:07 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll [2009/10/31 07:38:07 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll [2009/10/31 07:38:04 \| 00,008,192 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll [2009/10/31 07:38:04 \| 00,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll [2009/10/31 07:38:04 \| 00,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll [2009/10/31 07:38:04 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll [2009/10/31 07:38:04 \| 00,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll [2009/10/31 07:38:04 \| 00,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll [2009/10/31 07:38:04 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll [2009/10/31 07:38:04 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll [2009/10/31 07:38:04 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll [2009/10/31 07:38:04 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll [2009/10/31 07:38:04 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll [2009/10/31 07:38:04 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll [2009/10/31 07:38:04 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll [2009/10/31 07:38:04 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll [2009/10/31 07:38:01 \| 00,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll [2009/10/31 07:38:01 \| 00,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll [2009/10/31 07:38:01 \| 00,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll [2009/10/31 07:38:01 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll [2009/10/31 07:38:01 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll [2009/10/31 07:38:01 \| 00,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll [2009/10/31 07:38:01 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll [2009/10/31 07:38:01 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll [2009/10/31 07:38:01 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll [2009/10/31 07:38:01 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll [2009/10/31 07:38:00 \| 00,019,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll [2009/10/31 07:38:00 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll [2009/10/31 07:38:00 \| 00,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll [2009/10/31 07:37:58 \| 00,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll [2009/10/31 07:37:58 \| 00,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll [2009/10/31 07:37:58 \| 00,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll [2009/10/31 07:37:58 \| 00,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll [2009/10/31 07:37:58 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll [2009/10/31 07:37:58 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll [2009/10/31 07:37:58 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll [2009/10/31 07:37:58 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll [2009/10/31 07:37:58 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll [2009/10/31 07:37:58 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll [2009/10/31 07:37:58 \| 00,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll [2009/10/31 07:37:58 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll [2009/10/31 07:37:58 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll [2009/10/31 07:37:58 \| 00,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll [2009/10/31 07:37:57 \| 00,007,168 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll [2009/10/31 07:37:57 \| 00,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll [2009/10/31 07:37:57 \| 00,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll [2009/10/31 07:37:57 \| 00,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll [2009/10/31 07:37:57 \| 00,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll [2009/10/31 07:37:57 \| 00,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll [2009/10/31 07:37:57 \| 00,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL [2009/10/31 07:37:57 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll [2009/10/31 07:37:57 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll [2009/10/31 07:37:57 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll [2009/10/31 07:37:57 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll [2009/10/31 07:37:57 \| 00,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll [2009/10/31 07:37:54 \| 00,176,157 \| ---- \| C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll [2009/10/31 07:37:54 \| 00,176,157 \| ---- \| C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll [2009/10/31 07:37:54 \| 00,103,424 \| ---- \| C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll [2009/10/31 07:37:54 \| 00,103,424 \| ---- \| C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll [2009/10/31 07:37:54 \| 00,085,020 \| ---- \| C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll [2009/10/31 07:37:54 \| 00,085,020 \| ---- \| C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll [2009/10/31 07:37:54 \| 00,024,661 \| ---- \| C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2009/10/31 07:37:54 \| 00,024,661 \| ---- \| C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll [2009/10/31 07:37:54 \| 00,013,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV [2009/10/31 07:37:54 \| 00,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2009/10/31 07:37:54 \| 00,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [2009/10/31 07:37:53 \| 00,082,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL [2009/10/31 07:37:53 \| 00,024,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL [2009/10/31 07:37:53 \| 00,019,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL [2009/10/31 07:37:53 \| 00,009,008 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL [2009/10/31 07:37:53 \| 00,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL [2009/10/31 07:37:53 \| 00,004,048 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV [2009/10/31 07:37:53 \| 00,003,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV [2009/10/31 07:37:53 \| 00,002,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV [2009/10/31 07:37:53 \| 00,001,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV [2009/10/31 07:37:52 \| 00,126,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL [2009/10/31 07:37:52 \| 00,073,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV [2009/10/31 07:37:52 \| 00,028,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV [2009/10/31 07:37:52 \| 00,025,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV [2009/10/31 07:37:52 \| 00,009,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL [2009/10/31 07:37:52 \| 00,002,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV [2009/10/31 07:37:52 \| 00,002,000 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV [2009/10/31 07:37:52 \| 00,001,152 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK [2009/10/31 07:37:51 \| 00,109,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL [2009/10/31 07:37:51 \| 00,069,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL [2009/10/31 07:37:51 \| 00,032,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL [2009/10/31 07:37:51 \| 00,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE [2009/10/31 07:37:51 \| 00,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe [2009/10/31 07:37:51 \| 00,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys [2009/10/31 07:37:51 \| 00,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys [2009/10/31 07:37:50 \| 00,146,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV [2009/10/31 07:37:50 \| 00,069,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE [2009/10/31 07:37:50 \| 00,068,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL [2009/10/31 07:37:50 \| 00,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll [2009/10/31 07:37:50 \| 00,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll [2009/10/31 07:37:49 \| 00,074,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll [2009/10/31 07:37:42 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Start Menu [2009/10/31 07:37:42 \| 00,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Documents [2009/10/31 07:37:42 \| 00,000,000 \| -H-D \| C] -- C:\Documents and Settings\All Users\Templates [2009/10/31 07:37:42 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Favorites [2009/10/31 07:37:42 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Desktop [2009/10/31 07:37:28 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\CatRoot2 [2009/10/31 07:37:28 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\CatRoot [2009/10/31 07:37:22 \| 00,000,000 \| --SD \| C] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2009/10/31 07:37:22 \| 00,000,000 \| RH-D \| C] -- C:\Documents and Settings\All Users\Application Data [2009/10/31 07:36:54 \| 00,000,000 \| -HSD \| C] -- C:\System Volume Information [2009/10/31 07:36:54 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings [2009/10/31 07:25:47 \| 00,000,000 \| R-SD \| C] -- C:\WINDOWS\Fonts [2009/10/31 07:25:47 \| 00,000,000 \| RHSD \| C] -- C:\WINDOWS\System32\dllcache [2009/10/31 07:25:47 \| 00,000,000 \| R--D \| C] -- C:\WINDOWS\Web [2009/10/31 07:25:47 \| 00,000,000 \| -H-D \| C] -- C:\WINDOWS\inf [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\WinSxS [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\wins [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\wbem [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\usmt [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\twain_32 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Temp [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\system32 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\system [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\spool [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\ShellExt [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Setup [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\security [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Resources [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\repair [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\ras [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Provisioning [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\PeerNet [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\pchealth [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\oobe [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\npp [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\mui [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\mui [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\msapps [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\msagent [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Media [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\java [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\inetsrv [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\IME [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\ime [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\icsxml [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\ias [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Help [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\export [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers\etc [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Driver Cache [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers\disdn [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\dhcp [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Debug [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Cursors [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Connection Wizard [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\config [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\Config [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\AppPatch [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\addins [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\3com_dmi [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\3076 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\2052 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1054 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1042 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1041 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1037 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1033 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1031 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1028 [2009/10/31 07:25:47 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1025 [3 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] [2 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2009/11/01 15:38:34 \| 00,000,330 \| ---- \| M] () -- C:\WINDOWS\tasks\At1.job [2009/11/01 15:33:51 \| 01,013,216 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\sfi.dat [2009/11/01 15:26:32 \| 00,000,330 \| RHS- \| M] () -- C:\WINDOWS\blsys.bln [2009/11/01 15:26:31 \| 00,188,437 \| RHS- \| M] () -- C:\WINDOWS\svchost.exe [2009/11/01 15:20:02 \| 00,002,877 \| RHS- \| M] () -- C:\WINDOWS\System32\cmsys.cmn [2009/11/01 14:59:33 \| 00,072,101 \| ---- \| M] () -- C:\Documents and Settings\Home\Desktop\I_have_some_baddies_after_format_XP_Home_t108043.html [2009/11/01 14:55:00 \| 00,527,360 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Home\Desktop\OTL.exe [2009/11/01 14:38:51 \| 00,188,437 \| ---- \| M] () -- C:\Documents and Settings\Home\Application Data\icsys.icn.exe [2009/11/01 14:38:46 \| 00,003,390 \| ---- \| M] () -- C:\Documents and Settings\Home\Application Data\icsys.icn [2009/11/01 13:46:51 \| 00,001,374 \| ---- \| M] () -- C:\WINDOWS\imsins.BAK [2009/11/01 13:44:45 \| 00,053,248 \| -HS- \| M] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\vttimer.exe' [2009/11/01 13:44:05 \| 00,013,646 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2009/11/01 13:44:05 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2009/11/01 13:44:00 \| 00,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2009/11/01 13:40:01 \| 05,318,216 \| -H-- \| M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\IconCache.db [2009/11/01 12:21:53 \| 00,000,336 \| RHS- \| M] () -- C:\WINDOWS\System32\blsys.bln [2009/11/01 11:27:17 \| 00,000,083 \| ---- \| M] () -- C:\WINDOWS\System32\i [2009/11/01 11:02:45 \| 00,000,248 \| ---- \| M] () -- C:\WINDOWS\System32\secustat.dat [2009/11/01 11:02:28 \| 00,000,305 \| ---- \| M] () -- C:\WINDOWS\System32\secushr.dat [2009/11/01 09:28:51 \| 01,044,480 \| ---- \| M] () -- C:\Documents and Settings\Home\ntuser.dat [2009/11/01 09:26:49 \| 00,000,178 \| -HS- \| M] () -- C:\Documents and Settings\Home\ntuser.ini [2009/11/01 02:14:40 \| 00,001,734 \| ---- \| M] () -- C:\Documents and Settings\Home\Desktop\HijackThis.lnk [2009/11/01 01:51:25 \| 00,000,738 \| ---- \| M] () -- C:\Documents and Settings\Home\Desktop\JDownloader.lnk [2009/11/01 00:54:39 \| 00,188,437 \| ---- \| M] () -- C:\WINDOWS\spoolsv.exe [2009/10/31 23:54:20 \| 00,000,359 \| RHS- \| M] () -- C:\WINDOWS\System32\lgsys.lgn [2009/10/31 20:54:01 \| 00,000,025 \| ---- \| M] () -- C:\WINDOWS\libem.INI [2009/10/31 20:02:04 \| 00,000,664 \| ---- \| M] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/10/31 14:20:19 \| 00,149,280 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2009/10/31 14:20:19 \| 00,145,184 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2009/10/31 14:20:19 \| 00,145,184 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2009/10/31 14:20:19 \| 00,073,728 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2009/10/31 14:20:18 \| 00,411,368 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll [2009/10/31 14:18:38 \| 00,001,602 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2009/10/31 14:12:23 \| 00,179,792 \| ---- \| M] (COMODO) -- C:\WINDOWS\System32\guard32.dll [2009/10/31 14:12:23 \| 00,132,296 \| ---- \| M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys [2009/10/31 14:12:23 \| 00,087,104 \| ---- \| M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys [2009/10/31 14:12:23 \| 00,025,160 \| ---- \| M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys [2009/10/31 14:07:53 \| 00,012,328 \| ---- \| M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/10/31 14:06:32 \| 00,000,042 \| ---- \| M] () -- C:\WINDOWS\System32\AK083E209605E394C.lie [2009/10/31 14:06:29 \| 00,188,437 \| RHS- \| M] () -- C:\Documents and Settings\All Users\Application Data\stsys.exe [2009/10/31 14:06:29 \| 00,188,437 \| RHS- \| M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\mrsys.exe [2009/10/31 14:06:29 \| 00,188,437 \| RHS- \| M] () -- C:\WINDOWS\System32\explorer.exe [2009/10/31 13:58:30 \| 00,356,120 \| ---- \| M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/10/31 13:58:30 \| 00,311,604 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2009/10/31 13:58:30 \| 00,039,992 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2009/10/31 13:56:14 \| 00,008,192 \| ---- \| M] () -- C:\WINDOWS\REGLOCS.OLD [2009/10/31 13:56:04 \| 00,090,296 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/10/31 13:55:32 \| 00,000,261 \| ---- \| M] () -- C:\WINDOWS\System32\$winnt$.inf [2009/10/31 13:53:00 \| 00,002,577 \| ---- \| M] () -- C:\WINDOWS\System32\CONFIG.NT [2009/10/31 13:53:00 \| 00,000,477 \| ---- \| M] () -- C:\WINDOWS\win.ini [2009/10/31 13:53:00 \| 00,000,000 \| RHS- \| M] () -- C:\MSDOS.SYS [2009/10/31 13:53:00 \| 00,000,000 \| RHS- \| M] () -- C:\IO.SYS [2009/10/31 13:53:00 \| 00,000,000 \| ---- \| M] () -- C:\WINDOWS\control.ini [2009/10/31 13:53:00 \| 00,000,000 \| ---- \| M] () -- C:\CONFIG.SYS [2009/10/31 13:53:00 \| 00,000,000 \| ---- \| M] () -- C:\AUTOEXEC.BAT [2009/10/31 13:52:52 \| 00,316,640 \| ---- \| M] () -- C:\WINDOWS\WMSysPr9.prx [2009/10/31 13:52:52 \| 00,023,392 \| ---- \| M] () -- C:\WINDOWS\System32\nscompat.tlb [2009/10/31 13:52:52 \| 00,016,832 \| ---- \| M] () -- C:\WINDOWS\System32\amcompat.tlb [2009/10/31 13:52:42 \| 00,004,161 \| ---- \| M] () -- C:\WINDOWS\ODBCINST.INI [2009/10/31 13:51:53 \| 00,000,488 \| RH-- \| M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2009/10/31 13:51:53 \| 00,000,488 \| RH-- \| M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| M] () -- C:\WINDOWS\WindowsShell.Manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2009/10/31 13:49:48 \| 00,021,640 \| ---- \| M] () -- C:\WINDOWS\System32\emptyregdb.dat [2009/10/31 13:49:38 \| 00,000,037 \| ---- \| M] () -- C:\WINDOWS\vbaddin.ini [2009/10/31 13:49:38 \| 00,000,036 \| ---- \| M] () -- C:\WINDOWS\vb.ini [2009/10/31 13:46:42 \| 00,000,211 \| -HS- \| M] () -- C:\boot.ini [2009/10/31 13:31:45 \| 00,000,000 \| ---- \| M] () -- C:\WINDOWS\nsreg.dat [2009/10/31 13:26:19 \| 00,000,650 \| ---- \| M] () -- C:\Documents and Settings\Home\Start Menu\Programs\Startup\SpywareGuard.lnk [2009/10/31 13:15:52 \| 00,000,544 \| ---- \| M] () -- C:\Documents and Settings\Home\Desktop\Shortcut to My ISP.lnk [2009/10/31 13:10:08 \| 00,013,646 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.bak [2009/10/31 10:49:46 \| 00,237,614 \| ---- \| M] () -- C:\WINDOWS\System32\VTSetvga.exe [2009/10/31 10:49:44 \| 00,241,710 \| ---- \| M] () -- C:\WINDOWS\System32\VTTimer.exe [2009/10/31 07:38:14 \| 00,000,231 \| ---- \| M] () -- C:\WINDOWS\system.ini [3 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] [2 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] ========== Files Created - No Company Name ========== [2009/11/01 14:59:02 \| 00,072,101 \| ---- \| C] () -- C:\Documents and Settings\Home\Desktop\I_have_some_baddies_after_format_XP_Home_t108043.html [2009/11/01 11:27:17 \| 00,000,083 \| ---- \| C] () -- C:\WINDOWS\System32\i [2009/11/01 09:28:50 \| 01,044,480 \| ---- \| C] () -- C:\Documents and Settings\Home\ntuser.dat [2009/11/01 09:28:37 \| 00,000,330 \| ---- \| C] () -- C:\WINDOWS\tasks\At1.job [2009/11/01 02:14:40 \| 00,001,734 \| ---- \| C] () -- C:\Documents and Settings\Home\Desktop\HijackThis.lnk [2009/11/01 01:51:25 \| 00,000,738 \| ---- \| C] () -- C:\Documents and Settings\Home\Desktop\JDownloader.lnk [2009/11/01 01:50:20 \| 00,000,305 \| ---- \| C] () -- C:\WINDOWS\System32\secushr.dat [2009/11/01 00:54:39 \| 00,188,437 \| RHS- \| C] () -- C:\WINDOWS\svchost.exe [2009/11/01 00:54:39 \| 00,188,437 \| ---- \| C] () -- C:\WINDOWS\spoolsv.exe [2009/10/31 23:54:20 \| 00,000,359 \| RHS- \| C] () -- C:\WINDOWS\System32\lgsys.lgn [2009/10/31 21:06:29 \| 00,000,248 \| ---- \| C] () -- C:\WINDOWS\System32\secustat.dat [2009/10/31 20:54:01 \| 00,000,025 \| ---- \| C] () -- C:\WINDOWS\libem.INI [2009/10/31 14:20:54 \| 00,000,664 \| ---- \| C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/10/31 14:18:38 \| 00,001,602 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2009/10/31 14:07:53 \| 00,012,328 \| ---- \| C] () -- C:\Documents and Settings\Home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/10/31 14:07:46 \| 00,003,390 \| ---- \| C] () -- C:\Documents and Settings\Home\Application Data\icsys.icn [2009/10/31 14:06:32 \| 00,000,042 \| ---- \| C] () -- C:\WINDOWS\System32\AK083E209605E394C.lie [2009/10/31 14:06:29 \| 00,188,437 \| RHS- \| C] () -- C:\WINDOWS\System32\explorer.exe [2009/10/31 14:06:29 \| 00,188,437 \| RHS- \| C] () -- C:\Documents and Settings\All Users\Application Data\stsys.exe [2009/10/31 14:06:29 \| 00,188,437 \| RHS- \| C] () -- C:\Documents and Settings\Home\Local Settings\Application Data\mrsys.exe [2009/10/31 14:06:26 \| 00,188,437 \| ---- \| C] () -- C:\Documents and Settings\Home\Application Data\icsys.icn.exe [2009/10/31 14:05:00 \| 00,000,178 \| -HS- \| C] () -- C:\Documents and Settings\Home\ntuser.ini [2009/10/31 14:04:59 \| 00,000,062 \| -HS- \| C] () -- C:\Documents and Settings\Home\Application Data\desktop.ini [2009/10/31 13:56:33 \| 00,000,006 \| -H-- \| C] () -- C:\WINDOWS\tasks\SA.DAT [2009/10/31 13:56:14 \| 00,008,192 \| ---- \| C] () -- C:\WINDOWS\REGLOCS.OLD [2009/10/31 13:55:32 \| 00,002,048 \| --S- \| C] () -- C:\WINDOWS\bootstat.dat [2009/10/31 13:55:26 \| 00,028,288 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2009/10/31 13:54:50 \| 00,083,748 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2009/10/31 13:54:50 \| 00,083,748 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2009/10/31 13:54:48 \| 00,175,104 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2009/10/31 13:54:29 \| 00,047,066 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2009/10/31 13:54:28 \| 01,158,818 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2009/10/31 13:54:19 \| 00,059,392 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2009/10/31 13:54:17 \| 00,196,665 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2009/10/31 13:54:15 \| 00,134,339 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2009/10/31 13:54:07 \| 13,463,552 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2009/10/31 13:54:02 \| 00,108,827 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2009/10/31 13:53:57 \| 00,094,208 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2009/10/31 13:53:43 \| 00,173,568 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2009/10/31 13:53:39 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2009/10/31 13:53:38 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2009/10/31 13:53:38 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2009/10/31 13:53:38 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2009/10/31 13:53:38 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2009/10/31 13:53:38 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2009/10/31 13:53:37 \| 00,180,770 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2009/10/31 13:53:37 \| 00,177,698 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2009/10/31 13:53:37 \| 00,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2009/10/31 13:53:37 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2009/10/31 13:53:37 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2009/10/31 13:53:37 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2009/10/31 13:53:36 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2009/10/31 13:53:36 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2009/10/31 13:53:36 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2009/10/31 13:53:36 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2009/10/31 13:53:36 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2009/10/31 13:53:36 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2009/10/31 13:53:36 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2009/10/31 13:53:35 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2009/10/31 13:53:35 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2009/10/31 13:53:35 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2009/10/31 13:53:35 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2009/10/31 13:53:35 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2009/10/31 13:53:35 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2009/10/31 13:53:35 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2009/10/31 13:53:35 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2009/10/31 13:53:35 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2009/10/31 13:53:34 \| 00,187,938 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2009/10/31 13:53:34 \| 00,180,258 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2009/10/31 13:53:34 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2009/10/31 13:53:34 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2009/10/31 13:53:34 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2009/10/31 13:53:34 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2009/10/31 13:53:34 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2009/10/31 13:53:33 \| 00,189,986 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2009/10/31 13:53:33 \| 00,186,402 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2009/10/31 13:53:33 \| 00,185,378 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2009/10/31 13:53:33 \| 00,180,258 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2009/10/31 13:53:33 \| 00,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2009/10/31 13:53:33 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2009/10/31 13:53:32 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2009/10/31 13:53:32 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2009/10/31 13:53:32 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2009/10/31 13:53:32 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2009/10/31 13:53:32 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2009/10/31 13:53:32 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2009/10/31 13:53:32 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2009/10/31 13:53:32 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2009/10/31 13:53:32 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2009/10/31 13:53:31 \| 00,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2009/10/31 13:53:31 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2009/10/31 13:53:31 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2009/10/31 13:53:31 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2009/10/31 13:53:31 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2009/10/31 13:53:30 \| 00,195,618 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2009/10/31 13:53:30 \| 00,177,698 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2009/10/31 13:53:30 \| 00,162,850 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2009/10/31 13:53:30 \| 00,082,172 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2009/10/31 13:53:29 \| 00,066,728 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2009/10/31 13:53:00 \| 00,002,577 \| ---- \| C] () -- C:\WINDOWS\System32\CONFIG.NT [2009/10/31 13:53:00 \| 00,000,000 \| RHS- \| C] () -- C:\MSDOS.SYS [2009/10/31 13:53:00 \| 00,000,000 \| RHS- \| C] () -- C:\IO.SYS [2009/10/31 13:53:00 \| 00,000,000 \| ---- \| C] () -- C:\CONFIG.SYS [2009/10/31 13:53:00 \| 00,000,000 \| ---- \| C] () -- C:\AUTOEXEC.BAT [2009/10/31 13:52:52 \| 00,023,392 \| ---- \| C] () -- C:\WINDOWS\System32\nscompat.tlb [2009/10/31 13:52:52 \| 00,016,832 \| ---- \| C] () -- C:\WINDOWS\System32\amcompat.tlb [2009/10/31 13:52:51 \| 00,316,640 \| ---- \| C] () -- C:\WINDOWS\WMSysPr9.prx [2009/10/31 13:51:53 \| 00,000,488 \| RH-- \| C] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2009/10/31 13:51:53 \| 00,000,488 \| RH-- \| C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| C] () -- C:\WINDOWS\WindowsShell.Manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2009/10/31 13:51:47 \| 00,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2009/10/31 13:51:30 \| 04,399,505 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2009/10/31 13:50:50 \| 00,048,680 \| -HS- \| C] () -- C:\WINDOWS\winnt256.bmp [2009/10/31 13:50:50 \| 00,048,680 \| -HS- \| C] () -- C:\WINDOWS\winnt.bmp [2009/10/31 13:50:43 \| 00,000,984 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2009/10/31 13:50:27 \| 00,004,639 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2009/10/31 13:50:13 \| 00,376,320 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2009/10/31 13:49:48 \| 00,021,640 \| ---- \| C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009/10/31 13:48:36 \| 00,065,954 \| ---- \| C] () -- C:\WINDOWS\Prairie Wind.bmp [2009/10/31 13:48:36 \| 00,065,832 \| ---- \| C] () -- C:\WINDOWS\Santa Fe Stucco.bmp [2009/10/31 13:48:36 \| 00,026,680 \| ---- \| C] () -- C:\WINDOWS\River Sumida.bmp [2009/10/31 13:48:36 \| 00,017,362 \| ---- \| C] () -- C:\WINDOWS\Rhododendron.bmp [2009/10/31 13:48:36 \| 00,009,522 \| ---- \| C] () -- C:\WINDOWS\Zapotec.bmp [2009/10/31 13:48:35 \| 00,065,978 \| ---- \| C] () -- C:\WINDOWS\Soap Bubbles.bmp [2009/10/31 13:48:35 \| 00,026,582 \| ---- \| C] () -- C:\WINDOWS\Greenstone.bmp [2009/10/31 13:48:35 \| 00,017,336 \| ---- \| C] () -- C:\WINDOWS\Gone Fishing.bmp [2009/10/31 13:48:35 \| 00,017,062 \| ---- \| C] () -- C:\WINDOWS\Coffee Bean.bmp [2009/10/31 13:48:35 \| 00,016,730 \| ---- \| C] () -- C:\WINDOWS\FeatherTexture.bmp [2009/10/31 13:48:35 \| 00,001,272 \| ---- \| C] () -- C:\WINDOWS\Blue Lace 16.bmp [2009/10/31 13:48:34 \| 00,093,702 \| ---- \| C] () -- C:\WINDOWS\System32\subrange.uce [2009/10/31 13:48:34 \| 00,060,458 \| ---- \| C] () -- C:\WINDOWS\System32\ideograf.uce [2009/10/31 13:48:34 \| 00,024,006 \| ---- \| C] () -- C:\WINDOWS\System32\gb2312.uce [2009/10/31 13:48:34 \| 00,022,984 \| ---- \| C] () -- C:\WINDOWS\System32\bopomofo.uce [2009/10/31 13:48:34 \| 00,016,740 \| ---- \| C] () -- C:\WINDOWS\System32\shiftjis.uce [2009/10/31 13:48:34 \| 00,012,876 \| ---- \| C] () -- C:\WINDOWS\System32\korean.uce [2009/10/31 13:48:34 \| 00,008,484 \| ---- \| C] () -- C:\WINDOWS\System32\kanji_2.uce [2009/10/31 13:48:34 \| 00,006,948 \| ---- \| C] () -- C:\WINDOWS\System32\kanji_1.uce [2009/10/31 13:48:31 \| 00,003,286 \| ---- \| C] () -- C:\WINDOWS\System32\tslabels.h [2009/10/31 13:48:31 \| 00,001,161 \| ---- \| C] () -- C:\WINDOWS\System32\usrlogon.cmd [2009/10/31 13:48:29 \| 00,000,768 \| ---- \| C] () -- C:\WINDOWS\System32\msdtcprf.h [2009/10/31 13:48:21 \| 00,063,488 \| ---- \| C] () -- C:\WINDOWS\System32\wmimgmt.msc [2009/10/31 13:46:37 \| 01,013,216 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\sfi.dat [2009/10/31 13:46:07 \| 05,318,216 \| -H-- \| C] () -- C:\Documents and Settings\Home\Local Settings\Application Data\IconCache.db [2009/10/31 13:38:32 \| 00,000,330 \| RHS- \| C] () -- C:\WINDOWS\blsys.bln [2009/10/31 13:38:31 \| 00,002,877 \| RHS- \| C] () -- C:\WINDOWS\System32\cmsys.cmn [2009/10/31 13:38:31 \| 00,000,336 \| RHS- \| C] () -- C:\WINDOWS\System32\blsys.bln [2009/10/31 13:31:45 \| 00,000,000 \| ---- \| C] () -- C:\WINDOWS\nsreg.dat [2009/10/31 13:26:19 \| 00,000,650 \| ---- \| C] () -- C:\Documents and Settings\Home\Start Menu\Programs\Startup\SpywareGuard.lnk [2009/10/31 13:15:52 \| 00,000,544 \| ---- \| C] () -- C:\Documents and Settings\Home\Desktop\Shortcut to My ISP.lnk [2009/10/31 13:10:10 \| 00,013,646 \| ---- \| C] () -- C:\WINDOWS\System32\wpa.bak [2009/10/31 07:38:21 \| 00,001,374 \| ---- \| C] () -- C:\WINDOWS\imsins.BAK [2009/10/31 07:38:16 \| 01,685,606 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2009/10/31 07:38:16 \| 00,605,050 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2009/10/31 07:38:16 \| 00,000,888 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2009/10/31 07:38:15 \| 00,643,717 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2009/10/31 07:38:13 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls [2009/10/31 07:38:13 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_28603.nls [2009/10/31 07:38:11 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_857.nls [2009/10/31 07:38:11 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_857.nls [2009/10/31 07:38:11 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls [2009/10/31 07:38:11 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_28599.nls [2009/10/31 07:38:11 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls [2009/10/31 07:38:11 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10081.nls [2009/10/31 07:38:07 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls [2009/10/31 07:38:07 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\C_28595.NLS [2009/10/31 07:38:07 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls [2009/10/31 07:38:07 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10017.nls [2009/10/31 07:38:07 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls [2009/10/31 07:38:07 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10007.nls [2009/10/31 07:38:03 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_869.nls [2009/10/31 07:38:03 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_869.nls [2009/10/31 07:38:03 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_737.nls [2009/10/31 07:38:03 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_737.nls [2009/10/31 07:38:03 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_875.nls [2009/10/31 07:38:03 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_875.nls [2009/10/31 07:38:03 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls [2009/10/31 07:38:03 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\C_28597.NLS [2009/10/31 07:38:03 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls [2009/10/31 07:38:03 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10006.nls [2009/10/31 07:38:01 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_866.nls [2009/10/31 07:38:01 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_866.nls [2009/10/31 07:38:01 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_855.nls [2009/10/31 07:38:01 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_855.nls [2009/10/31 07:38:01 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls [2009/10/31 07:38:01 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\C_28594.NLS [2009/10/31 07:37:57 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_852.nls [2009/10/31 07:37:57 \| 00,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_852.nls [2009/10/31 07:37:57 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls [2009/10/31 07:37:57 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10082.nls [2009/10/31 07:37:57 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls [2009/10/31 07:37:57 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10029.nls [2009/10/31 07:37:57 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls [2009/10/31 07:37:57 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10010.nls [2009/10/31 07:37:55 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls [2009/10/31 07:37:55 \| 00,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_20127.nls [2009/10/31 07:37:51 \| 00,001,688 \| ---- \| C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2009/10/31 07:37:42 \| 00,000,062 \| -HS- \| C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini [2009/10/31 07:37:41 \| 00,168,806 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\startoc.cat [2009/10/31 07:37:41 \| 00,037,484 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2009/10/31 07:37:41 \| 00,024,209 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\msn7.cat [2009/10/31 07:37:41 \| 00,013,472 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2009/10/31 07:37:41 \| 00,011,651 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\msn9.cat [2009/10/31 07:37:41 \| 00,008,574 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2009/10/31 07:37:41 \| 00,007,382 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2009/10/31 07:37:41 \| 00,007,334 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2009/10/31 07:37:41 \| 00,007,245 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2009/10/31 07:37:40 \| 02,012,670 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2009/10/31 07:37:40 \| 01,086,058 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT [2009/10/31 07:37:40 \| 01,042,903 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2009/10/31 07:37:40 \| 00,797,189 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2009/10/31 07:37:40 \| 00,399,645 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2009/10/31 07:37:40 \| 00,382,952 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2009/10/31 07:37:40 \| 00,031,281 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2009/10/31 07:37:40 \| 00,013,753 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2009/10/31 07:37:40 \| 00,009,581 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2009/10/31 07:36:54 \| 00,090,296 \| ---- \| C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/10/31 07:32:07 \| 00,000,211 \| -HS- \| C] () -- C:\boot.ini [2009/10/31 07:32:04 \| 00,000,261 \| ---- \| C] () -- C:\WINDOWS\System32\$winnt$.inf [2008/08/08 19:58:06 \| 00,156,672 \| ---- \| C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2004/08/04 06:00:00 \| 00,081,920 \| ---- \| C] () -- C:\WINDOWS\System32\ieencode.dll [2004/08/04 06:00:00 \| 00,027,440 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004/08/04 06:00:00 \| 00,000,477 \| ---- \| C] () -- C:\WINDOWS\win.ini [2004/08/04 06:00:00 \| 00,000,231 \| ---- \| C] () -- C:\WINDOWS\system.ini ========== LOP Check ========== [2009/10/31 14:18:57 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG [2009/11/01 00:30:21 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Hagel Technologies [2009/10/31 13:30:43 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\RoboForm [2009/11/01 15:19:42 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\TaskManager [2009/11/01 13:40:35 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\BITS [2009/10/31 20:53:38 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\FlashGetBHO [2009/11/01 12:22:17 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Free Download Manager [2009/11/01 00:30:12 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\Thinstall [2009/10/31 14:13:56 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Home\Application Data\WinPatrol [2009/11/01 15:38:34 \| 00,000,330 \| ---- \| M] () -- C:\WINDOWS\Tasks\At1.job [2004/08/04 06:00:00 \| 00,000,065 \| RH-- \| M] () -- C:\WINDOWS\Tasks\desktop.ini [2009/11/01 13:44:05 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\Tasks\SA.DAT ========== Purity Check ========== ========== Custom Scans ========== < Drivers > < End of report > This post has been edited by Rhineus: Nov 1 2009, 05:39 PM

Rhineus View Member Profile	Nov 1 2009, 05:30 PM Post #5
Authentic Member Group: Authentic Member Posts: 68 Joined: 27-October 07 From: St. Joseph, TN (USA) Member No.: 73,804 Operating System: XP Home	Now, this pop up just appeared... I tried to cancel it and I did but about 1 minute later it popped up again and it keeps popping up. I don't know what caused it but this is what it says: csrsc.exe This is no disk in the drive. Please insert a disk into drive \Device\Harddisk\DR2

oldman960 View Member Profile	Nov 1 2009, 06:01 PM Post #6
SuperMember Group: Classroom Teacher Posts: 3,910 Joined: 27-April 08 Member No.: 78,707 Operating System: win98se, XP pro	Hi Disable this program and leave it disabled until we are done. SPYWARE GUARD Right click the running icon of Spywareguard in the system tray to open the program. Then go to Menu, File, and choose Exit. Your computer will be rebooted during this fix. Next, Double click on OTL.exe Under the Custom Scans/Fixes box at the bottom, paste in the following Do Not copy the word CODE please note the fix starts with the : CODE :OTL PRC - c:\WINDOWS\svchost.exe 3740 PRC - C:\WINDOWS\system32\explorer.exe () O4 - HKLM..\RunOnce: [Explorer] C:\WINDOWS\System32\explorer.exe () O4 - HKLM..\RunOnce: [Svchost] c:\windows\svchost.exe () O20 - HKLM Winlogon: Shell - (c:\windows\system32\explorer.exe) - C:\WINDOWS\system32\explorer.exe () [2009/11/01 15:26:32 \| 00,000,330 \| RHS- \| M] () -- C:\WINDOWS\blsys.bln 2009/11/01 12:21:53 \| 00,000,336 \| RHS- \| M] () -- C:\WINDOWS\System32\blsys.bln [2009/11/01 11:27:17 \| 00,000,083 \| ---- \| M] () -- C:\WINDOWS\System32\i [2009/11/01 00:54:39 \| 00,188,437 \| ---- \| M] () -- C:\WINDOWS\spoolsv.exe [2009/11/01 11:02:45 \| 00,000,248 \| ---- \| M] () -- C:\WINDOWS\System32\secustat.dat [2009/11/01 11:02:28 \| 00,000,305 \| ---- \| M] () -- C:\WINDOWS\System32\secushr.dat [2009/10/31 20:54:01 \| 00,000,025 \| ---- \| M] () -- C:\WINDOWS\libem.INI [2009/10/31 14:06:29 \| 00,188,437 \| RHS- \| M] () -- C:\Documents and Settings\All Users\Application Data\stsys.exe [2009/10/31 14:06:29 \| 00,188,437 \| RHS- \| M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\mrsys.exe [2009/10/31 14:06:32 \| 00,000,042 \| ---- \| M] () -- C:\WINDOWS\System32\AK083E209605E394C.lie [2009/10/31 13:38:31 \| 00,002,877 \| RHS- \| C] () -- C:\WINDOWS\System32\cmsys.cmn :Services :Commands [emptytemp] [start explorer] Then click the Run Fix button at the top Let the program run unhindered Please save the resulting log to be posted in your next reply. Please post the OTL log. Next Please read through these instructions to familarize yourself with what to expect when this tool runs Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply. Notes: 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall. 2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser. 3. Combofix prevents autorun of ALL** CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper. 4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine. Please post back with OTL fix log combofix log How's the computer? Thanks

Rhineus View Member Profile	Nov 1 2009, 08:26 PM Post #7
Authentic Member Group: Authentic Member Posts: 68 Joined: 27-October 07 From: St. Joseph, TN (USA) Member No.: 73,804 Operating System: XP Home	The OTL.exe wouldn't start after I restarted... I don't know what happened. I even tired to download it one more time, still no go

oldman960 View Member Profile	Nov 1 2009, 10:41 PM Post #8
SuperMember Group: Classroom Teacher Posts: 3,910 Joined: 27-April 08 Member No.: 78,707 Operating System: win98se, XP pro	Hi Did you get a log of any kind? Download and run Win32kDiag: Download Win32kDiag from any of the following locations and save it to your Desktop. Download Win32kDiag (Win32kDiag.exe) - #1 Download Win32kDiag (Win32kDiag.exe) - #2 Download Win32kDiag (Win32kDiag.exe) - #3 Double-click Win32kDiag.exe to run Win32kDiag and let it finish. When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic. To ensure the entire contents are copied, right click anywhere in the notepad and click Select All Right click the highlited text and click copy

Rhineus View Member Profile	Nov 1 2009, 11:55 PM Post #9
Authentic Member Group: Authentic Member Posts: 68 Joined: 27-October 07 From: St. Joseph, TN (USA) Member No.: 73,804 Operating System: XP Home	Well, I didn't know if you wanted me to go ahead and do the combofix or not since I couldn't get the OTL to run... I ran combofix and did as you said about the AV and security apps but combofix said that my AV was still running so when I went to see if it was, when I hovered over it, it disapeared. Then I went into safe mode, that didn't help either and said that it was corupted and said that I need to download another copy, so I did but when I went to run that one, it said the same thing, that I need to download another copy... So, in short, I didn't get no logs but I'll try Win32kDiag, see it thats any better... SIGH EDIT: What did this do? Did you expect to see more that this? Running from: c:\documents and settings\home\desktop\win32kdiag.exe' Log file at : C:\Documents and Settings\Home\Desktop\Win32kDiag.txt WARNING: Could not get backup privileges! Searching 'C:\WINDOWS'... Cannot access: C:\WINDOWS\system32\drivers\sfi.dat [1] 2009-11-01 22:33:53 1020128 C:\WINDOWS\system32\drivers\sfi.dat () Finished! This post has been edited by Rhineus: Nov 2 2009, 12:05 AM

oldman960 View Member Profile	Nov 2 2009, 12:37 AM Post #10
SuperMember Group: Classroom Teacher Posts: 3,910 Joined: 27-April 08 Member No.: 78,707 Operating System: win98se, XP pro	Hi We ran win32kdiag just to see if there was a particular infection on board that was blocking our tools. It doesn't appear to be present and the one file it did report is a comodo file. Did you delete the copy of combofix before downloading a new one? I think we have some thing a litle deeper playing with us. Download the GMER Rootkit Scanner. Unzip it to your Desktop. Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan. Double-click gmer.exe. The program will begin to run. Caution These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised! If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click NO In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked. Now click the Scan button. Once the scan is complete, you may receive another notice about rootkit activity. Click OK. GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt" Save it where you can easily find it, such as your desktop. If you do not receive notice about possible rootkit activity remain on the Rootkit/Malware tab & make sure the 'Show All' button is unticked. Click the Scan button and let the program do its work. GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post. Save it where you can easily find it, such as your desktop Please post the GMER log. Thanks

Rhineus View Member Profile	Nov 2 2009, 05:14 PM Post #11
Authentic Member Group: Authentic Member Posts: 68 Joined: 27-October 07 From: St. Joseph, TN (USA) Member No.: 73,804 Operating System: XP Home	No, I didn't delete the original combofix... What was the comodo file? Remember, that when I hovered over the Comodo Internet Security, it dissapeaed. I tried to run it again, well several times and it wouldn't run, I just was clicking it but nothing happened. I can't even get my task manager to run. So, I don't know if the Comodo Internet Security is disabled or not. So, I think, I'm open to the outside world. I couldn't tick or untick "Show all" because it was grayed out but I got the log... Attached File(s) Gmer.txt ( 274.76K ) Number of downloads: 9

oldman960 View Member Profile	Nov 2 2009, 09:02 PM Post #12
SuperMember Group: Classroom Teacher Posts: 3,910 Joined: 27-April 08 Member No.: 78,707 Operating System: win98se, XP pro	Hi Combofix should be on your desktop, it has an red icon that looks like a cat. Please locate it and delete all copies. Let's see if we can get task manager to open. Right click the attached file tmfix.zip Select Save target as Set the Save in box to Desktop tmfix.zip ( 344bytes ) Number of downloads: 7 Extract the file to your desktop Locate tmfix.vbs it will have an icon like this double click it to run it it will be quick Right click the taskbar near the clock, click task manager. Did it open? Please download MBR.exe and save it to your desktop Double click on the MBR.exe file to run it. A log will be produced, MBR.log. Please open this log in Notepad and post its contents in your next reply. Thanks

Rhineus View Member Profile	Nov 2 2009, 11:10 PM Post #13
Authentic Member Group: Authentic Member Posts: 68 Joined: 27-October 07 From: St. Joseph, TN (USA) Member No.: 73,804 Operating System: XP Home	Ok, the task manager will open... but the mbr log didn't produce much Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully user & kernel MBR OK

oldman960 View Member Profile	Nov 3 2009, 01:10 AM Post #14
SuperMember Group: Classroom Teacher Posts: 3,910 Joined: 27-April 08 Member No.: 78,707 Operating System: win98se, XP pro	Hi Rhineus, Good, we can at least do something on this computer. MBR produced what I had hoped it would. Let's try a different tool and see if we have better luck, something seems to have blocked combofix. Download OTS to your Desktop and double-click on it to extract the files. It will create a folder named OTS on your desktop. Close ALL OTHER PROGRAMS. Open the OTS folder and double-click on OTScanit.exe to start the program. Check the box that says Scan All Users Check the Radio button for Rootkit check YES Under Additional Scans check the following: Evnt - EventViewer Errors/Warnings (last 10) Now click the Run Scan button on the toolbar. Let it run unhindered until it finishes. When the scan is complete Notepad will open with the report file loaded in it. Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it. Please attach the log in your next post. To attach a file, do the following: Click Add Reply Under the reply panel is the Attachments Panel Browse for the attachment file you want to upload, then click the green Upload button Once it has uploaded, click the Manage Current Attachments drop down box Click on to insert the attachment into your post Note: if it is to large to attach then upload to Mediafire and post the sharing link in your next reply. Thanks

Rhineus View Member Profile	Nov 3 2009, 10:13 AM Post #15
Authentic Member Group: Authentic Member Posts: 68 Joined: 27-October 07 From: St. Joseph, TN (USA) Member No.: 73,804 Operating System: XP Home	Sorry, but I cant find the "Check the Radio button for Rootkit check YES" I looked all over the program. Where's it at?

« Next Oldest · Infections Removal · Next Newest »

5 Pages

1 2 3 > »

Reply to this topic

Start new topic

2 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

1 Members: Rhineus

Similar Topics

Similar Topics

Similar Topics

		Topic Title	Replies	Topic Starter	Views	Last Action
		Networking help setting up a home network	11	capri2001	139	Today, 05:15 PM Last post by: DigitalOutlaw
		Browsers, Internet and email Can't set up internet on work laptop at home	1	bruffyboy	37	18th November 2009 - 10:50 AM Last post by: 8210GUY
		Security advisories and vulnerabilities info Home routers under attack... 12	23	AplusWebMaster	2,724	23rd October 2009 - 05:06 AM Last post by: AplusWebMaster
		Microsoft Windows™ How do i Format & reinstall vista with back up DVD	3	Jin~	181	12th October 2009 - 06:05 AM Last post by: 8210GUY

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 20th November 2009 - 09:57 PM

Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
Memory Forums | Auto Repair Forum
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy

Powered By IP.Board © 2009 IPS, Inc.