Ne mogu pokrenuti Windows update niti otvarati sajtove sa AV programima

1

Ne mogu pokrenuti Windows update niti otvarati sajtove sa AV programima

offline
  • Pridružio: 22 Feb 2010
  • Poruke: 22

Napisano: 10 Nov 2012 12:40

Kada pokrenem Windows update IE ne može otvoriti stranu The page cannot be displayed. Isto se dešava i kada preko Googla pokušam otvoriti Microsoft-ovu stranicu ili bilo koju sa AV programima, Avira, Symantec, AVG ... Takođe ne radi MSN, Outlook Express. Neki drugi sajtovi rade normalno, a za My Cyty je potrebno nekoliko minuta da se ukloni peščanik da bih mogao pomeriti miš.

Posle loše urađene lozinke za Windows i bezuspešnog pokušaja uklanjanja iste sa određenim programom koji se trabao podići sa cd-a (a nije), uradio sam reinstalaciju Windowsa. Posle toga počinju problemi.

Nemam nikakav zaštitni softver. Pokušao sam pokrenuti Gmer na nekom online linku i on je navodno detektovao Rootkit, tada sam se setio vas (u dva navrata ste mi već pomogli). Sem toga nisam ništa drugo radio.
Imam na d particiji SP2 koji sam instalirao (ali nisam pre toga jedinicu), nikakvih promena nije bilo.
Pri pokretanju vašeg Gmera takođe je detektovan Rootkit pa ću prvo prikačiti taj Print Screen.

Koristim kablovski internet. 1 Mbps, download: 1024 kbps upload: 512 kbps

Mislim da je ovaj Win koji je sada na računaru samo kostur, nisam instalirao ni office, ne radi muzika, IE je mislim 6. Bukvalno je na C samo Win. Kada odem na Add programs nema ničega sem SP2.

DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 6.0.2900.2180
Run by dnevna at 12:11:05 on 2012-11-10
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.240 [GMT 1:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.googl.com/
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [Cryptographic Service] c:\windows\system32\gdsjmrdb.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 91.102.224.62 91.102.225.16
TCP: Interfaces\{4F86A8A6-6350-4508-9807-691C5D8A3D8D} : DHCPNameServer = 91.102.224.62 91.102.225.16
.
============= SERVICES / DRIVERS ===============
.
S2 tnlaui;Manager Support;c:\windows\system32\svchost.exe -k netsvcs [2001-8-23 21504]
.
=============== Created Last 30 ================
.
2012-11-10 06:54:47 -------- d-s---w- c:\documents and settings\dnevna\UserData
2012-11-09 19:21:11 -------- d-----w- c:\documents and settings\dnevna\local settings\application data\Identities
2012-11-09 17:45:54 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2012-11-09 17:34:55 848384 ------w- c:\windows\system32\ir41_32.ax
2012-11-09 17:33:59 28672 ------w- c:\program files\windows media player\custsat.dll
2012-11-09 17:10:40 -------- d-----w- c:\windows\ServicePackFiles
2012-11-09 16:52:20 2897920 ------w- c:\windows\system32\xpsp2res.dll
2012-11-09 16:51:01 19528 ----a-w- c:\windows\002424_.tmp
2012-11-09 16:50:59 -------- d-----w- c:\windows\system32\ReinstallBackups
2012-11-09 16:50:42 23040 ----a-w- c:\windows\system32\spupdsvc.exe
2012-11-09 16:48:31 -------- d-----w- c:\windows\EHome
2012-11-09 16:41:59 -------- d-----w- c:\windows\system32\appmgmt
2012-11-09 16:36:45 18944 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2012-11-09 16:36:45 17920 ----a-w- c:\windows\system32\mdimon.dll
2012-11-09 01:18:56 -------- d-s---w- c:\windows\system32\Microsoft
2012-11-08 20:04:15 24064 ----a-w- c:\windows\system32\gdsjmrdb.exe
2012-11-08 20:04:12 24064 ----a-w- c:\windows\system32\ftpupd.exe
2012-11-08 19:03:53 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2012-11-08 19:03:24 57472 ----a-w- c:\windows\system32\drivers\redbook.sys
2012-11-08 19:03:01 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys
2012-11-08 19:02:59 20992 ----a-w- c:\windows\system32\drivers\rtl8139.sys
2012-11-08 19:02:52 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2012-11-08 19:02:50 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
2012-11-08 19:02:46 74240 ----a-w- c:\windows\system32\usbui.dll
2012-11-08 19:00:56 -------- d-----w- c:\windows\system32\CatRoot2
2012-11-08 19:00:56 -------- d-----w- c:\windows\system32\CatRoot
2012-11-08 19:00:30 -------- d-----w- C:\Documents and Settings
.
==================== Find3M ====================
.
.
============= FINISH: 12:11:45.00 ===============


mycity.rs/must-login.png



Dopuna: 10 Nov 2012 12:53

Zaboravih Gmer logove.

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav.


Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.



Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku;
Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata;
Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata;
Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem.

offline
  • Pridružio: 22 Feb 2010
  • Poruke: 22

U bunilu zaboravih Pozdrav, ne zameri.

Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata

Posle pokretanja ComboFiksa iskočio je sledeći eror (prikačena slika).
Kliknuo sam na ok misleći da se radi o
proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste

Ništa se dalje nije događalo, a ikonica ComboFixa je nestala sa desktopa.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pojela ga maca


Preuzmite program OTL sa donjeg linka na Desktop:


OTL download
Kliknite dati link - u prozoru koji se otvori, kliknite Save;
kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite OTL;

kliknite Run Scan;

po završetku skeniranja, izveštaj (koji će biti automatski sačuvan na Desktop-u kao OTL.Txt) će se otvoriti u Notepad-u.


Priložite izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.

offline
  • Pridružio: 22 Feb 2010
  • Poruke: 22

Napisano: 10 Nov 2012 18:50

Eve ga

mycity.rs/must-login.png


OTL logfile created on: 11/10/2012 6:44:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dnevna\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.48 Mb Total Physical Memory | 262.35 Mb Available Physical Memory | 51.29% Memory free
1.22 Gb Paging File | 0.94 Gb Available in Paging File | 76.95% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 16.03 Gb Free Space | 82.07% Space Free | Partition Type: NTFS
Drive D: | 19.53 Gb Total Space | 2.29 Gb Free Space | 11.71% Space Free | Partition Type: NTFS
Drive E: | 37.61 Gb Total Space | 0.53 Gb Free Space | 1.41% Space Free | Partition Type: NTFS

Computer Name: DNEVNA-P6HEENN7 | User Name: dnevna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/10 18:43:40 | 000,609,792 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dnevna\Desktop\OTL.exe
PRC - [2004/08/04 00:56:50 | 001,039,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2002/08/29 02:41:00 | 000,165,141 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\slbpp.dll -- (tnlaui)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\dnevna\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\dnevna\LOCALS~1\Temp\fweyakow.sys -- (fweyakow)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\drivers\DMusic.sys -- (DMusic)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2004/08/03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = googl.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




O1 HOSTS File: ([2001/08/23 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Cryptographic Service] C:\WINDOWS\system32\gdsjmrdb.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 91.102.224.62 91.102.225.16
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F86A8A6-6350-4508-9807-691C5D8A3D8D}: DhcpNameServer = 91.102.224.62 91.102.225.16
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/11/08 19:25:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/10 18:43:35 | 000,609,792 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\dnevna\Desktop\OTL.exe
[2012/11/10 17:59:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/11/10 17:58:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/11/10 12:11:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\dnevna\My Documents\My Videos
[2012/11/10 12:11:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\dnevna\Start Menu\Programs\Administrative Tools
[2012/11/10 12:10:13 | 000,688,901 | R--- | C] (Swearware) -- C:\Documents and Settings\dnevna\Desktop\dds.scr
[2012/11/10 07:54:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\dnevna\UserData
[2012/11/09 20:21:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dnevna\Local Settings\Application Data\Identities
[2012/11/09 19:00:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dnevna\Application Data\Macromedia
[2012/11/09 18:45:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012/11/09 18:45:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/11/09 18:35:54 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2012/11/09 18:35:46 | 000,040,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2012/11/09 18:35:36 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2012/11/09 18:35:31 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2012/11/09 18:35:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2012/11/09 18:35:21 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2012/11/09 18:35:21 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2012/11/09 18:35:21 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2012/11/09 18:35:21 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2012/11/09 18:35:21 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2012/11/09 18:35:21 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2012/11/09 18:35:21 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2012/11/09 18:35:21 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2012/11/09 18:35:21 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2012/11/09 18:35:21 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2012/11/09 18:35:21 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2012/11/09 18:35:21 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2012/11/09 18:35:21 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2012/11/09 18:35:21 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2012/11/09 18:35:20 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2012/11/09 18:35:20 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2012/11/09 18:35:20 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2012/11/09 18:35:20 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2012/11/09 18:35:20 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2012/11/09 18:35:20 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2012/11/09 18:35:20 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2012/11/09 18:35:20 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2012/11/09 18:35:20 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2012/11/09 18:35:20 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2012/11/09 18:35:20 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2012/11/09 18:35:20 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2012/11/09 18:35:20 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2012/11/09 18:35:20 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2012/11/09 18:35:20 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2012/11/09 18:35:20 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2012/11/09 18:35:20 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2012/11/09 18:35:20 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2012/11/09 18:35:20 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2012/11/09 18:35:20 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2012/11/09 18:35:19 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2012/11/09 18:35:19 | 000,035,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2012/11/09 18:35:19 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2012/11/09 18:35:18 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2012/11/09 18:35:18 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2012/11/09 18:35:18 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2012/11/09 18:35:18 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2012/11/09 18:35:18 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2012/11/09 18:35:18 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2012/11/09 18:35:18 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2012/11/09 18:35:18 | 000,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2012/11/09 18:35:18 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2012/11/09 18:35:18 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2012/11/09 18:35:18 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2012/11/09 18:35:17 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2012/11/09 18:35:17 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2012/11/09 18:35:17 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2012/11/09 18:35:17 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2012/11/09 18:35:17 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2012/11/09 18:35:17 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2012/11/09 18:35:17 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2012/11/09 18:35:17 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2012/11/09 18:35:17 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2012/11/09 18:35:17 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2012/11/09 18:35:17 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2012/11/09 18:35:17 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2012/11/09 18:35:17 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2012/11/09 18:35:17 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2012/11/09 18:35:17 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2012/11/09 18:35:17 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2012/11/09 18:35:16 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2012/11/09 18:35:16 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2012/11/09 18:35:11 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2012/11/09 18:35:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2012/11/09 18:35:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2012/11/09 18:35:06 | 002,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2012/11/09 18:35:06 | 001,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2012/11/09 18:35:06 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2012/11/09 18:35:06 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2012/11/09 18:35:06 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2012/11/09 18:35:06 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2012/11/09 18:35:06 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2012/11/09 18:35:05 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2012/11/09 18:35:00 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2012/11/09 18:34:55 | 000,848,384 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir41_32.ax
[2012/11/09 18:34:55 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2012/11/09 18:34:55 | 000,338,432 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qcx.dll
[2012/11/09 18:34:55 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2012/11/09 18:34:55 | 000,199,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iac25_32.ax
[2012/11/09 18:34:55 | 000,120,320 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qc.dll
[2012/11/09 18:34:55 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2012/11/09 18:34:55 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2012/11/09 18:34:54 | 000,755,200 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir50_32.dll
[2012/11/09 18:34:54 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2012/11/09 18:34:54 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2012/11/09 18:34:54 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2012/11/09 18:34:54 | 000,200,192 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qc.dll
[2012/11/09 18:34:54 | 000,183,808 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qcx.dll
[2012/11/09 18:34:54 | 000,154,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ivfsrc.ax
[2012/11/09 18:34:54 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2012/11/09 18:34:54 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2012/11/09 18:34:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2012/11/09 18:34:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2012/11/09 18:34:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2012/11/09 18:34:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2012/11/09 18:34:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2012/11/09 18:34:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2012/11/09 18:34:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2012/11/09 18:34:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2012/11/09 18:34:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2012/11/09 18:34:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2012/11/09 18:34:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2012/11/09 18:34:53 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2012/11/09 18:34:53 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2012/11/09 18:34:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2012/11/09 18:34:48 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2012/11/09 18:34:48 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2012/11/09 18:34:48 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2012/11/09 18:34:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2012/11/09 18:34:42 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2012/11/09 18:34:42 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2012/11/09 18:34:42 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2012/11/09 18:34:42 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2012/11/09 18:34:42 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2012/11/09 18:34:42 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2012/11/09 18:34:37 | 000,041,058 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2012/11/09 18:34:32 | 000,081,988 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2012/11/09 18:34:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2012/11/09 18:34:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2012/11/09 18:34:26 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2012/11/09 18:34:26 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2012/11/09 18:34:26 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2012/11/09 18:34:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2012/11/09 18:34:25 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2012/11/09 18:34:25 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2012/11/09 18:34:25 | 000,896,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2012/11/09 18:34:25 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2012/11/09 18:34:20 | 000,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2012/11/09 18:34:20 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2012/11/09 18:34:10 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2012/11/09 18:34:09 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2012/11/09 18:34:09 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2012/11/09 18:34:09 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2012/11/09 18:34:09 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2012/11/09 18:34:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2012/11/09 18:34:04 | 000,041,058 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2012/11/09 18:33:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2012/11/09 18:33:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2012/11/09 18:10:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012/11/09 17:51:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2012/11/09 17:50:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012/11/09 17:50:42 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2012/11/09 17:48:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012/11/09 17:48:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012/11/09 17:41:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012/11/09 17:36:45 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2012/11/09 02:18:56 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012/11/08 20:54:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/11/08 20:03:01 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2012/11/08 20:02:59 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\rtl8139.sys
[2012/11/08 20:02:52 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2012/11/08 20:02:46 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2012/11/08 20:01:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012/11/08 20:01:36 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2012/11/08 20:01:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2012/11/08 20:01:35 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2012/11/08 20:01:35 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2012/11/08 20:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012/11/08 20:01:34 | 000,000,000 | R--D | C] -- C:\Program Files
[2012/11/08 20:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012/11/08 20:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012/11/08 20:01:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2012/11/08 20:01:32 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2012/11/08 20:01:32 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2012/11/08 20:01:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2012/11/08 20:01:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2012/11/08 20:01:32 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2012/11/08 20:01:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2012/11/08 20:01:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2012/11/08 20:01:29 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2012/11/08 20:01:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2012/11/08 20:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2012/11/08 20:01:27 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2012/11/08 20:01:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2012/11/08 20:01:27 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2012/11/08 20:01:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2012/11/08 20:01:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2012/11/08 20:01:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2012/11/08 20:01:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2012/11/08 20:01:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2012/11/08 20:01:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2012/11/08 20:01:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2012/11/08 20:01:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2012/11/08 20:01:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2012/11/08 20:01:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2012/11/08 20:01:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2012/11/08 20:01:25 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2012/11/08 20:01:25 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2012/11/08 20:01:25 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2012/11/08 20:01:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2012/11/08 20:01:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2012/11/08 20:01:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2012/11/08 20:01:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2012/11/08 20:01:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2012/11/08 20:01:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2012/11/08 20:01:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2012/11/08 20:01:24 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2012/11/08 20:01:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2012/11/08 20:01:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2012/11/08 20:01:23 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2012/11/08 20:01:23 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2012/11/08 20:01:23 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2012/11/08 20:01:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2012/11/08 20:01:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2012/11/08 20:01:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2012/11/08 20:01:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2012/11/08 20:01:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2012/11/08 20:01:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2012/11/08 20:01:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2012/11/08 20:01:22 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2012/11/08 20:01:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2012/11/08 20:01:22 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2012/11/08 20:01:22 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2012/11/08 20:01:22 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2012/11/08 20:01:22 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2012/11/08 20:01:22 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2012/11/08 20:01:22 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2012/11/08 20:01:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2012/11/08 20:01:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2012/11/08 20:01:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2012/11/08 20:01:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2012/11/08 20:01:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2012/11/08 20:01:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2012/11/08 20:01:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2012/11/08 20:01:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2012/11/08 20:01:20 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2012/11/08 20:01:20 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2012/11/08 20:01:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012/11/08 20:01:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012/11/08 20:01:19 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2012/11/08 20:01:19 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2012/11/08 20:01:19 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2012/11/08 20:01:19 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2012/11/08 20:01:19 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012/11/08 20:01:19 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/11/08 20:01:19 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2012/11/08 20:01:19 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2012/11/08 20:01:19 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2012/11/08 20:01:19 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2012/11/08 20:01:19 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2012/11/08 20:01:19 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2012/11/08 20:01:19 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2012/11/08 20:01:19 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2012/11/08 20:01:19 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2012/11/08 20:01:19 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2012/11/08 20:01:18 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2012/11/08 20:01:18 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2012/11/08 20:01:18 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2012/11/08 20:01:18 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2012/11/08 20:01:18 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2012/11/08 20:01:18 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2012/11/08 20:01:18 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2012/11/08 20:01:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2012/11/08 20:01:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2012/11/08 20:01:18 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2012/11/08 20:01:18 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2012/11/08 20:01:18 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2012/11/08 20:01:18 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2012/11/08 20:01:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2012/11/08 20:01:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2012/11/08 20:01:18 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2012/11/08 20:01:18 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2012/11/08 20:01:18 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2012/11/08 20:01:18 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2012/11/08 20:01:18 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2012/11/08 20:01:18 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2012/11/08 20:01:18 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2012/11/08 20:01:18 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2012/11/08 20:01:17 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2012/11/08 20:01:17 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2012/11/08 20:01:17 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2012/11/08 20:01:17 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2012/11/08 20:01:17 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2012/11/08 20:01:17 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2012/11/08 20:01:17 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2012/11/08 20:01:17 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2012/11/08 20:01:17 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2012/11/08 20:01:17 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2012/11/08 20:01:17 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2012/11/08 20:01:17 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2012/11/08 20:01:16 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2012/11/08 20:01:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2012/11/08 20:01:16 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2012/11/08 20:01:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2012/11/08 20:01:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2012/11/08 20:01:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2012/11/08 20:01:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2012/11/08 20:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2012/11/08 20:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2012/11/08 20:00:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012/11/08 20:00:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012/11/08 20:00:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012/11/08 20:00:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2012/11/08 20:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012/11/08 19:55:45 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012/11/08 19:55:45 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012/11/08 19:55:45 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012/11/08 19:55:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012/11/08 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2012/11/08 19:35:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dnevna\Application Data\MSN6
[2012/11/08 19:35:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2012/11/08 19:33:23 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012/11/08 19:33:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dnevna\Application Data\Identities
[2012/11/08 19:33:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012/11/08 19:33:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\dnevna\My Documents\My Pictures
[2012/11/08 19:33:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\dnevna\My Documents\My Music
[2012/11/08 19:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dnevna\Local Settings\Application Data\Microsoft
[2012/11/08 19:33:10 | 000,000,000 | --SD | C] -- C:\Documents and Settings\dnevna\Application Data\Microsoft
[2012/11/08 19:33:10 | 000,000,000 | --SD | C] -- C:\Documents and Settings\dnevna\Cookies
[2012/11/08 19:33:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\dnevna\SendTo
[2012/11/08 19:33:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\dnevna\Recent
[2012/11/08 19:33:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\dnevna\Application Data
[2012/11/08 19:33:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\dnevna\Start Menu\Programs\Startup
[2012/11/08 19:33:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\dnevna\Start Menu
[2012/11/08 19:33:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\dnevna\My Documents
[2012/11/08 19:33:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\dnevna\Favorites
[2012/11/08 19:33:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\dnevna\Start Menu\Programs\Accessories
[2012/11/08 19:33:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\dnevna\Templates
[2012/11/08 19:33:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\dnevna\PrintHood
[2012/11/08 19:33:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\dnevna\NetHood
[2012/11/08 19:33:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\dnevna\Local Settings
[2012/11/08 19:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dnevna\Desktop
[2012/11/08 19:30:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/11/08 19:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2012/11/08 19:30:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2012/11/08 19:30:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2012/11/08 19:30:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2012/11/08 19:28:49 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2012/11/08 19:28:49 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2012/11/08 19:28:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2012/11/08 19:28:48 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2012/11/08 19:28:48 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2012/11/08 19:28:47 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2012/11/08 19:28:46 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/11/08 19:28:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/11/08 19:28:45 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2012/11/08 19:28:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2012/11/08 19:28:44 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/11/08 19:28:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2012/11/08 19:28:44 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2012/11/08 19:28:43 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2012/11/08 19:28:43 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2012/11/08 19:28:41 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2012/11/08 19:28:41 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2012/11/08 19:28:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/11/08 19:28:39 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/11/08 19:28:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2012/11/08 19:28:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/11/08 19:28:38 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/11/08 19:28:38 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/11/08 19:28:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/11/08 19:28:37 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/11/08 19:28:37 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/11/08 19:28:37 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/11/08 19:28:35 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2012/11/08 19:28:34 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/11/08 19:28:33 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/11/08 19:28:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/11/08 19:28:31 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/11/08 19:28:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/11/08 19:28:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2012/11/08 19:28:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/11/08 19:28:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/11/08 19:28:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/11/08 19:28:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/11/08 19:28:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/11/08 19:28:28 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/11/08 19:28:28 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/11/08 19:28:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/11/08 19:28:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/11/08 19:28:28 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/11/08 19:28:28 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/11/08 19:28:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/11/08 19:28:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/11/08 19:28:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/11/08 19:28:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/11/08 19:28:27 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/11/08 19:28:27 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/11/08 19:28:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/11/08 19:28:23 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2012/11/08 19:28:23 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/11/08 19:28:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/11/08 19:28:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/11/08 19:28:22 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/11/08 19:28:22 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2012/11/08 19:28:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/11/08 19:28:20 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2012/11/08 19:28:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/11/08 19:28:19 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/11/08 19:28:18 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2012/11/08 19:28:18 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/11/08 19:28:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/11/08 19:28:16 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/11/08 19:28:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/11/08 19:28:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/11/08 19:28:15 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/11/08 19:28:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/11/08 19:28:14 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/11/08 19:28:14 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2012/11/08 19:28:14 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/11/08 19:28:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2012/11/08 19:28:13 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2012/11/08 19:28:12 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/11/08 19:28:12 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2012/11/08 19:28:12 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2012/11/08 19:28:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/11/08 19:28:10 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/11/08 19:28:08 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2012/11/08 19:28:06 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/11/08 19:28:06 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/11/08 19:28:02 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/11/08 19:28:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/11/08 19:27:56 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/11/08 19:27:56 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/11/08 19:27:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2012/11/08 19:27:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/11/08 19:27:54 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2012/11/08 19:27:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/11/08 19:27:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/11/08 19:27:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/11/08 19:27:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/11/08 19:27:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/11/08 19:27:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/11/08 19:27:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/11/08 19:27:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/11/08 19:27:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/11/08 19:27:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/11/08 19:27:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/11/08 19:27:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/11/08 19:27:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/11/08 19:27:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/11/08 19:27:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/11/08 19:27:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/11/08 19:27:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/11/08 19:27:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/11/08 19:27:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/11/08 19:27:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/11/08 19:27:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/11/08 19:27:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/11/08 19:27:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/11/08 19:27:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/11/08 19:27:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/11/08 19:27:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/11/08 19:27:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/11/08 19:27:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/11/08 19:27:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/11/08 19:27:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/11/08 19:27:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/11/08 19:27:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/11/08 19:27:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/11/08 19:27:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/11/08 19:27:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012/11/08 19:27:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012/11/08 19:27:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012/11/08 19:27:42 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/11/08 19:27:42 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2012/11/08 19:27:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2012/11/08 19:27:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2012/11/08 19:27:40 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2012/11/08 19:27:39 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/11/08 19:27:39 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2012/11/08 19:27:39 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2012/11/08 19:27:38 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/11/08 19:27:38 | 000,270,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2012/11/08 19:27:38 | 000,241,719 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2012/11/08 19:27:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/11/08 19:27:38 | 000,053,301 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/11/08 19:27:37 | 000,315,449 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/11/08 19:27:37 | 000,217,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/11/08 19:27:37 | 000,163,897 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/11/08 19:27:37 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/11/08 19:27:36 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/11/08 19:27:36 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/11/08 19:27:36 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/11/08 19:27:36 | 000,065,590 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/11/08 19:27:35 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2012/11/08 19:27:35 | 000,319,551 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/11/08 19:27:35 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/11/08 19:27:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/11/08 19:27:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/11/08 19:27:34 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/11/08 19:27:34 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2012/11/08 19:27:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2012/11/08 19:27:34 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2012/11/08 19:27:33 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2012/11/08 19:27:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2012/11/08 19:27:28 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/11/08 19:27:16 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/11/08 19:27:14 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/11/08 19:27:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/11/08 19:27:12 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/11/08 19:27:10 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/11/08 19:27:10 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/11/08 19:27:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2012/11/08 19:27:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/11/08 19:27:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/11/08 19:27:07 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/11/08 19:27:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/11/08 19:27:06 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/11/08 19:27:06 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/11/08 19:27:05 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/11/08 19:27:05 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/11/08 19:27:04 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2012/11/08 19:27:00 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2012/11/08 19:26:59 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/11/08 19:26:58 | 000,065,591 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2012/11/08 19:26:58 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2012/11/08 19:26:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2012/11/08 19:26:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2012/11/08 19:26:55 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/11/08 19:26:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/11/08 19:26:54 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012/11/08 19:26:54 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/11/08 19:26:54 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/11/08 19:26:53 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/11/08 19:26:52 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/11/08 19:26:52 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/11/08 19:26:52 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/11/08 19:26:52 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/11/08 19:26:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/11/08 19:26:51 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2012/11/08 19:26:50 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/11/08 19:26:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/11/08 19:26:50 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/11/08 19:26:49 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/11/08 19:26:49 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2012/11/08 19:26:48 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2012/11/08 19:26:47 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2012/11/08 19:26:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2012/11/08 19:26:46 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2012/11/08 19:26:46 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/11/08 19:26:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2012/11/08 19:26:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2012/11/08 19:26:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2012/11/08 19:26:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012/11/08 19:26:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2012/11/08 19:26:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012/11/08 19:26:44 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2012/11/08 19:26:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2012/11/08 19:26:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/11/08 19:26:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2012/11/08 19:26:39 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2012/11/08 19:26:38 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2012/11/08 19:26:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2012/11/08 19:26:32 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2012/11/08 19:26:31 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2012/11/08 19:26:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2012/11/08 19:26:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2012/11/08 19:26:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012/11/08 19:26:25 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2012/11/08 19:26:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012/11/08 19:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012/11/08 19:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012/11/08 19:25:49 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2012/11/08 19:25:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012/11/08 19:24:52 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012/11/08 19:24:51 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012/11/08 19:24:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012/11/08 19:23:47 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2012/11/08 19:23:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2012/11/08 19:23:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2012/11/08 19:23:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2012/11/08 19:23:44 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2012/11/08 19:23:44 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2012/11/08 19:23:44 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2012/11/08 19:23:44 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2012/11/08 19:23:43 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2012/11/08 19:23:43 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2012/11/08 19:23:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2012/11/08 19:23:35 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2012/11/08 19:23:34 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2012/11/08 19:23:33 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2012/11/08 19:23:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2012/11/08 19:23:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2012/11/08 19:23:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2012/11/08 19:23:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2012/11/08 19:23:32 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2012/11/08 19:23:32 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2012/11/08 19:23:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012/11/08 19:23:30 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2012/11/08 19:23:27 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012/11/08 19:23:26 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2012/11/08 19:23:26 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2012/11/08 19:23:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2012/11/08 19:23:26 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2012/11/08 19:23:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2012/11/08 19:23:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2012/11/08 19:23:25 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2012/11/08 19:23:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2012/11/08 19:23:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2012/11/08 19:23:24 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2012/11/08 19:23:24 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012/11/08 19:23:24 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2012/11/08 19:23:23 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2012/11/08 19:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012/11/08 19:23:21 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2012/11/08 19:23:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012/11/08 19:23:18 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2012/11/08 19:23:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012/11/08 19:23:17 | 000,319,542 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2012/11/08 19:23:17 | 000,163,897 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2012/11/08 19:23:17 | 000,110,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2012/11/08 19:23:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2012/11/08 19:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012/11/08 19:23:12 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2012/11/08 19:23:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012/11/08 19:23:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2012/11/08 19:23:11 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2012/11/08 19:23:11 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2012/11/08 19:23:10 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2012/11/08 19:23:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2012/11/08 19:23:08 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2012/11/08 19:23:08 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2012/11/08 19:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012/11/08 19:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012/11/08 19:23:05 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2012/11/08 19:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012/11/08 19:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012/11/08 19:22:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2012/11/08 19:22:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/11/08 19:22:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2012/11/08 19:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012/11/08 19:22:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2012/11/08 19:22:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012/11/08 19:22:12 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012/11/08 19:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012/11/08 19:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2012/11/08 19:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012/11/08 19:22:04 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2012/11/08 19:22:04 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2012/11/08 19:22:04 | 000,049,745 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2012/11/08 19:22:03 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2012/11/08 19:22:03 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2012/11/08 19:22:03 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2012/11/08 19:22:03 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2012/11/08 19:22:03 | 000,049,743 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2012/11/08 19:22:03 | 000,049,742 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2012/11/08 19:22:03 | 000,049,741 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2012/11/08 19:22:03 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2012/11/08 19:22:03 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2012/11/08 19:22:02 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2012/11/08 19:22:02 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2012/11/08 19:22:02 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2012/11/08 19:22:02 | 000,049,741 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2012/11/08 19:22:02 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2012/11/08 19:22:02 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2012/11/08 19:22:02 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2012/11/08 19:22:02 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2012/11/08 19:22:01 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2012/11/08 19:22:01 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2012/11/08 19:22:01 | 000,044,105 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2012/11/08 19:22:01 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2012/11/08 19:22:01 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2012/11/08 19:22:01 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2012/11/08 19:22:01 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012/11/08 19:21:50 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2012/11/08 19:21:50 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2012/11/08 19:21:50 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2012/11/08 19:21:50 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2012/11/08 19:21:49 | 000,345,088 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2012/11/08 19:21:49 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2012/11/08 19:21:49 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2012/11/08 19:21:49 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2012/11/08 19:21:49 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2012/11/08 19:21:49 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2012/11/08 19:21:49 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2012/11/08 19:21:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2012/11/08 19:21:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2012/11/08 19:21:49 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2012/11/08 19:21:48 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2012/11/08 19:21:48 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2012/11/08 19:21:40 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2012/11/08 19:21:40 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2012/11/08 19:21:40 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2012/11/08 19:21:40 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2012/11/08 19:21:40 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2012/11/08 19:21:40 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2012/11/08 19:21:39 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2012/11/08 19:21:39 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2012/11/08 19:21:39 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2012/11/08 19:21:39 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2012/11/08 19:21:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2012/11/08 19:21:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2012/11/08 19:21:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2012/11/08 19:21:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2012/11/08 19:21:38 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2012/11/08 19:21:38 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2012/11/08 19:21:38 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2012/11/08 19:21:38 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2012/11/08 19:21:38 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2012/11/08 19:21:38 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2012/11/08 19:21:38 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2012/11/08 19:21:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2012/11/08 19:21:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2012/11/08 19:21:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2012/11/08 19:21:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2012/11/08 19:21:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2012/11/08 19:21:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2012/11/08 19:21:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2012/11/08 19:21:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2012/11/08 19:21:37 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2012/11/08 19:21:37 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2012/11/08 19:21:37 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2012/11/08 19:21:37 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2012/11/08 19:21:37 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2012/11/08 19:21:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2012/11/08 19:21:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2012/11/08 19:21:37 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2012/11/08 19:21:37 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2012/11/08 19:21:37 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2012/11/08 19:21:37 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2012/11/08 19:21:37 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2012/11/08 19:21:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2012/11/08 19:21:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2012/11/08 19:21:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2012/11/08 19:21:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2012/11/08 19:21:36 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2012/11/08 19:21:36 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2012/11/08 19:21:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2012/11/08 19:21:35 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2012/11/08 19:21:35 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2012/11/08 19:21:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2012/11/08 19:21:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2012/11/08 19:21:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2012/11/08 19:21:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2012/11/08 19:21:34 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2012/11/08 19:21:34 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2012/11/08 19:21:34 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2012/11/08 19:21:34 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2012/11/08 19:21:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2012/11/08 19:21:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2012/11/08 19:21:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2012/11/08 19:21:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2012/11/08 19:21:34 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2012/11/08 19:21:34 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2012/11/08 19:21:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2012/11/08 19:21:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2012/11/08 19:21:33 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2012/11/08 19:21:33 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2012/11/08 19:21:33 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2012/11/08 19:21:33 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2012/11/08 19:21:28 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2012/11/08 19:21:28 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2012/11/08 19:21:28 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2012/11/08 19:21:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2012/11/08 19:21:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2012/11/08 19:21:27 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2012/11/08 19:21:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2012/11/08 19:21:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2012/11/08 19:21:26 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2012/11/08 19:21:26 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2012/11/08 19:21:26 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2012/11/08 19:21:26 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2012/11/08 19:21:26 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2012/11/08 19:21:25 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2012/11/08 19:21:25 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2012/11/08 19:21:24 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2012/11/08 19:21:24 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2012/11/08 19:21:24 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2012/11/08 19:21:24 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2012/11/08 19:21:18 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2012/11/08 19:21:18 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2012/11/08 19:21:18 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2012/11/08 19:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012/11/08 19:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2012/11/08 19:21:17 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2012/11/08 19:21:16 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2012/11/08 19:21:16 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2012/11/08 19:21:16 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2012/11/08 19:21:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2012/11/08 19:21:15 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2012/11/08 19:21:15 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2012/11/08 19:21:15 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2012/11/08 19:21:15 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2012/11/08 19:21:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2012/11/08 19:21:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012/11/08 19:21:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012/11/08 19:21:07 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2012/11/08 19:21:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/11/08 19:20:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/10 18:43:40 | 000,609,792 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dnevna\Desktop\OTL.exe
[2012/11/10 18:00:36 | 000,094,559 | ---- | M] () -- C:\Documents and Settings\dnevna\Desktop\untitled 1.JPG
[2012/11/10 12:39:52 | 000,096,937 | ---- | M] () -- C:\Documents and Settings\dnevna\Desktop\untitled.JPG
[2012/11/10 12:34:41 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\dnevna\Desktop\untitled.bmp
[2012/11/10 12:14:04 | 000,312,832 | ---- | M] () -- C:\Documents and Settings\dnevna\Desktop\jrrnww8m.exe
[2012/11/10 12:10:18 | 000,688,901 | R--- | M] (Swearware) -- C:\Documents and Settings\dnevna\Desktop\dds.scr
[2012/11/10 07:43:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/11/09 18:47:57 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/11/09 18:47:57 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/11/09 18:46:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/11/09 18:46:33 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\dnevna\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/09 18:46:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/11/09 18:45:26 | 000,186,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/11/09 18:44:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/11/09 18:36:45 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012/11/09 17:52:10 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2012/11/09 17:52:10 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2012/11/09 17:36:49 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012/11/08 21:04:14 | 000,024,064 | ---- | M] () -- C:\WINDOWS\System32\gdsjmrdb.exe
[2012/11/08 21:04:14 | 000,024,064 | ---- | M] () -- C:\WINDOWS\System32\ftpupd.exe
[2012/11/08 19:33:28 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\dnevna\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/11/08 19:33:22 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\dnevna\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/11/08 19:33:21 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2012/11/08 19:29:47 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012/11/08 19:29:00 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/11/08 19:25:58 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/11/08 19:25:58 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/11/08 19:25:58 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/11/08 19:25:58 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012/11/08 19:25:58 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/11/08 19:25:56 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/11/08 19:25:56 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/11/08 19:25:55 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2012/11/08 19:25:49 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/11/08 19:22:30 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/10 18:00:35 | 000,094,559 | ---- | C] () -- C:\Documents and Settings\dnevna\Desktop\untitled 1.JPG
[2012/11/10 12:39:52 | 000,096,937 | ---- | C] () -- C:\Documents and Settings\dnevna\Desktop\untitled.JPG
[2012/11/10 12:34:40 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\dnevna\Desktop\untitled.bmp
[2012/11/10 12:14:03 | 000,312,832 | ---- | C] () -- C:\Documents and Settings\dnevna\Desktop\jrrnww8m.exe
[2012/11/09 18:36:30 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012/11/09 18:35:25 | 000,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2012/11/09 18:35:25 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2012/11/09 18:35:25 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax
[2012/11/09 18:35:20 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2012/11/09 18:35:19 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012/11/09 18:35:18 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012/11/09 18:34:55 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2012/11/09 18:34:54 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2012/11/09 17:36:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/11/08 21:04:15 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\gdsjmrdb.exe
[2012/11/08 21:04:12 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\ftpupd.exe
[2012/11/08 20:01:42 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/11/08 20:01:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/11/08 20:01:36 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012/11/08 20:01:36 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012/11/08 20:01:35 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012/11/08 20:01:35 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012/11/08 20:01:16 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/11/08 20:01:07 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/11/08 20:01:07 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/11/08 20:01:07 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/11/08 20:01:07 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/11/08 20:01:07 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/11/08 20:01:07 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/11/08 20:00:29 | 000,186,608 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/11/08 19:59:39 | 000,000,211 | RHS- | C] () -- C:\boot.ini
[2012/11/08 19:59:37 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/11/08 19:33:28 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\dnevna\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/11/08 19:33:20 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\dnevna\Start Menu\Programs\Outlook Express.lnk
[2012/11/08 19:33:18 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\dnevna\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/11/08 19:33:15 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\dnevna\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/08 19:33:15 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\dnevna\Start Menu\Programs\Internet Explorer.lnk
[2012/11/08 19:33:10 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\dnevna\Start Menu\Programs\Remote Assistance.lnk
[2012/11/08 19:33:10 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\dnevna\Start Menu\Programs\Windows Media Player.lnk
[2012/11/08 19:29:47 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012/11/08 19:29:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/11/08 19:28:14 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/11/08 19:27:52 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/11/08 19:27:39 | 000,074,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/11/08 19:27:37 | 000,213,381 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/11/08 19:27:34 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/11/08 19:27:22 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/11/08 19:27:14 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/11/08 19:26:54 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/11/08 19:25:58 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/11/08 19:25:58 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/11/08 19:25:58 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/11/08 19:25:58 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012/11/08 19:25:58 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012/11/08 19:25:56 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2012/11/08 19:25:56 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/11/08 19:25:56 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/11/08 19:25:55 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2012/11/08 19:24:29 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012/11/08 19:23:41 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012/11/08 19:23:41 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012/11/08 19:23:35 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012/11/08 19:22:34 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/11/08 19:22:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/11/08 19:22:12 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN Explorer.lnk
[2012/11/08 19:21:42 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2012/11/08 19:21:42 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2012/11/08 19:21:42 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2012/11/08 19:21:42 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2012/11/08 19:21:42 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2012/11/08 19:21:42 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2012/11/08 19:21:42 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2012/11/08 19:21:42 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2012/11/08 19:21:42 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2012/11/08 19:21:41 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2012/11/08 19:21:41 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2012/11/08 19:21:38 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012/11/08 19:21:38 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012/11/08 19:21:36 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012/11/08 19:21:24 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004/08/04 00:56:46 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2004/08/04 00:56:44 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004/08/04 00:56:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Dopuna: 10 Nov 2012 18:56

Pojavila su se još 2 .txt dokumanta na desktopu, jedan nosi naziv extras, a drugi attach. Da prikačim i njih?

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:

:Files
C:\WINDOWS\system32\slbpp.dll
C:\WINDOWS\System32\ftpupd.exe

:services
tnlaui

:OTL
O4 - HKLM..\Run: [Cryptographic Service] C:\WINDOWS\system32\gdsjmrdb.exe ()

:commands
[CREATERESTOREPOINT]
[emptytemp]


Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.


Korak 2


Preuzmi Novi Combofix na desktop i ponovo ga pokreni

Prilozi log u sledecoj poruci.

offline
  • Pridružio: 22 Feb 2010
  • Poruke: 22

Napisano: 10 Nov 2012 20:56

OTL odrađen. Na kraju je tražio restart, po ponovnom dizanju sistema je izašao log. Sada mi je bukvalno trebalo 2 sata da prikačim log na forum. Užasno sporo učitava strane.


All processes killed
========== FILES ==========
File move failed. C:\WINDOWS\system32\slbpp.dll scheduled to be moved on reboot.
C:\WINDOWS\System32\ftpupd.exe moved successfully.
========== SERVICES/DRIVERS ==========
Service tnlaui stopped successfully!
Service tnlaui deleted successfully!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Cryptographic Service deleted successfully.
C:\WINDOWS\system32\gdsjmrdb.exe moved successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: dnevna
->Temp folder emptied: 14064686 bytes
->Temporary Internet Files folder emptied: 53301701 bytes
->Flash cache emptied: 1427 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1119318 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 222375 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 66.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11102012_193327

Files\Folders moved on Reboot...
C:\WINDOWS\system32\slbpp.dll moved successfully.
C:\Documents and Settings\dnevna\Local Settings\Temporary Internet Files\Content.IE5\S9Q7G1QB\2[1].htm moved successfully.
C:\Documents and Settings\dnevna\Local Settings\Temporary Internet Files\Content.IE5\492F81U3\likebox[1].php moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Dopuna: 10 Nov 2012 20:59

Sa Combofixom ista priča, iskače error i nestaje ikonica.


Dopuna: 10 Nov 2012 21:01

Kada si napisao Novi Combofix mislio si na stari link ili ?
Ja sam ga skinuo sa starog linka.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi program SystemLook sa ovog ili ovog linka na Desktop;

Dvoklikom pokreni SystemLook;


- U beli okvir prozora iskopirati sledeći tekst:

:file
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\drivers\rtl8139.sys


Klikni taster Look;


Po završetku rada programa priloži uz poruku file SystemLook.txt koji će se nalaziti na Desktop-u korišćenjem opcije Prikači Fajl.

offline
  • Pridružio: 22 Feb 2010
  • Poruke: 22

Evo
mycity.rs/must-login.png

SystemLook 30.07.11 by jpshortstuff
Log created at 00:21 on 11/11/2012 by dnevna
Administrator - Elevation successful

========== file ==========

C:\WINDOWS\explorer.exe - File found and opened.
MD5: 16A9770558D3104DA7F2B0F2CC0FD95A
Created at 01:41 on 29/08/2002
Modified at 23:56 on 03/08/2004
Size: 1039360 bytes
Attributes: --a----
FileDescription: Windows Explorer
FileVersion: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion: 6.00.2900.2180
OriginalFilename: EXPLORER.EXE
InternalName: explorer
ProductName: Microsoft® Windows® Operating System
CompanyName: Microsoft Corporation
LegalCopyright: © Microsoft Corporation. All rights reserved.

C:\WINDOWS\system32\userinit.exe - File found and opened.
MD5: 7DFB52D2D1434915BEDC130FC8DA7F02
Created at 01:41 on 29/08/2002
Modified at 23:56 on 03/08/2004
Size: 31744 bytes
Attributes: --a----
FileDescription: Userinit Logon Application
FileVersion: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion: 5.1.2600.2180
OriginalFilename: USERINIT.EXE
InternalName: userinit
ProductName: Microsoft® Windows® Operating System
CompanyName: Microsoft Corporation
LegalCopyright: © Microsoft Corporation. All rights reserved.

C:\WINDOWS\system32\drivers\rtl8139.sys - File found and opened.
MD5: D507C1400284176573224903819FFDA3
Created at 19:02 on 08/11/2012
Modified at 21:31 on 03/08/2004
Size: 20992 bytes
Attributes: --a----
FileDescription: Realtek RTL8139 NDIS 5.0 Driver
FileVersion: 5.398.613.2003 built by: WinDDK
ProductVersion: 5.398.613.2003
OriginalFilename: RTL8139.SYS
InternalName: RTL8139.SYS
ProductName: Realtek RTL8139 Family Fast Ethernet Adapter
CompanyName: Realtek Semiconductor Corporation
LegalCopyright: Copyright (C) 1994-2003 Realtek Semiconductor Corporation

-= EOF =-

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Napisano: 11 Nov 2012 9:55

Molim te da ispratis moja uputstva do kraja, jer ako je ono na sta sumnjam, samim formatiranjem i podizanjem sistema neces uraditi nista.
Budi malo strpljiv.

Zapakuj u rar i poslaji mi sledeci folder

C:\_OTL\MovedFiles

Preko ovog linka
http://www.mycity.rs/ambulanta-upload.php

Obavesti me kada to uradis.

Dopuna: 11 Nov 2012 11:21

Dodatak.

Takodje mi posalji na upload ova dva fajla preko istog linka.

C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\userinit.exe


Preuzmi svezu kopiju Combofixa sa istog linka i probaj da ga pokrenes iz Safe Mode.

Kako ući u SAFE MODE

Ko je trenutno na forumu
 

Ukupno su 1145 korisnika na forumu :: 50 registrovanih, 9 sakrivenih i 1086 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, A.R.Chafee.Jr., babaroga, Bobrock1, bojankrstc, Brana01, cifra, dankisha, DENIRO, Dimitrije Paunovic, Dimitrise93, Doca, doktor1964, DonRumataEstorski, Duh sa sekirom, Dukelander, Fabius, Georgius, hooraay, hyla, ILGromovnik, kinez88, kobaja77, krkalon, Kure126-7, KUZMAR, Kvazar, kybonacci, Metanoja, milenko crazy north, MiroslavD, mkukoleca, Motocar, nemkea71, panzerwaffe, pein, raketaš, raptorsi, sabros, Sančo, sap, Sir Budimir, slonic_tonic, Smajser, srbijaiznadsvega, stalja, suton, tmanda323, voja64, Zi0mek