virus resource hog-Need help with removing it

[w619]

  I went to a bad website that tried to infect my system but my antivirus blocked it in time. As avast tried to block it my system froze. I restarted my system and every thing seem to be fine at first but i noticed my cpu usage was at 50%. I opened up task manager and saw svchost.exe running at a consatnt 50% and also noticed a new application monsxw32.exe running. I ran avast,spybott, and malware bytes but it did not notice anything. Also each time I restart my computer svchost.exe will still run at 50%.  I need help, here are my logs.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:38:37 AM, on 4/7/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - Startup: monsxw32.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 4600 bytes





SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/07/2010 at 02:02 AM

Application Version : 4.35.1002

Core Rules Database Version : 4777
Trace Rules Database Version: 2589

Scan type       : Complete Scan
Total Scan Time : 01:17:38

Memory items scanned      : 418
Memory threats detected   : 0
Registry items scanned    : 5046
Registry threats detected : 0
File items scanned        : 108235
File threats detected     : 10

Adware.Tracking Cookie
   C:\Documents and Settings\chris\Cookies\chris@collective-media[1].txt
   C:\Documents and Settings\chris\Cookies\[email protected][2].txt
   C:\Documents and Settings\chris\Cookies\chris@xiti[1].txt
   C:\Documents and Settings\chris\Cookies\[email protected][1].txt
   C:\Documents and Settings\chris\Cookies\[email protected][2].txt
   C:\Documents and Settings\chris\Cookies\[email protected][1].txt
   C:\Documents and Settings\chris\Cookies\chris@smartadserver[2].txt
   C:\Documents and Settings\chris\Cookies\chris@atdmt[1].txt
   C:\Documents and Settings\chris\Cookies\chris@advertising[2].txt
   C:\Documents and Settings\chris\Cookies\chris@doubleclick[1].txt


Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 3966

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4/7/2010 12:40:36 PM
mbam-log-2010-04-07 (12-40-36).txt

Scan type: Full scan (C:\|)
Objects scanned: 219055
Time elapsed: 56 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[w619]

  Its definitely monsxw32.exe I found a way to turn it off through msconfig and my cpu usage went to 0%. I know the virus is still there so I  still need help of its removal.

[Dr Jay]

Please visit this webpage for a tutorial on downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

See the area: Using ComboFix, and when done, post the log back here.

[w619]

ComboFix 10-04-07.04 - chris 04/08/2010  10:26:07.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3327.2709 [GMT -7:00]
Running from: c:\documents and settings\chris\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe

.
(((((((((((((((((((((((((   Files Created from 2010-03-08 to 2010-04-08  )))))))))))))))))))))))))))))))
.

2010-04-07 19:32 . 2010-04-07 19:32   503808   ----a-w-   c:\documents and settings\chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-190dc003-n\msvcp71.dll
2010-04-07 19:32 . 2010-04-07 19:32   499712   ----a-w-   c:\documents and settings\chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-190dc003-n\jmc.dll
2010-04-07 19:32 . 2010-04-07 19:32   12800   ----a-w-   c:\documents and settings\chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1ab3dd59-n\decora-d3d.dll
2010-04-07 19:32 . 2010-04-07 19:32   61440   ----a-w-   c:\documents and settings\chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1ab3dd59-n\decora-sse.dll
2010-04-07 19:32 . 2010-04-07 19:32   348160   ----a-w-   c:\documents and settings\chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-190dc003-n\msvcr71.dll
2010-04-07 07:35 . 2010-04-07 07:35   --------   d-----w-   c:\program files\Trend Micro
2010-04-07 05:24 . 2010-04-07 05:24   52224   ----a-w-   c:\documents and settings\chris\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-07 05:24 . 2010-04-08 15:13   117760   ----a-w-   c:\documents and settings\chris\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-07 05:24 . 2010-04-07 05:24   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-04-07 05:24 . 2010-04-07 05:24   --------   d-----w-   c:\program files\SUPERAntiSpyware
2010-04-07 05:24 . 2010-04-07 05:24   --------   d-----w-   c:\documents and settings\chris\Application Data\SUPERAntiSpyware.com
2010-04-07 05:16 . 2010-04-07 05:16   --------   d-----w-   c:\program files\CCleaner
2010-04-07 05:13 . 2010-04-07 05:13   --------   d-----w-   c:\program files\Common Files\Java
2010-04-07 05:13 . 2010-04-07 05:13   --------   d-----w-   c:\program files\Sun
2010-04-07 05:09 . 2010-04-07 05:12   --------   d-----w-   c:\program files\Java
2010-04-07 04:40 . 2010-04-07 04:40   --------   d-----w-   c:\documents and settings\chris\Local Settings\Application Data\Deployment
2010-04-07 03:19 . 2010-04-07 03:19   --------   d-----w-   c:\documents and settings\chris\Application Data\Malwarebytes
2010-04-07 03:19 . 2010-03-30 07:46   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-07 03:19 . 2010-04-07 03:19   --------   d-----w-   c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-07 03:19 . 2010-04-07 03:19   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-04-07 03:19 . 2010-03-30 07:45   20824   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-04-07 02:29 . 2008-04-14 07:10   34688   ----a-w-   c:\windows\system32\drivers\lbrtfdc.sys
2010-04-07 02:29 . 2008-04-14 07:11   8576   ----a-w-   c:\windows\system32\drivers\i2omgmt.sys
2010-04-07 02:29 . 2008-04-14 07:11   8192   -c--a-w-   c:\windows\system32\dllcache\changer.sys
2010-04-07 02:29 . 2008-04-14 07:11   8192   ----a-w-   c:\windows\system32\drivers\changer.sys
2010-04-07 02:28 . 2010-04-07 02:28   44032   ---ha-w-   c:\windows\system32\cisvecab.dll
2010-04-07 02:28 . 2010-04-07 02:28   --------   d-----w-   c:\windows\Sun
2010-04-05 14:08 . 2010-04-05 14:08   --------   d-----w-   c:\documents and settings\chris\Application Data\Lionhead Studios
2010-04-05 14:05 . 2010-04-05 14:05   --------   d-----w-   c:\program files\Lionhead Studios Ltd
2010-04-05 14:05 . 2010-04-05 14:05   --------   d-----w-   c:\documents and settings\All Users\Application Data\Lionhead Studios
2010-04-05 14:03 . 2010-04-05 14:03   --------   d-sh--w-   c:\windows\ftpcache
2010-04-05 14:02 . 2010-04-05 13:59   38784   ----a-w-   c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-05 14:02 . 2010-04-05 14:02   --------   d-----w-   c:\program files\Common Files\Adobe AIR
2010-04-05 10:52 . 2010-04-05 14:02   --------   d-----w-   c:\documents and settings\All Users\Application Data\Electronic Arts
2010-04-05 10:52 . 2010-04-05 10:52   --------   d-----w-   C:\ProgramData
2010-04-05 10:49 . 2008-09-04 20:11   447752   ----a-r-   c:\windows\system32\vp6vfw.dll
2010-04-05 10:49 . 2010-04-05 10:49   10134   ----a-r-   c:\documents and settings\chris\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2010-04-05 10:49 . 2010-04-05 10:49   --------   d-----w-   c:\program files\Microsoft WSE
2010-04-05 10:35 . 2010-04-05 10:49   --------   d-----w-   c:\program files\Electronic Arts
2010-04-05 05:57 . 2010-04-06 03:27   --------   d---a-w-   c:\documents and settings\All Users\Application Data\TEMP
2010-04-05 05:15 . 2010-04-05 05:15   --------   d-----w-   C:\GamepotUSA
2010-04-05 05:01 . 2010-04-05 05:01   56   ---ha-w-   c:\windows\system32\ezsidmv.dat
2010-04-05 05:01 . 2010-04-07 04:49   --------   d-----w-   c:\documents and settings\chris\Application Data\skypePM
2010-04-05 05:00 . 2010-04-07 06:00   --------   d-----w-   c:\documents and settings\chris\Application Data\Skype
2010-04-05 05:00 . 2010-04-05 05:00   --------   d-----w-   c:\program files\Common Files\Skype
2010-04-05 05:00 . 2010-04-05 05:00   --------   d-----r-   c:\program files\Skype
2010-04-05 05:00 . 2010-04-05 05:00   --------   d-----w-   c:\documents and settings\All Users\Application Data\Skype
2010-03-30 02:45 . 2010-03-30 02:45   --------   d-----w-   c:\documents and settings\chris\Local Settings\Application Data\PunkBuster
2010-03-30 02:45 . 2010-03-31 14:44   139128   ----a-w-   c:\windows\system32\drivers\pnkbstrk.sys
2010-03-30 02:45 . 2010-03-30 02:45   138056   ----a-w-   c:\documents and settings\chris\Application Data\PnkBstrK.sys
2010-03-30 02:45 . 2010-03-31 15:02   215128   ----a-w-   c:\windows\system32\PnkBstrB.exe
2010-03-30 02:45 . 2010-03-30 02:45   75064   ----a-w-   c:\windows\system32\PnkBstrA.exe
2010-03-30 02:45 . 2010-03-30 02:45   2434856   ----a-w-   c:\windows\system32\pbsvc_bc2.exe
2010-03-29 23:47 . 2010-04-07 04:25   --------   d-----w-   c:\program files\Spybot - Search & Destroy
2010-03-29 23:47 . 2010-04-07 04:25   --------   d-----w-   c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-03-27 02:43 . 2010-03-27 02:43   --------   d-----w-   c:\documents and settings\chris\Application Data\runic games
2010-03-19 22:24 . 2010-03-19 22:24   --------   d-----w-   c:\program files\Black Isle
2010-03-16 19:17 . 2010-03-16 19:17   --------   d-----w-   c:\program files\Common Files\BioWare

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-07 06:04 . 2010-02-20 16:44   --------   d-----w-   c:\program files\Steam
2010-04-07 05:23 . 2010-02-20 16:01   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
2010-04-07 05:12 . 2010-02-25 05:11   411368   ----a-w-   c:\windows\system32\deploytk.dll
2010-04-07 03:37 . 2010-04-07 03:37   --------   d-----w-   c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-04-07 03:32 . 2010-02-25 05:49   --------   d-----w-   c:\documents and settings\chris\Application Data\LimeWire
2010-04-07 02:46 . 2010-03-06 23:12   --------   d-----w-   c:\documents and settings\chris\Application Data\vlc
2010-04-07 02:29 . 2010-04-07 02:29   804864   ----a-w-   c:\windows\system32\drivers\trz3C.tmp
2010-04-07 02:28 . 2010-04-07 02:28   16   ----a-w-   c:\windows\system32\config\systemprofile\Application Data\gmzalr.dat
2010-04-05 14:08 . 2010-02-20 15:39   --------   d--h--w-   c:\program files\InstallShield Installation Information
2010-04-05 04:54 . 2010-03-07 20:57   --------   d-----w-   c:\documents and settings\All Users\Application Data\PMB Files
2010-04-03 00:34 . 2010-04-03 00:34   0   ---ha-w-   c:\windows\system32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2010-04-03 00:34 . 2010-04-03 00:34   0   ---ha-w-   c:\windows\system32\drivers\Msft_Kernel_WinUSB_01009.Wdf
2010-04-03 00:33 . 2010-04-03 00:33   0   ---ha-w-   c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-03-17 21:34 . 2010-02-26 12:39   --------   d-----w-   c:\documents and settings\chris\Application Data\BitTorrent
2010-03-14 04:28 . 2010-03-06 23:12   --------   d-----w-   c:\documents and settings\chris\Application Data\dvdcss
2010-03-09 11:24 . 2010-02-22 06:23   153184   ----a-w-   c:\windows\system32\aswBoot.exe
2010-03-09 11:12 . 2010-02-22 06:23   46672   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2010-03-09 11:12 . 2010-02-22 06:23   162640   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2010-03-09 11:09 . 2010-02-22 06:23   23376   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2010-03-09 11:08 . 2010-02-22 06:23   100432   ----a-w-   c:\windows\system32\drivers\aswmon2.sys
2010-03-09 11:08 . 2010-02-22 06:23   94800   ----a-w-   c:\windows\system32\drivers\aswmon.sys
2010-03-09 11:08 . 2010-02-22 06:23   19024   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2010-03-09 11:08 . 2010-02-22 06:23   28880   ----a-w-   c:\windows\system32\drivers\aavmker4.sys
2010-03-07 22:38 . 2010-03-07 20:05   --------   d-----w-   c:\program files\Turbine
2010-03-07 20:57 . 2010-03-07 20:57   --------   d-----w-   c:\program files\Pando Networks
2010-03-07 20:12 . 2010-03-07 20:12   128   ----a-w-   c:\documents and settings\chris\Local Settings\Application Data\fusioncache.dat
2010-03-07 20:05 . 2010-03-07 20:05   --------   d-----w-   c:\documents and settings\All Users\Application Data\Turbine
2010-03-07 14:57 . 2010-03-06 22:49   --------   d-----w-   c:\program files\DivX
2010-03-06 23:12 . 2010-03-06 23:12   --------   d-----w-   c:\program files\VideoLAN
2010-03-06 22:57 . 2010-03-06 22:57   --------   d-----w-   c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-03-06 22:57 . 2010-02-20 21:53   12328   ----a-w-   c:\documents and settings\chris\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-06 22:51 . 2010-03-06 22:50   --------   d-----w-   c:\documents and settings\chris\Application Data\DivX
2010-03-05 15:54 . 2010-03-05 15:54   --------   d-----w-   c:\program files\ASUS
2010-03-05 15:54 . 2010-02-20 15:38   --------   d-----w-   c:\program files\Common Files\InstallShield
2010-03-02 17:43 . 2010-03-02 17:43   --------   d-----w-   c:\documents and settings\All Users\Application Data\BioWare
2010-03-01 20:25 . 2010-03-01 20:25   --------   d-----w-   c:\documents and settings\All Users\Application Data\Tages
2010-03-01 20:25 . 2010-03-01 20:25   281760   ----a-w-   c:\windows\system32\drivers\atksgt.sys
2010-03-01 20:25 . 2010-03-01 20:25   25888   ----a-w-   c:\windows\system32\drivers\lirsgt.sys
2010-02-27 22:27 . 2010-02-27 22:27   --------   d-----w-   c:\program files\MSXML 4.0
2010-02-27 10:46 . 2010-02-27 10:46   --------   d-----w-   c:\program files\Windows Media Connect 2
2010-02-27 10:35 . 2010-02-27 10:34   --------   d-----w-   c:\program files\Zune
2010-02-27 10:35 . 2010-02-27 10:35   0   ---ha-w-   c:\windows\system32\drivers\Msft_Kernel_zumbus_01009.Wdf
2010-02-27 10:35 . 2010-02-27 10:35   0   ---ha-w-   c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-02-27 10:29 . 2010-02-27 10:29   --------   d-----w-   c:\program files\Common Files\LightScribe
2010-02-27 10:28 . 2010-02-27 10:28   --------   d-----w-   c:\documents and settings\chris\Application Data\Ahead
2010-02-27 10:28 . 2010-02-27 10:28   --------   d-----w-   c:\documents and settings\All Users\Application Data\Ahead
2010-02-27 10:27 . 2010-02-27 10:25   --------   d-----w-   c:\program files\Common Files\Ahead
2010-02-27 10:25 . 2010-02-27 10:25   --------   d-----w-   c:\documents and settings\All Users\Application Data\Nero
2010-02-27 10:25 . 2010-02-27 10:25   --------   d-----w-   c:\program files\Nero
2010-02-26 12:39 . 2010-02-26 12:39   --------   d-----w-   c:\program files\BitTorrent
2010-02-25 10:28 . 2010-02-25 05:11   --------   d-----w-   c:\program files\LimeWire
2010-02-25 06:24 . 2008-04-14 12:00   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-02-25 03:51 . 2010-02-25 03:51   --------   d-----w-   c:\program files\Common Files\Adobe
2010-02-24 07:04 . 2010-02-20 15:29   86327   ----a-w-   c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-22 11:59 . 2010-02-22 11:59   --------   d-----w-   c:\program files\MSBuild
2010-02-22 11:59 . 2010-02-22 11:59   --------   d-----w-   c:\program files\Reference Assemblies
2010-02-22 06:23 . 2010-02-22 06:23   --------   d-----w-   c:\program files\Alwil Software
2010-02-22 06:23 . 2010-02-22 06:23   --------   d-----w-   c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-21 03:26 . 2010-02-21 03:25   --------   d-----w-   c:\documents and settings\chris\Application Data\Ventrilo
2010-02-21 03:25 . 2010-02-21 03:25   --------   d-----w-   c:\program files\Ventrilo
2010-02-20 21:53 . 2010-02-20 21:53   --------   d-----w-   c:\documents and settings\chris\Application Data\Logitech
2010-02-20 21:53 . 2010-02-20 21:53   --------   d-----w-   c:\documents and settings\chris\Application Data\Leadertech
2010-02-20 21:53 . 2010-02-20 21:50   --------   d-----w-   c:\program files\Common Files\Logishrd
2010-02-20 21:52 . 2010-02-20 21:49   --------   d-----w-   c:\documents and settings\All Users\Application Data\LogiShrd
2010-02-20 21:52 . 2010-02-20 21:52   0   ---ha-w-   c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-02-20 21:52 . 2010-02-20 21:52   0   ---ha-w-   c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-02-20 21:52 . 2010-02-20 21:52   0   ---ha-w-   c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2010-02-20 21:52 . 2010-02-20 21:52   0   ---ha-w-   c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-02-20 21:50 . 2010-02-20 21:50   --------   d-----w-   c:\documents and settings\All Users\Application Data\Logitech
2010-02-20 21:50 . 2010-02-20 21:50   --------   d-----w-   c:\program files\Logitech
2010-02-20 19:43 . 2010-02-20 19:43   --------   d-----w-   c:\program files\Atari
2010-02-20 16:44 . 2010-02-20 16:44   15872   ----a-r-   c:\documents and settings\chris\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
2010-02-20 16:01 . 2010-02-20 16:01   --------   d-----w-   c:\program files\NVIDIA Corporation
2010-02-20 16:01 . 2010-02-20 16:01   --------   d-----w-   c:\program files\AGEIA Technologies
2010-02-20 16:01 . 2010-02-20 16:01   --------   d-----w-   c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-02-20 15:44 . 2010-02-20 15:44   --------   d-----w-   c:\program files\Realtek
2010-02-20 15:44 . 2010-02-20 15:44   --------   d-----w-   c:\documents and settings\chris\Application Data\InstallShield
2010-02-20 15:43 . 2010-02-20 15:43   --------   d-----w-   c:\program files\VIA
2010-02-20 15:30 . 2010-02-20 15:30   --------   d-----w-   c:\program files\microsoft frontpage
2010-02-20 15:27 . 2010-02-20 15:27   21640   ----a-w-   c:\windows\system32\emptyregdb.dat
2010-02-11 18:53 . 2010-02-22 06:23   38848   ----a-w-   c:\windows\system32\avastSS.scr
2010-01-12 05:17 . 2010-01-12 05:17   278120   ----a-w-   c:\windows\system32\nvmccs.dll
2010-01-12 05:17 . 2010-01-12 05:17   154216   ----a-w-   c:\windows\system32\nvsvc32.exe
2010-01-12 05:17 . 2010-01-12 05:17   145000   ----a-w-   c:\windows\system32\nvcolor.exe
2010-01-12 05:17 . 2010-01-12 05:17   13666408   ----a-w-   c:\windows\system32\nvcpl.dll
2010-01-12 05:17 . 2010-01-12 05:17   110696   ----a-w-   c:\windows\system32\nvmctray.dll
2010-01-12 05:17 . 2010-01-12 05:17   81920   ----a-w-   c:\windows\system32\nvwddi.dll
2010-01-12 04:03 . 2010-02-20 16:00   61440   ----a-w-   c:\windows\system32\OpenCL.dll
2010-01-12 04:03 . 2010-02-20 16:00   2259560   ----a-w-   c:\windows\system32\nvcuvid.dll
2010-01-12 04:03 . 2010-02-20 16:00   14458880   ----a-w-   c:\windows\system32\nvoglnt.dll
2010-01-12 04:03 . 2010-02-20 16:00   10276768   ----a-w-   c:\windows\system32\drivers\nv4_mini.sys
2010-01-12 04:03 . 2010-02-20 16:00   4104192   ----a-w-   c:\windows\system32\nvcuda.dll
2010-01-12 04:03 . 2010-02-20 16:00   4077672   ----a-w-   c:\windows\system32\nvcuvenc.dll
2010-01-12 04:03 . 2010-02-20 16:00   6359168   ----a-w-   c:\windows\system32\nv4_disp.dll
2010-01-12 04:03 . 2010-02-20 16:00   2283526   ----a-w-   c:\windows\system32\nvdata.bin
2010-01-12 04:03 . 2010-02-20 16:00   182888   ----a-w-   c:\windows\system32\nvcodins.dll
2010-01-12 04:03 . 2010-02-20 16:00   182888   ----a-w-   c:\windows\system32\nvcod.dll
2010-01-12 04:03 . 2010-02-20 16:00   11632640   ----a-w-   c:\windows\system32\nvcompiler.dll
2010-01-12 04:03 . 2010-02-20 16:00   1081344   ----a-w-   c:\windows\system32\nvapi.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-12 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-12 13666408]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 19:28   72208   ----a-w-   c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^chris^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\chris\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^chris^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\documents and settings\chris\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^chris^Start Menu^Programs^Startup^monsxw32.exe]
path=c:\documents and settings\chris\Start Menu\Programs\Startup\monsxw32.exe
backup=c:\windows\pss\monsxw32.exeStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 22:57   948672   ----a-r-   c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 08:57   35760   ----a-w-   c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-28 02:03   152872   ----a-w-   c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00   15360   ------w-   c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2008-08-15 03:13   30003200   ----a-r-   c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2007-06-25 15:47   1057064   ----a-w-   c:\program files\Nero\Nero 7\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55   55824   ----a-w-   c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-06-09 17:16   2363392   ----a-w-   c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-03-17 18:05   570664   ----a-w-   c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2010-03-07 20:57   2937528   ----a-w-   c:\program files\Pando Networks\Media Booster\PMB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
2007-06-25 15:47   1629480   ----a-w-   c:\program files\Nero\Nero 7\InCD\NBHGui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-03-09 17:02   26100520   ----a-r-   c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-02-20 16:44   1217872   ----a-w-   c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Turbine Download Manager Tray Icon]
2009-12-01 00:27   472568   ----a-w-   c:\program files\Turbine\Turbine Download Manager\TurbineDownloadManagerIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2010-01-07 21:38   158448   ----a-w-   c:\program files\Zune\ZuneLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ZuneNetworkSvc"=3 (0x3)
"NMIndexingService"=3 (0x3)
"NeroRegInCDSrv"=2 (0x2)
"LightScribeService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"NBService"=3 (0x3)
"InCDsrv"=2 (0x2)
"LBTServ"=3 (0x3)
"DAUpdaterSvc"=3 (0x3)
"LiveTurbineNetworkService"=3 (0x3)
"LiveTurbineMessageService"=2 (0x2)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\appcertdlls]
lighosk   REG_SZ            c:\windows\system32\cisvecab.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Steam\\SteamApps\\what619\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\company of heroes\\help.htm"=
"c:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\company of heroes\\RelicCOH.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\company of heroes\\RelicDownloader\\RelicDownloader.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\a farewell to dragons\\thegame.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\risen\\bin\\Risen.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\dragon age origins\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Turbine\\Dungeons and Dragons Online - Eberron Unlimited\\dndclient.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Turbine\\Dungeons and Dragons Online - Eberron Unlimited\\TurbineInvoker.exe"=
"c:\\Program Files\\Turbine\\Turbine Download Manager\\TurbineMessageService.exe"=
"c:\\Program Files\\Turbine\\Turbine Download Manager\\TurbineNetworkService.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\dragon age origins\\bin_ship\\DAOrigins.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\dragon age origins\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\mass effect\\Binaries\\MassEffect.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\torchlight\\Torchlight.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\battlefield bad company 2\\BFBC2Game.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\left 4 dead 2\\left4dead2.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56123:TCP"= 56123:TCP:Pando Media Booster
"56123:UDP"= 56123:UDP:Pando Media Booster

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/21/2010 11:23 PM 162640]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/17/2010 11:15 AM 66632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/21/2010 11:23 PM 19024]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2/20/2010 2:52 PM 10384]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/17/2010 11:15 AM 12872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2/20/2010 8:43 AM 845184]
S4 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Steam\SteamApps\common\dragon age origins\bin_ship\daupdatersvc.service.exe [3/9/2010 11:40 AM 25832]
S4 LiveTurbineMessageService;Turbine Message Service - Live;c:\program files\Turbine\Turbine Download Manager\TurbineMessageService.exe [3/7/2010 1:05 PM 271856]
S4 LiveTurbineNetworkService;Turbine Network Service - Live;c:\program files\Turbine\Turbine Download Manager\TurbineNetworkService.exe [3/7/2010 1:05 PM 218608]
S4 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe --> c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14   451872   ----a-w-   c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-04-08 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-02-20 05:18]
.
.
------- Supplementary Scan -------
.
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKLM-Run-nwiz - nwiz.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-08 10:28
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(680)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
Completion time: 2010-04-08  10:29:33
ComboFix-quarantined-files.txt  2010-04-08 17:29

Pre-Run: 104,391,561,216 bytes free
Post-Run: 104,379,547,648 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 549B2B4D38B2F4DBCEC47DD4AD70DD79

[Dr Jay]

Please download OTS by OldTimer and save it to your Desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.

• Close ALL OTHER PROGRAMS.
  
• Double-click on OTS to start the program (if you are running on Vista then right-click the program and
  choose Run as Administrator).
  
• At the top, tick on Scan All Users section and Include MD5.
  
• At File Age set it to 90 Days
  
• In the Processes, Modules, Services, Drivers, and Registry
   section, please set on Safe List.
  
• In the Files Created Within and Files Modified Within section, set it to File Age
  
• At the bottom, tick on all Safe List and Use Company Name WhiteList option
  
• Under Additional Scans, tick on the "Extras" button and then click the checkboxes in front of the following items to select them:
  Reg - Disabled MS Config Items
  Reg - Drivers32
  Reg - Ext
  Reg - IE
  Explorer Bar
  Reg - NetSvcs
  Reg - Safeboot Minimal
  Reg - Safeboot Network
  File - Lop Check
  File - Purity Scan

• Do NOT change any other settings.
  
• Then, in the Custom Scans box, place this in:
  
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\*.exe /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\System32\*.sys
  %systemroot%\System32\drivers\*.dll
  %systemroot%\System32\drivers\*.ini
  %systemroot%\System32\drivers\*.exe
  %SYSTEMDRIVE%\*.*
  %PROGRAMFILES%\*.
  %appdata%\*.*
  
  
• Now click the Run Scan button on the toolbar.
  
• Let it run unhindered until it finishes.
• When the scan is complete Notepad will open with the report file loaded in it.
  
• Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

[w619]

Alright its finished so whats next.

[Dr Jay]

Post the log from it, please.

[w619]

The log seems a little too long, should I post in segments.

[Dr Jay]

Yes. The post counts are not very high here. You might need about two or three.

[w619]

Code: [Select]

OTS logfile created on: 4/8/2010 12:05:13 PM - Run 2
OTS by OldTimer - Version 3.1.28.0     Folder = C:\Documents and Settings\chris\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 85.00% Memory free
6.00 Gb Paging File | 6.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 97.15 Gb Free Space | 41.72% Space Free | Partition Type: NTFS
Drive D: | 1.91 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: CHRIS-83C9A0BB7
Current User Name: chris
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 90 Days
 
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\chris\Desktop\OTS.exe -> [2010/04/08 11:50:27 | 000,638,976 | ---- | M | MD5 = 0699456F9835951BCB3304564244386F] (OldTimer Tools)
avastui.exe -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe -> [2010/03/09 04:24:10 | 002,769,336 | ---- | M | MD5 = 4168B08FA453C8B9314CDDA3824F6311] (ALWIL Software)
avastsvc.exe -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/03/09 04:24:08 | 000,040,384 | ---- | M | MD5 = 0BDD72BA9009EF4914CDEA08107A8262] (ALWIL Software)
zunebusenum.exe -> C:\WINDOWS\system32\ZuneBusEnum.exe -> [2010/01/07 14:38:10 | 000,058,592 | ---- | M | MD5 = E1246BDD6FB5F1705B178A6B4F8BDEA6] (Microsoft Corporation)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 05:00:00 | 001,033,728 | ---- | M | MD5 = 12896823FB95BFB3DC9B46BCAEDC9923] (Microsoft Corporation)
 
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\chris\Desktop\OTS.exe -> [2010/04/08 11:50:27 | 000,638,976 | ---- | M | MD5 = 0699456F9835951BCB3304564244386F] (OldTimer Tools)
cisvecab.dll -> C:\WINDOWS\system32\cisvecab.dll -> [2010/04/06 19:28:20 | 000,044,032 | -H-- | M | MD5 = B52CB036CC2379222149BD5DB403EAAE] ()
sasseh.dll -> C:\Program Files\SUPERAntiSpyware\SASSEH.DLL -> [2008/05/13 10:13:36 | 000,077,824 | ---- | M | MD5 = ECD5517A6633826057D4F050927DDF56] (SuperAdBlocker.com)
 
[Win32 Services - Safe List]
(NeroRegInCDSrv) Nero Registry InCD Service [Disabled | Stopped] ->  -> File not found
(DAUpdaterSvc) Dragon Age: Origins - Content Updater [Disabled | Stopped] -> c:\Program Files\Steam\SteamApps\common\dragon age origins\bin_ship\daupdatersvc.service.exe -> [2010/03/09 11:40:01 | 000,025,832 | ---- | M | MD5 = 914A7156B0C0F10BE645A02E13F576B2] (BioWare)
(avast! Web Scanner) avast! Web Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/03/09 04:24:08 | 000,040,384 | ---- | M | MD5 = 0BDD72BA9009EF4914CDEA08107A8262] (ALWIL Software)
(avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/03/09 04:24:08 | 000,040,384 | ---- | M | MD5 = 0BDD72BA9009EF4914CDEA08107A8262] (ALWIL Software)
(avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010/03/09 04:24:08 | 000,040,384 | ---- | M | MD5 = 0BDD72BA9009EF4914CDEA08107A8262] (ALWIL Software)
(ZuneWlanCfgSvc) Zune Wireless Configuration Service [On_Demand | Stopped] -> C:\WINDOWS\system32\ZuneWlanCfgSvc.exe -> [2010/01/07 14:38:18 | 000,447,216 | ---- | M | MD5 = B10CC66B7947BB1A2A24FF563BF36021] (Microsoft Corporation)
(ZuneBusEnum) Zune Bus Enumerator [Auto | Running] -> C:\WINDOWS\system32\ZuneBusEnum.exe -> [2010/01/07 14:38:10 | 000,058,592 | ---- | M | MD5 = E1246BDD6FB5F1705B178A6B4F8BDEA6] (Microsoft Corporation)
(ZuneNetworkSvc) Zune Network Sharing Service [Disabled | Stopped] -> c:\Program Files\Zune\ZuneNss.exe -> [2010/01/07 14:38:08 | 005,950,704 | ---- | M | MD5 = BCC62ED44D85236F802EFCCDA3FBA457] (Microsoft Corporation)
(LiveTurbineMessageService) Turbine Message Service - Live [Disabled | Stopped] -> C:\Program Files\Turbine\Turbine Download Manager\TurbineMessageService.exe -> [2009/11/30 17:27:52 | 000,271,856 | ---- | M | MD5 = AD36B5F8AC7C2BAFB32973B743A65265] (Turbine, Inc.)
(LiveTurbineNetworkService) Turbine Network Service - Live [Disabled | Stopped] -> C:\Program Files\Turbine\Turbine Download Manager\TurbineNetworkService.exe -> [2009/11/30 17:27:52 | 000,218,608 | ---- | M | MD5 = FFDFF7E4D8FDA5C1BFA50F9DBFB780CE] (Turbine, Inc.)
(LBTServ) Logitech Bluetooth Service [Disabled | Stopped] -> C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -> [2009/07/20 12:28:10 | 000,121,360 | ---- | M | MD5 = 3AF6B73A3AD1FC37C5933441F66CEB91] (Logitech, Inc.)
(InCDsrv) InCD Helper [Disabled | Stopped] -> C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -> [2007/06/25 08:47:12 | 001,552,680 | ---- | M | MD5 = 9792B85E32E058CD6A43DB274BA47D57] (Nero AG)
 
[Driver Services - Safe List]
(PnkBstrK) PnkBstrK [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\pnkbstrk.sys -> [2010/03/31 07:44:21 | 000,139,128 | ---- | M | MD5 = 10BE25C04613B70D8CE1F412E14D9454] ()
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aswTdi.sys -> [2010/03/09 04:12:54 | 000,046,672 | ---- | M | MD5 = 755E4AFB683E3306886A0F4DF02A1575] (ALWIL Software)
(aswSP) aswSP [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aswSP.sys -> [2010/03/09 04:12:33 | 000,162,640 | ---- | M | MD5 = 39BF48164A958F4BF0C0EC6CDC447DB5] (ALWIL Software)
(aswRdr) aswRdr [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\aswRdr.sys -> [2010/03/09 04:09:08 | 000,023,376 | ---- | M | MD5 = 7827F70B86B29FBF112CBCE547205ACC] (ALWIL Software)
(aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\aswmon2.sys -> [2010/03/09 04:08:41 | 000,100,432 | ---- | M | MD5 = 1A10CBECFDD0A597B27E2D0998D95CF9] (ALWIL Software)
(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\aswFsBlk.sys -> [2010/03/09 04:08:30 | 000,019,024 | ---- | M | MD5 = FB6A381C32A87EE6588EED61D22DC03B] (ALWIL Software)
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aavmker4.sys -> [2010/03/09 04:08:15 | 000,028,880 | ---- | M | MD5 = D5D75EDD02157FCD3EB576D4681E8C3E] (ALWIL Software)
(atksgt) atksgt [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\atksgt.sys -> [2010/03/01 13:25:26 | 000,281,760 | ---- | M | MD5 = F0D933B42CD0594048E4D5200AE9E417] ()
(lirsgt) lirsgt [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\lirsgt.sys -> [2010/03/01 13:25:13 | 000,025,888 | ---- | M | MD5 = F8A7212D0864EF5E9185FB95E6623F4D] ()
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -> [2010/02/17 11:25:50 | 000,012,872 | ---- | M | MD5 = A3281AEC37E0720A2BC28034C2DF2A56] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2010/02/17 11:15:58 | 000,066,632 | ---- | M | MD5 = 67D2688756DD304AF655349BAAD82BFF] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASENUM) SASENUM [Kernel | On_Demand | Running] -> C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -> [2010/02/17 11:15:58 | 000,012,872 | R--- | M | MD5 = 7CE61C25C159F50F9EAF6D77FC83FA35] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
(nv) nv [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2010/01/11 21:03:33 | 010,276,768 | ---- | M | MD5 = CB0CE8DE9F66A297CD86EB98921B8E58] (NVIDIA Corporation)
(zumbus) Zune Bus Enumerator Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\zumbus.sys -> [2010/01/07 14:22:02 | 000,040,832 | ---- | M | MD5 = 6BFB54F73AAE470E9299E66CBC7BB632] (Microsoft Corporation)
(LUsbFilt) Logitech SetPoint KMDF USB Filter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\lusbfilt.sys -> [2009/06/17 09:56:32 | 000,028,560 | ---- | M | MD5 = 77030525CD86A93F1AF34FA9B96D33CE] (Logitech, Inc.)
(LMouFilt) Logitech SetPoint KMDF Mouse Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\lmoufilt.sys -> [2009/06/17 09:56:16 | 000,037,392 | ---- | M | MD5 = AB33792A87285344F43B5CE23421BAB0] (Logitech, Inc.)
(LHidFilt) Logitech SetPoint KMDF HID Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\lhidfilt.sys -> [2009/06/17 09:56:06 | 000,035,472 | ---- | M | MD5 = 7F9C7B28CF1C859E1C42619EEA946DC8] (Logitech, Inc.)
(LBeepKE) LBeepKE [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\LBeepKE.sys -> [2009/06/17 09:55:34 | 000,010,384 | ---- | M | MD5 = 9FFD1CF2A782F2560E78EEC4B8B8689E] (Logitech, Inc.)
(L8042Kbd) Logitech SetPoint Keyboard Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\L8042Kbd.sys -> [2009/06/17 09:55:18 | 000,020,240 | ---- | M | MD5 = 0C6E346CDE730CF1356DD69AD6E9BC42] (Logitech, Inc.)
(VIAHdAudAddService) VIA High Definition Audio Driver Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\viahduaa.sys -> [2008/07/25 05:09:24 | 000,845,184 | R--- | M | MD5 = 51B24990850076F659D1D1DAEFBED6F1] (VIA Technologies, Inc.)
(RTLE8023xp) Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtenicxp.sys -> [2008/06/30 20:27:44 | 000,108,800 | R--- | M | MD5 = B52B25F41BF3511071A0E7D10D659C56] (Realtek Semiconductor Corporation                           )
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/14 05:00:00 | 000,144,384 | ---- | M | MD5 = 573C7D0A32852B48F3058CFD8026F511] (Windows (R) Server 2003 DDK provider)
(swmidi) Microsoft Kernel GS Wavetable Synthesizer [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\swmidi.sys.bak -> [2008/04/14 00:15:10 | 000,056,576 | ---- | M | MD5 = 8CE882BCC6CF8A62F2B2323D95CB3D01] (Microsoft Corporation)
(Changer) Changer [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\changer.sys -> [2008/04/14 00:11:00 | 000,008,192 | ---- | M | MD5 = 2A5815CA6FFF24B688C01F828B96819C] (Microsoft Corporation)
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\lbrtfdc.sys -> [2008/04/14 00:10:28 | 000,034,688 | ---- | M | MD5 = 406598827A1B5F77954DE11DDE115CED] (Toshiba Corp.)
(monfilt) monfilt [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\monfilt.sys -> [2008/02/13 23:12:00 | 001,389,056 | R--- | M | MD5 = 9FA7207D1B1ADEAD88AE8EED9CDBBAA5] (Creative Technology Ltd.)
(AsIO) AsIO [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\AsIO.sys -> [2007/12/17 02:14:06 | 000,012,400 | R--- | M | MD5 = 2B4E66FAC6503494A2C6F32BB6AB3826] ()
(incdrm) Nero InCD MRW Remapper [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\InCDRm.sys -> [2007/06/25 08:47:12 | 000,038,440 | ---- | M | MD5 = C258E57321A3C3737F4FA815FA69EE0B] (Nero AG)
(InCDPass) Nero InCDPass [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\InCDPass.sys -> [2007/06/25 08:47:12 | 000,036,776 | ---- | M | MD5 = AAA2789D2CE21B31BE9406BA1CEB7285] (Nero AG)
(InCDfs) Nero InCD File System [File_System | Disabled | Running] -> C:\WINDOWS\system32\drivers\InCDfs.sys -> [2007/06/25 08:47:02 | 000,119,080 | ---- | M | MD5 = 580A81790CD0A48D85DA322267DA7AC4] (Nero AG)
(WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\winusb.sys -> [2006/11/02 07:00:08 | 000,039,368 | ---- | M | MD5 = FD600B032E741EB6AAB509FC630F7C42] (Microsoft Corporation)
(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ASACPI.sys -> [2004/08/14 17:00:00 | 000,005,810 | R--- | M | MD5 = D48659BB24C48345D926ECB45C1EBDF5] ()
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\] > -> ->
HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\extensions ->  ->
< FireFox Extensions [User Folders] > ->
  -> C:\Documents and Settings\chris\Application Data\Mozilla\Extensions -> [2010/02/24 22:49:42 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\chris\Application Data\Mozilla\Extensions\[email protected] -> [2010/02/24 22:49:42 | 000,000,000 | ---D | M]
< HOSTS File > ([2008/04/14 05:00:00 | 000,000,734 | ---- | M | MD5 = DE1CBFE6C3086010AF115A1F00909B01] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype add-on for Internet Explorer] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M | MD5 = 7D52D1B380C1231FCEC11A707726A781] (Skype Technologies S.A.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"avast5" -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe [C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui] -> [2010/03/09 04:24:10 | 002,769,336 | ---- | M | MD5 = 4168B08FA453C8B9314CDDA3824F6311] (ALWIL Software)
"NvCplDaemon" -> C:\WINDOWS\System32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2010/01/11 22:17:44 | 013,666,408 | ---- | M | MD5 = E48EDD7A58982F0EF3A9089002067200] (NVIDIA Corporation)
"NvMediaCenter" -> C:\WINDOWS\System32\NvMcTray.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> [2010/01/11 22:17:44 | 000,110,696 | ---- | M | MD5 = 35BBA975637D472A0DB145F6207FB28A] (NVIDIA Corporation)
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup ->
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< chris Startup Folder > -> C:\Documents and Settings\chris\Start Menu\Programs\Startup ->
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003] > -> HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" ->  [1] -> File not found
\\"NoDriveAutoRun" ->  [67108863] -> File not found
\\"NoDriveTypeAutoRun" ->  [323] -> File not found
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [323] -> File not found
\\"NoDriveAutoRun" ->  [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [323] -> File not found
\\"NoDriveAutoRun" ->  [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003] > -> HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [323] -> File not found
\\"NoDriveAutoRun" ->  [67108863] -> File not found
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003] > -> HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype add-on for Internet Explorer] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M | MD5 = 7D52D1B380C1231FCEC11A707726A781] (Skype Technologies S.A.)
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Menu: Skype add-on for Internet Explorer] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M | MD5 = 7D52D1B380C1231FCEC11A707726A781] (Skype Technologies S.A.)
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\] > -> HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\] > -> HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab [Java Plug-in 1.6.0_19] ->
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab [Java Plug-in 1.6.0_19] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab [Java Plug-in 1.6.0_19] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 68.105.28.12 68.105.29.12 68.105.28.11 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{E7B06858-581B-4BAD-920F-9FB8489D2C43}\\DhcpNameServer -> 68.105.28.12 68.105.29.12 68.105.28.11   (Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC) ->
IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
"MaxScriptStatements" -> Reg Error: Invalid data type.
"Use My Stylesheet" -> Reg Error: Invalid data type.
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 05:00:00 | 001,033,728 | ---- | M | MD5 = 12896823FB95BFB3DC9B46BCAEDC9923] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> C:\Program Files\SUPERAntiSpyware\SASWINLO.dll -> [2009/09/03 15:21:42 | 000,548,352 | ---- | M | MD5 = 482E8F6FD557D5A0DF7363F72DF145FE] (SUPERAntiSpyware.com)
LBTWlgn -> c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll -> [2009/07/20 12:28:42 | 000,072,208 | ---- | M | MD5 = A589D4BD91C15A0112E2F5DEF235DD67] (Logitech, Inc.)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [] -> [2008/05/13 10:13:36 | 000,077,824 | ---- | M | MD5 = ECD5517A6633826057D4F050927DDF56] (SuperAdBlocker.com)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe" -> C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe [C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main] -> [2008/10/22 20:25:58 | 012,963,840 | R--- | M | MD5 = 05A9DE1C596CA5E0028DA9E2B3864E6B] (Obsidian Entertainment, Inc.)
"C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe" -> C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe [C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD] -> [2008/10/22 20:36:34 | 012,816,384 | R--- | M | MD5 = 94E7B356DA89D82B6B0DC0CFFAF7E36F] (Obsidian Entertainment, Inc.)
"C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe" -> C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe [C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server] -> [2008/10/22 16:57:04 | 004,608,000 | ---- | M | MD5 = B756CD5E4408A46D892E1F48D08307B6] (Obsidian Entertainment, Inc.)
"C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe" -> C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe [C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater] -> [2010/02/20 18:21:37 | 002,478,080 | ---- | M | MD5 = C5B2B128A1454D57BDE0D86FAE371BAA] (Obsidian Entertainment, Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" -> C:\Program Files\BitTorrent\bittorrent.exe [C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] -> [2010/02/09 15:16:32 | 000,654,648 | ---- | M | MD5 = 15FEF5CDBB7F2AA5D328DABCB8C0F215] (BitTorrent, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2010/02/19 08:46:10 | 000,503,808 | ---- | M | MD5 = 2B7F2DC5741BB18F7F5EC7558DA68197] (Lime Wire, LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" -> C:\Program Files\Pando Networks\Media Booster\PMB.exe [C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster] -> [2010/03/07 13:57:51 | 002,937,528 | ---- | M | MD5 = 7C6FCBAF1BE7513C5BC5B90519EE59DF] ()
"C:\Program Files\Steam\SteamApps\common\a farewell to dragons\thegame.exe" -> C:\Program Files\Steam\SteamApps\common\a farewell to dragons\thegame.exe [C:\Program Files\Steam\SteamApps\common\a farewell to dragons\thegame.exe:*:Enabled:A Farewell to Dragons] -> [2010/02/22 00:06:55 | 008,220,672 | ---- | M | MD5 = 7E68BC9FC2734D536995160EFAC86229] ()
"C:\Program Files\Steam\SteamApps\common\battlefield bad company 2\BFBC2Game.exe" -> C:\Program Files\Steam\SteamApps\common\battlefield bad company 2\BFBC2Game.exe [C:\Program Files\Steam\SteamApps\common\battlefield bad company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company 2] -> [2010/03/29 19:21:13 | 019,449,208 | ---- | M | MD5 = B1ACBA1C2BF9589CE38FD1BFE8FCA4A8] (EA Digital Illusions CE AB)
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe" -> C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe [C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer] -> [2010/02/20 20:48:43 | 003,923,544 | ---- | M | MD5 = 1178CE45557D273EB6A984D2E7323CC2] ()
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe" -> C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe [C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2] -> [2010/02/20 20:28:49 | 003,501,656 | ---- | M | MD5 = 6830295C02D43E757BF69BA5D555F29D] ()
"C:\Program Files\Steam\SteamApps\common\company of heroes\help.htm" -> C:\Program Files\Steam\SteamApps\common\company of heroes\help.htm [C:\Program Files\Steam\SteamApps\common\company of heroes\help.htm:*:Enabled:Company of Heroes] -> [2010/02/20 21:00:51 | 000,000,213 | ---- | M | MD5 = B13610E53C9FEC71D7AAFB5EDED27CE3] ()
"C:\Program Files\Steam\SteamApps\common\company of heroes\RelicCOH.exe" -> C:\Program Files\Steam\SteamApps\common\company of heroes\RelicCOH.exe [C:\Program Files\Steam\SteamApps\common\company of heroes\RelicCOH.exe:*:Enabled:Company of Heroes: Opposing Fronts] -> [2010/02/20 22:18:01 | 009,266,056 | ---- | M | MD5 = 9B8587A9604CEB3F8AE1F50C64B95A91] (THQ Canada Inc.)
"C:\Program Files\Steam\SteamApps\common\company of heroes\RelicDownloader\RelicDownloader.exe" -> C:\Program Files\Steam\SteamApps\common\company of heroes\RelicDownloader\RelicDownloader.exe [C:\Program Files\Steam\SteamApps\common\company of heroes\RelicDownloader\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager] -> [2010/02/20 21:54:58 | 001,921,024 | ---- | M | MD5 = 21D7650C5CA7EF5E72F86BB35D3FF866] (THQ Canada Inc.)
"C:\Program Files\Steam\SteamApps\common\dragon age origins\bin_ship\DAOrigins.exe" -> C:\Program Files\Steam\SteamApps\common\dragon age origins\bin_ship\DAOrigins.exe [C:\Program Files\Steam\SteamApps\common\dragon age origins\bin_ship\DAOrigins.exe:*:Enabled:Dragon Age: Origins - Awakening] -> [2010/03/09 11:39:35 | 010,532,072 | ---- | M | MD5 = C254D713029062832AEB39FF6BFD7E62] (BioWare)
"C:\Program Files\Steam\SteamApps\common\dragon age origins\bin_ship\daupdatersvc.service.exe" -> C:\Program Files\Steam\SteamApps\common\dragon age origins\bin_ship\daupdatersvc.service.exe [C:\Program Files\Steam\SteamApps\common\dragon age origins\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater] -> [2010/03/09 11:40:01 | 000,025,832 | ---- | M | MD5 = 914A7156B0C0F10BE645A02E13F576B2] (BioWare)
"C:\Program Files\Steam\SteamApps\common\dragon age origins\DAOriginsLauncher.exe" -> C:\Program Files\Steam\SteamApps\common\dragon age origins\DAOriginsLauncher.exe [C:\Program Files\Steam\SteamApps\common\dragon age origins\DAOriginsLauncher.exe:*:Enabled:Dragon Age: Origins - Awakening] -> [2010/02/28 12:03:37 | 001,246,440 | ---- | M | MD5 = 2F2EF80A4DB64D525D13E4B6C5F41BE2] (BioWare)
"C:\Program Files\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe" -> C:\Program Files\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe [C:\Program Files\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2] -> [2010/04/03 21:51:19 | 000,385,024 | ---- | M | MD5 = 66189B171ADEDBED4B94654804B14286] ()
"C:\Program Files\Steam\SteamApps\common\mass effect\Binaries\MassEffect.exe" -> C:\Program Files\Steam\SteamApps\common\mass effect\Binaries\MassEffect.exe [C:\Program Files\Steam\SteamApps\common\mass effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect] -> [2010/03/21 16:52:31 | 021,452,008 | ---- | M | MD5 = 647B93621389709CAB8D268379BD4C47] (BioWare)
"C:\Program Files\Steam\SteamApps\common\risen\bin\Risen.exe" -> C:\Program Files\Steam\SteamApps\common\risen\bin\Risen.exe [C:\Program Files\Steam\SteamApps\common\risen\bin\Risen.exe:*:Enabled:Risen] -> [2010/02/28 11:28:18 | 000,966,496 | ---- | M | MD5 = 019B5FA36CDC9914BAFDCA5E6E239D89] (Piranha Bytes)
"C:\Program Files\Steam\SteamApps\common\torchlight\Torchlight.exe" -> C:\Program Files\Steam\SteamApps\common\torchlight\Torchlight.exe [C:\Program Files\Steam\SteamApps\common\torchlight\Torchlight.exe:*:Enabled:Torchlight] -> [2010/03/26 18:35:43 | 010,717,328 | ---- | M | MD5 = A0C7DE3B6439DB018A4AC6E4E1E353F5] (Runic Games, Inc.)
"C:\Program Files\Steam\SteamApps\what619\counter-strike source\hl2.exe" -> C:\Program Files\Steam\SteamApps\what619\counter-strike source\hl2.exe [C:\Program Files\Steam\SteamApps\what619\counter-strike source\hl2.exe:*:Enabled:hl2] -> [2010/04/05 23:57:06 | 000,106,496 | ---- | M | MD5 = 7C271BBD974C760F516F1C9F9B61E0F2] ()
"C:\Program Files\Turbine\Dungeons and Dragons Online - Eberron Unlimited\dndclient.exe" -> C:\Program Files\Turbine\Dungeons and Dragons Online - Eberron Unlimited\dndclient.exe [C:\Program Files\Turbine\Dungeons and Dragons Online - Eberron Unlimited\dndclient.exe:*:Enabled:dndclient] -> [2010/03/07 13:12:07 | 010,261,808 | ---- | M | MD5 = 125BCA8F722A95AD05403D810AC6B879] (Turbine, Inc.)
"C:\Program Files\Turbine\Dungeons and Dragons Online - Eberron Unlimited\TurbineInvoker.exe" -> C:\Program Files\Turbine\Dungeons and Dragons Online - Eberron Unlimited\TurbineInvoker.exe [C:\Program Files\Turbine\Dungeons and Dragons Online - Eberron Unlimited\TurbineInvoker.exe:*:Enabled:Dungeons and Dragons Online™ - Eberron Unlimited™] -> [2010/03/07 13:12:02 | 000,053,248 | ---- | M | MD5 = F1F2D4B92C18AB122A05FE25EE2633C8] (Turbine, Inc.)
"C:\Program Files\Turbine\Turbine Download Manager\TurbineMessageService.exe" -> C:\Program Files\Turbine\Turbine Download Manager\TurbineMessageService.exe [C:\Program Files\Turbine\Turbine Download Manager\TurbineMessageService.exe:*:Enabled:TurbineMessageService] -> [2009/11/30 17:27:52 | 000,271,856 | ---- | M | MD5 = AD36B5F8AC7C2BAFB32973B743A65265] (Turbine, Inc.)
"C:\Program Files\Turbine\Turbine Download Manager\TurbineNetworkService.exe" -> C:\Program Files\Turbine\Turbine Download Manager\TurbineNetworkService.exe [C:\Program Files\Turbine\Turbine Download Manager\TurbineNetworkService.exe:*:Enabled:TurbineNetworkService] -> [2009/11/30 17:27:52 | 000,218,608 | ---- | M | MD5 = FFDFF7E4D8FDA5C1BFA50F9DBFB780CE] (Turbine, Inc.)
"C:\Program Files\Ventrilo\Ventrilo.exe" -> C:\Program Files\Ventrilo\Ventrilo.exe [C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe] -> [2009/04/22 21:11:32 | 001,675,776 | ---- | M | MD5 = 9DA1F1163C7B5DA29EEC2FF3A731EEA9] (Flagship Industries, Inc.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2010/02/20 08:29:47 | 000,000,000 | ---- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
D:\autorun.inf [[autorun] | open=setup\rsrc\Autorun.exe | icon=Setup\rsrc\TheMovies.ico |  | shell\dinstall\command=Directx\dxsetup.exe | shell\dinstall=&DirectX(R)... | ] -> D:\autorun.inf [ UDF ] -> [2005/08/26 12:29:24 | 000,000,146 | R--- | M | MD5 = 49DAF5DD967C36F16122ED19E35A4E08] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< AppCertDlls [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls ->
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls
\\"lighosk" -> C:\WINDOWS\system32\cisvecab.dll [C:\WINDOWS\system32\cisvecab.dll] -> [2010/04/06 19:28:20 | 000,044,032 | -H-- | M | MD5 = B52CB036CC2379222149BD5DB403EAAE] ()
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

[w619]

[Registry - Additional Scans - Safe List]
< Disabled MSConfig Services [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services ->
"DAUpdaterSvc" -> ->
"InCDsrv" -> ->
"JavaQuickStarterService" -> ->
"LBTServ" -> ->
"LightScribeService" -> ->
"LiveTurbineMessageService" -> ->
"LiveTurbineNetworkService" -> ->
"NBService" -> ->
"NeroRegInCDSrv" -> ->
"NMIndexingService" -> ->
"ZuneNetworkSvc" -> ->
< Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ ->
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe -> [2009/07/20 12:30:50 | 000,813,584 | ---- | M | MD5 = B624202660474516E73AA95238FD9843] (Logitech, Inc.)
C:^Documents and Settings^chris^Start Menu^Programs^Startup^LimeWire On Startup.lnk -> C:\Program Files\LimeWire\LimeWire.exe -> [2010/02/19 08:46:10 | 000,503,808 | ---- | M | MD5 = 2B7F2DC5741BB18F7F5EC7558DA68197] (Lime Wire, LLC)
C:^Documents and Settings^chris^Start Menu^Programs^Startup^Logitech . Product Registration.lnk -> C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe -> [2008/11/07 14:56:10 | 000,517,384 | ---- | M | MD5 = FBBF2B2A5F257AA4B597F77D65155EDF] (Leader Technologies/Logitech)
C:^Documents and Settings^chris^Start Menu^Programs^Startup^monsxw32.exe -> C:\Documents and Settings\chris\Start Menu\Programs\Startup\monsxw32.exe -> File not found
< Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ ->
Adobe ARM hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe -> [2009/12/11 15:57:56 | 000,948,672 | R--- | M | MD5 = 73BB442A717B9BB0097C243374C14A3E] (Adobe Systems Incorporated)
Adobe Reader Speed Launcher hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe -> [2009/12/22 01:57:28 | 000,035,760 | ---- | M | MD5 = 466CE40EAA865752F4930A472563E4E1] (Adobe Systems Incorporated)
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe -> [2007/06/27 19:03:40 | 000,152,872 | ---- | M | MD5 = 86F0D0B3A07C142C81DAB47E8495A822] (Nero AG)
ctfmon.exe hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->  -> File not found
HDAudDeck hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe -> [2008/08/14 20:13:26 | 030,003,200 | R--- | M | MD5 = A4FBD0E5A6866FD0BC3E2989A718B843] (VIA Technologies, Inc.)
InCD hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Nero\Nero 7\InCD\InCD.exe -> [2007/06/25 08:47:02 | 001,057,064 | ---- | M | MD5 = F3EFB9F5B0B7E07CBF8F18BC2AFCC4DB] (Nero AG)
Kernel and Hardware Abstraction Layer hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\KHALMNPR.Exe -> [2009/06/17 09:55:10 | 000,055,824 | ---- | M | MD5 = E42A642E162B0468B2C4E9D803079C7F] (Logitech, Inc.)
LightScribe Control Panel hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -> [2008/06/09 10:16:32 | 002,363,392 | ---- | M | MD5 = 4A9295C9BE22739D030AB072E9A0B169] (Hewlett-Packard Company)
NeroFilterCheck hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe -> [2008/03/17 11:05:02 | 000,570,664 | ---- | M | MD5 = D81ED2C08797F4CF6466562E695E6FC6] (Nero AG)
Pando Media Booster hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Pando Networks\Media Booster\PMB.exe -> [2010/03/07 13:57:51 | 002,937,528 | ---- | M | MD5 = 7C6FCBAF1BE7513C5BC5B90519EE59DF] ()
SecurDisc hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe -> [2007/06/25 08:47:24 | 001,629,480 | ---- | M | MD5 = 87D568DEB1C0C07F31B78E1B41EB4AFE] (Nero AG)
Skype hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Skype\Phone\Skype.exe -> [2010/03/09 10:02:14 | 026,100,520 | R--- | M | MD5 = 46C92F0351DF5A4F74C9D37CD43F741D] (Skype Technologies S.A.)
Steam hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Steam\Steam.exe -> [2010/02/20 09:44:54 | 001,217,872 | ---- | M | MD5 = C82A015446F50242E675DEF631F8FBE8] (Valve Corporation)
Turbine Download Manager Tray Icon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Turbine\Turbine Download Manager\TurbineDownloadManagerIcon.exe -> [2009/11/30 17:27:52 | 000,472,568 | ---- | M | MD5 = AD8A8306017BB9275006963058635C98] (Turbine, Inc.)
Zune Launcher hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> c:\Program Files\Zune\ZuneLauncher.exe -> [2010/01/07 14:38:08 | 000,158,448 | ---- | M | MD5 = 1C1784599D8F78B6D37C40D85DF52FFF] (Microsoft Corporation)
< Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state ->
"bootini" -> 0 ->
"services" -> 2 ->
"startup" -> 2 ->
"system.ini" -> 0 ->
"win.ini" -> 0 ->
< Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
"msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2008/04/14 05:00:00 | 000,199,680 | ---- | M | MD5 = 877C90686858D899B042BBA45E9B7F2C] (Intel Corporation)
"msacm.l3acm" -> C:\WINDOWS\system32\l3codeca.acm [C:\WINDOWS\system32\l3codeca.acm] -> [2008/04/14 05:00:00 | 000,290,816 | ---- | M | MD5 = 452705AC9E4C0DDE91A61F0E02292423] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008/04/14 05:00:00 | 000,086,016 | ---- | M | MD5 = 0DBB250A89E2E1C9281009AC269F0805] (Sipro Lab Telecom Inc.)
"msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2008/04/14 05:00:00 | 000,008,192 | ---- | M | MD5 = E8CD0D7E169ECCE2D4FD829DAAB786ED] (DSP GROUP, INC.)
"vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2008/04/14 05:00:00 | 000,080,384 | ---- | M | MD5 = 7E86D471EF8DED7B9D15106002120271] (Radius Inc.)
"vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2008/04/14 05:00:00 | 000,199,168 | ---- | M | MD5 = 43ECA1576906BA76FB3E329A338A3CAE] ()
"vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2008/04/14 05:00:00 | 000,199,168 | ---- | M | MD5 = 43ECA1576906BA76FB3E329A338A3CAE] ()
"vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2008/04/14 05:00:00 | 000,848,384 | ---- | M | MD5 = 948E1498C6438625247F94534AAA82FE] (Intel Corporation)
"vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2008/04/14 05:00:00 | 000,755,200 | ---- | M | MD5 = 5F10DC19D92CCF6B719B494572F4F74B] (Intel Corporation)
"vidc.VP60" -> C:\WINDOWS\system32\vp6vfw.dll [C:\WINDOWS\system32\vp6vfw.dll] -> [2008/09/04 13:11:14 | 000,447,752 | R--- | M | MD5 = 4B0C0A8C960AF22761FB6A25D8A50DF2] (On2.com)
"vidc.VP61" -> C:\WINDOWS\system32\vp6vfw.dll [C:\WINDOWS\system32\vp6vfw.dll] -> [2008/09/04 13:11:14 | 000,447,752 | R--- | M | MD5 = 4B0C0A8C960AF22761FB6A25D8A50DF2] (On2.com)
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2010/04/06 22:12:53 | 000,108,320 | ---- | M | MD5 = 2AC5774E748E95F10A5123FE8F44BE74] (Sun Microsystems, Inc.)
{68979310-D979-4CCA-AB57-83BEFB03E0D3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_19.dll [Java Plug-in 1.6.0_19] -> [2010/04/06 22:12:52 | 000,136,992 | ---- | M | MD5 = BF86AAF1E914C153F32A9ACD04C91918] (Sun Microsystems, Inc.)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2009/12/21 18:15:14 | 000,660,912 | ---- | M | MD5 = A911AFDEDF87F42A915C1488387185AF] (Adobe Systems, Inc.)
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_19.dll [Java Plug-in 1.6.0_19] -> [2010/04/06 22:12:52 | 000,136,992 | ---- | M | MD5 = BF86AAF1E914C153F32A9ACD04C91918] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_19.dll [Java Plug-in 1.6.0_19] -> [2010/04/06 22:12:52 | 000,136,992 | ---- | M | MD5 = BF86AAF1E914C153F32A9ACD04C91918] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_19.dll [Java Plug-in 1.6.0_19] -> [2010/04/06 22:12:52 | 000,136,992 | ---- | M | MD5 = BF86AAF1E914C153F32A9ACD04C91918] (Sun Microsystems, Inc.)
{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deploytk.dll [Deployment Toolkit] -> [2010/04/06 22:12:52 | 000,411,368 | ---- | M | MD5 = FA8D8FA6C60AB99C07693560842C9BB6] (Sun Microsystems, Inc.)
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx [Shockwave Flash Object] -> [2010/01/26 17:58:36 | 003,981,080 | R--- | M | MD5 = C06E6E160F34CE092301BD2B29067F3F] (Adobe Systems, Inc.)
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ ->
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype add-on for Internet Explorer (toolbar button)] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M | MD5 = 7D52D1B380C1231FCEC11A707726A781] (Skype Technologies S.A.)
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype add-on for Internet Explorer] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M | MD5 = 7D52D1B380C1231FCEC11A707726A781] (Skype Technologies S.A.)
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx [Shockwave Flash Object] -> [2010/01/26 17:58:36 | 003,981,080 | R--- | M | MD5 = C06E6E160F34CE092301BD2B29067F3F] (Adobe Systems, Inc.)
{E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ ->
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx [DHTML Edit Control Safe for Scripting for IE5] -> [2009/07/27 15:27:12 | 000,128,512 | ---- | M | MD5 = AB2618C157C8D7BC89BA3402C6E52638] (Microsoft Corporation)
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype add-on for Internet Explorer (toolbar button)] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M | MD5 = 7D52D1B380C1231FCEC11A707726A781] (Skype Technologies S.A.)
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype add-on for Internet Explorer] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M | MD5 = 7D52D1B380C1231FCEC11A707726A781] (Skype Technologies S.A.)
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx [Shockwave Flash Object] -> [2010/01/26 17:58:36 | 003,981,080 | R--- | M | MD5 = C06E6E160F34CE092301BD2B29067F3F] (Adobe Systems, Inc.)
{E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 ->  -> File not found
Ias -> C:\WINDOWS\system32\ias -> [2010/02/20 01:02:10 | 000,000,000 | ---D | M]
Iprip ->  -> File not found
Irmon ->  -> File not found
NWCWorkstation ->  -> File not found
Nwsapagent ->  -> File not found
WmdmPmSp ->  -> File not found
*MultiFile Done* -> ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\Program Files\Common Files\Skype\Skype4COM.dll[IEProtocolHandler Class] -> [2010/03/09 10:02:16 | 002,135,336 | R--- | M | MD5 = 028FF74DAFDC7BB45C956A5EC8926CEE] (Skype Technologies)
skype-ie-addon-data:{91774881-D725-4E58-B298-07617B9B86A8} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll[Skype IE add-on Pluggable Protocol] -> [2010/02/08 13:28:14 | 000,804,136 | ---- | M | MD5 = 7D52D1B380C1231FCEC11A707726A781] (Skype Technologies S.A.)
< SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sermouse.sys -> Driver
System Bus Extender -> Driver Group
vga.sys -> Driver
WdfLoadGroup ->
< SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
NDIS Wrapper -> Driver Group
NetBIOSGroup -> Driver Group
NetDDEGroup -> Driver Group
Network -> Driver Group
NetworkProvider -> Driver Group
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sermouse.sys -> Driver
Streams Drivers -> Driver Group
System Bus Extender -> Driver Group
TDI -> Driver Group
vga.sys -> Driver
WdfLoadGroup ->
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"FirstRunDisabled" ->  [1] -> File not found
\\"AntiVirusDisableNotify" -> 

• -> File not found

\\"FirewallDisableNotify" -> 

• -> File not found

\\"UpdatesDisableNotify" -> 

• -> File not found

\\"AntiVirusOverride" -> 

• -> File not found

\\"FirewallOverride" -> 

• -> File not found

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" ->  [1] -> File not found
\\"DoNotAllowExceptions" -> 

• -> File not found

\\"DisableNotifications" -> 

• -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3} -> Zune Language Pack (FR)
{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C} -> Java DB 10.5.3.0
{048298C9-A4D3-490B-9FF9-AB023A9238F3} -> Steam
{0556F885-2415-4666-B53E-33727E46AEA1} -> The Movies(TM)
{0C826C5B-B131-423A-A229-C71B3CACCD6A} -> CDDRV_Installer
{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1} -> Adobe Flash Player 10 Plugin
{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB} -> LightScribe System Software  1.14.17.1
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{20D4A895-748C-4D88-871C-FDB1695B0169} -> Platform
{26A24AE4-039D-4CA4-87B4-2F83216019FF} -> Java(TM) 6 Update 19
{3101CB58-3482-4D21-AF1A-7057FC935355} -> KhalInstallWrapper
{32A3A4F4-B792-11D6-A78A-00B0D0160190} -> Java(TM) SE Development Kit 6 Update 19
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{370BCBBA-67D7-4535-ADCD-58CD1C8DEC99} -> Zune Language Pack (DE)
{40EC6323-497B-44DA-8A88-74578622D9B3} -> Zune Language Pack (IT)
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml
{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{789289CA-F73A-4A16-A331-54D498CE069F} -> Ventrilo Client
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
{888FFC82-688D-46AB-A776-B417885432B6} -> Zune
{95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting
{980A182F-E0A2-4A40-94C1-AE0C1235902E} -> Pando Media Booster
{981029E0-7FC9-4CF3-AB39-6F133621921A} -> Skype Toolbars
{A2BCA9F1-566C-4805-97D1-7FDC93386723} -> Adobe AIR
{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2
{A498D9EB-927B-459B-85D6-DD6EF8C2C564} -> erLT
{AC76BA86-7AD7-1033-7B44-A93000000001} -> Adobe Reader 9.3
{B7A9964C-A9A7-4714-B494-50067238876E} -> Fantasy Earth Zero
{B8C3B479-1716-11D5-968A-0050BA84F5F7} -> Baldur's Gate(TM) II - Throne of Bhaal (TM)
{C05D8CDB-417D-4335-A38C-A0659EDFD6B8} -> The Sims™ 3
{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2
{C9BED750-1211-4480-B1A5-718A3BE15525} -> REALTEK GbE & FE Ethernet PCI-E NIC Driver
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware Free Edition
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{D103C4BA-F905-437A-8049-DB24763BBE36} -> Skype™ 4.2
{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0} -> EA Download Manager UI
{DB0BA61A-8295-4211-85F7-184FC2591033} -> Nero 7 Essentials
{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6} -> NVIDIA PhysX
{E3E71D07-CD27-46CB-8448-16D4FB29AA13} -> Microsoft WSE 3.0 Runtime
{EE4ACABF-531E-419A-9225-B8E0FA4955AF} -> Zune Language Pack (ES)
{F20C1251-1D0A-4944-B2AE-678581B33B19} -> Neverwinter Nights 2
{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E} -> Logitech SetPoint
{F7338FA3-DAB5-49B2-900D-0AFB5760C166} -> PC Probe II
15b35190-c6f9-11d9-9669-0800200c9a66_is1 -> Dungeons & Dragons Online - Eberron Unlimited™
62289540-dc30-11dc-95ff-0800200c9a66_is1 -> Turbine Download Manager
Adobe AIR -> Adobe AIR
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
avast5 -> avast! Free Antivirus
BitTorrent -> BitTorrent
CCleaner -> CCleaner
com.ea.Vault.919CACB699904AC5D41B606703 500DD39747C02D.1 -> EA Download Manager UI
EA Download Manager -> EA Download Manager
HijackThis -> HijackThis 2.0.2
ie8 -> Windows Internet Explorer 8
InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1} -> The Movies(TM)
InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} -> VIA Platform Device Manager
InstallShield_{B7A9964C-A9A7-4714-B494-50067238876E} -> Fantasy Earth Zero
LimeWire -> LimeWire 5.4.8
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1  (1033) -> Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
NVIDIA Display Control Panel -> NVIDIA Display Control Panel
NVIDIA Drivers -> NVIDIA Drivers
NVIDIA nView Desktop Manager -> NVIDIA nView Desktop Manager
PunkBusterSvc -> PunkBuster Services
Steam App 10180 -> Call of Duty: Modern Warfare 2
Steam App 10190 -> Call of Duty: Modern Warfare 2 - Multiplayer
Steam App 17450 -> Dragon Age: Origins
Steam App 17460 -> Mass Effect
Steam App 20540 -> Company of Heroes: Tales of Valor
Steam App 220 -> Half-Life 2
Steam App 240 -> Counter-Strike: Source
Steam App 24960 -> Battlefield: Bad Company 2
Steam App 280 -> Half-Life: Source
Steam App 3160 -> A Farewell to Dragons
Steam App 320 -> Half-Life 2: Deathmatch
Steam App 360 -> Half-Life Deathmatch: Source
Steam App 380 -> Half-Life 2: Episode One
Steam App 40300 -> Risen
Steam App 41500 -> Torchlight
Steam App 4560 -> Company of Heroes
Steam App 47730 -> Dragon Age: Origins - Awakening
Steam App 550 -> Left 4 Dead 2
VLC media player -> VLC media player 1.0.5
Wdf01005 -> Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Wdf01009 -> Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Windows Media Format Runtime -> Windows Media Format 11 runtime
Windows Media Player -> Windows Media Player 11
WinRAR archiver -> WinRAR archiver
winusb0100 -> Microsoft WinUsb 1.0
WMFDist11 -> Windows Media Format 11 runtime
wmp11 -> Windows Media Player 11
Wudf01009 -> Microsoft User-Mode Driver Framework Feature Pack 1.9
Zune -> Zune
< Uninstall List [HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\] > -> HKEY_USERS\S-1-5-21-1275210071-1284227242-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 4/7/2010 12:38:10 AM Computer Name = CHRIS-83C9A0BB7 | Source = Application Error | ID = 1000 -> Description = Faulting application ctfmon.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x715b9e59.
Application [ Error ] 4/7/2010 12:40:26 AM Computer Name = CHRIS-83C9A0BB7 | Source = .NET Runtime 2.0 Error Reporting | ID = 1000 -> Description = Faulting application dfsvc.exe, version 2.0.50727.3053, stamp 4889df14, faulting module mscorwks.dll, version 2.0.50727.3603, stamp 4a7cd88e, debug? 0, fault address 0x00097d9a.
Application [ Error ] 4/7/2010 12:40:53 AM Computer Name = CHRIS-83C9A0BB7 | Source = .NET Runtime 2.0 Error Reporting | ID = 1000 -> Description = Faulting application dfsvc.exe, version 2.0.50727.3053, stamp 4889df14, faulting module mscorwks.dll, version 2.0.50727.3603, stamp 4a7cd88e, debug? 0, fault address 0x00097d9a.
Application [ Error ] 4/7/2010 12:51:52 AM Computer Name = CHRIS-83C9A0BB7 | Source = Application Error | ID = 1000 -> Description = Faulting application ctfmon.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x715b9e59.
Application [ Error ] 4/7/2010 1:08:42 AM Computer Name = CHRIS-83C9A0BB7 | Source = Application Error | ID = 1000 -> Description = Faulting application msiexec.exe, version 3.1.4001.5512, faulting module unknown, version 0.0.0.0, fault address 0x715b9e59.
Application [ Error ] 4/7/2010 2:03:54 PM Computer Name = CHRIS-83C9A0BB7 | Source = Application Error | ID = 1000 -> Description = Faulting application ctfmon.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x715b9e59.
Application [ Error ] 4/7/2010 2:11:40 PM Computer Name = CHRIS-83C9A0BB7 | Source = Application Error | ID = 1000 -> Description = Faulting application avastui.exe, version 5.0.418.0, faulting module mfc90u.dll, version 9.0.30729.4148, fault address 0x00088cea.
Application [ Error ] 4/7/2010 11:57:25 PM Computer Name = CHRIS-83C9A0BB7 | Source = Application Hang | ID = 1002 -> Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 4/8/2010 10:10:41 AM Computer Name = CHRIS-83C9A0BB7 | Source = Application Hang | ID = 1002 -> Description = Hanging application mbam.exe, version 1.45.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 4/8/2010 10:10:41 AM Computer Name = CHRIS-83C9A0BB7 | Source = Application Hang | ID = 1002 -> Description = Hanging application mbam.exe, version 1.45.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
System [ Error ] 3/9/2010 11:16:05 AM Computer Name = CHRIS-83C9A0BB7 | Source = Service Control Manager | ID = 7031 -> Description = The Turbine Message Service - Live service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
System [ Error ] 3/9/2010 11:24:06 AM Computer Name = CHRIS-83C9A0BB7 | Source = Service Control Manager | ID = 7034 -> Description = The Dragon Age: Origins - Content Updater service terminated unexpectedly.  It has done this 1 time(s).
System [ Error ] 3/9/2010 11:24:14 AM Computer Name = CHRIS-83C9A0BB7 | Source = Service Control Manager | ID = 7031 -> Description = The Turbine Message Service - Live service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
System [ Error ] 3/9/2010 11:24:21 AM Computer Name = CHRIS-83C9A0BB7 | Source = Service Control Manager | ID = 7034 -> Description = The Turbine Network Service - Live service terminated unexpectedly.  It has done this 1 time(s).
System [ Error ] 3/9/2010 11:24:26 AM Computer Name = CHRIS-83C9A0BB7 | Source = Service Control Manager | ID = 7034 -> Description = The Dragon Age: Origins - Content Updater service terminated unexpectedly.  It has done this 2 time(s).
System [ Error ] 3/9/2010 11:25:05 AM Computer Name = CHRIS-83C9A0BB7 | Source = Service Control Manager | ID = 7034 -> Description = The Dragon Age: Origins - Content Updater service terminated unexpectedly.  It has done this 3 time(s).
System [ Error ] 3/9/2010 11:27:28 AM Computer Name = CHRIS-83C9A0BB7 | Source = Service Control Manager | ID = 7034 -> Description = The Turbine Network Service - Live service terminated unexpectedly.  It has done this 2 time(s).
System [ Error ] 3/9/2010 11:27:31 AM Computer Name = CHRIS-83C9A0BB7 | Source = Service Control Manager | ID = 7031 -> Description = The Turbine Message Service - Live service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
System [ Error ] 3/9/2010 11:28:31 AM Computer Name = CHRIS-83C9A0BB7 | Source = Service Control Manager | ID = 7032 -> Description = The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Turbine Message Service - Live service, but this action failed with the following error:   %%1058

[w619]

[Files/Folders - Created Within 90 Days]
 OTS.exe -> C:\Documents and Settings\chris\Desktop\OTS.exe -> [2010/04/08 11:50:26 | 000,638,976 | ---- | C | MD5 = 0699456F9835951BCB3304564244386F] (OldTimer Tools)
 temp -> C:\WINDOWS\temp -> [2010/04/08 10:29:35 | 000,000,000 | ---D | C]
 cmdcons -> C:\cmdcons -> [2010/04/08 10:23:14 | 000,000,000 | RHSD | C]
 SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/04/08 10:22:38 | 000,212,480 | ---- | C | MD5 = B1A9CF0B6F80611D31987C247EC630B4] (SteelWerX)
 SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/04/08 10:22:38 | 000,161,792 | ---- | C | MD5 = 01D95A1F8CF13D07CC564AABB36BCC0B] (SteelWerX)
 SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/04/08 10:22:38 | 000,136,704 | ---- | C | MD5 = B7517DB073B28F5696A1E5528ABEB5D0] (SteelWerX)
 NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/04/08 10:22:38 | 000,031,232 | ---- | C | MD5 = AE72E8619CB31D84DA25E2435E55003C] (NirSoft)
 ERDNT -> C:\WINDOWS\ERDNT -> [2010/04/08 10:22:35 | 000,000,000 | ---D | C]
 Qoobox -> C:\Qoobox -> [2010/04/08 10:15:59 | 000,000,000 | ---D | C]
 Trend Micro -> C:\Program Files\Trend Micro -> [2010/04/07 00:35:26 | 000,000,000 | ---D | C]
 SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> [2010/04/06 22:24:05 | 000,000,000 | ---D | C]
 SUPERAntiSpyware.com -> C:\Documents and Settings\chris\Application Data\SUPERAntiSpyware.com -> [2010/04/06 22:24:00 | 000,000,000 | ---D | C]
 SUPERAntiSpyware -> C:\Program Files\SUPERAntiSpyware -> [2010/04/06 22:24:00 | 000,000,000 | ---D | C]
 Recent -> C:\Documents and Settings\chris\Recent -> [2010/04/06 22:20:24 | 000,000,000 | RH-D | C]
 CCleaner -> C:\Program Files\CCleaner -> [2010/04/06 22:16:01 | 000,000,000 | ---D | C]
 Java -> C:\Program Files\Common Files\Java -> [2010/04/06 22:13:50 | 000,000,000 | ---D | C]
 Sun -> C:\Documents and Settings\All Users\Application Data\Sun -> [2010/04/06 22:13:20 | 000,000,000 | ---D | C]
 Sun -> C:\Program Files\Sun -> [2010/04/06 22:13:09 | 000,000,000 | ---D | C]
 Java -> C:\Program Files\Java -> [2010/04/06 22:09:21 | 000,000,000 | ---D | C]
 JavaRa.exe -> C:\Documents and Settings\chris\Desktop\JavaRa.exe -> [2010/04/06 21:59:08 | 000,157,696 | ---- | C | MD5 = 8FB2BAFDA81520867539C5393E715D89] (The RaProducts Team: Paul McLain and Fred de Vries)
 WinRAR -> C:\Documents and Settings\chris\Application Data\WinRAR -> [2010/04/06 21:57:58 | 000,000,000 | ---D | C]
 WinRAR -> C:\Program Files\WinRAR -> [2010/04/06 21:56:28 | 000,000,000 | ---D | C]
 appmgmt -> C:\WINDOWS\System32\appmgmt -> [2010/04/06 21:49:04 | 000,000,000 | ---D | C]
 Deployment -> C:\Documents and Settings\chris\Local Settings\Application Data\Deployment -> [2010/04/06 21:40:28 | 000,000,000 | ---D | C]
 Malwarebytes -> C:\Documents and Settings\chris\Application Data\Malwarebytes -> [2010/04/06 20:19:44 | 000,000,000 | ---D | C]
 mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/04/06 20:19:37 | 000,038,224 | ---- | C | MD5 = 75B8EF2A089127E8A3B38F46CC366D79] (Malwarebytes Corporation)
 Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/04/06 20:19:35 | 000,000,000 | ---D | C]
 mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/04/06 20:19:34 | 000,020,824 | ---- | C | MD5 = F61B04F2BB5098A34817D776C59E5E7C] (Malwarebytes Corporation)
 Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/04/06 20:19:34 | 000,000,000 | ---D | C]
 changer.sys -> C:\WINDOWS\System32\drivers\changer.sys -> [2010/04/06 19:29:25 | 000,008,192 | ---- | C | MD5 = 2A5815CA6FFF24B688C01F828B96819C] (Microsoft Corporation)
 Sun -> C:\WINDOWS\Sun -> [2010/04/06 19:28:07 | 000,000,000 | ---D | C]
 New Folder -> C:\Documents and Settings\chris\Desktop\New Folder -> [2010/04/06 19:21:08 | 000,000,000 | ---D | C]
 The Movies -> C:\Documents and Settings\chris\My Documents\The Movies -> [2010/04/05 07:26:09 | 000,000,000 | ---D | C]
 Lionhead Studios -> C:\Documents and Settings\chris\Application Data\Lionhead Studios -> [2010/04/05 07:08:56 | 000,000,000 | ---D | C]
 Lionhead Studios Ltd -> C:\Program Files\Lionhead Studios Ltd -> [2010/04/05 07:05:24 | 000,000,000 | ---D | C]
 Lionhead Studios -> C:\Documents and Settings\All Users\Application Data\Lionhead Studios -> [2010/04/05 07:05:24 | 000,000,000 | ---D | C]
 ftpcache -> C:\WINDOWS\ftpcache -> [2010/04/05 07:03:29 | 000,000,000 | -HSD | C]
 Adobe AIR -> C:\Program Files\Common Files\Adobe AIR -> [2010/04/05 07:02:42 | 000,000,000 | ---D | C]
 ProgramData -> C:\ProgramData -> [2010/04/05 03:52:31 | 000,000,000 | ---D | C]
 Electronic Arts -> C:\Documents and Settings\All Users\Application Data\Electronic Arts -> [2010/04/05 03:52:31 | 000,000,000 | ---D | C]
 Electronic Arts -> C:\Documents and Settings\chris\My Documents\Electronic Arts -> [2010/04/05 03:52:28 | 000,000,000 | ---D | C]
 vp6vfw.dll -> C:\WINDOWS\System32\vp6vfw.dll -> [2010/04/05 03:49:49 | 000,447,752 | R--- | C | MD5 = 4B0C0A8C960AF22761FB6A25D8A50DF2] (On2.com)
 Microsoft WSE -> C:\Program Files\Microsoft WSE -> [2010/04/05 03:49:47 | 000,000,000 | ---D | C]
 Electronic Arts -> C:\Program Files\Electronic Arts -> [2010/04/05 03:35:58 | 000,000,000 | ---D | C]
 TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2010/04/04 22:57:21 | 000,000,000 | ---D | C]
 GamepotUSA -> C:\GamepotUSA -> [2010/04/04 22:15:41 | 000,000,000 | ---D | C]
 skypePM -> C:\Documents and Settings\chris\Application Data\skypePM -> [2010/04/04 22:01:25 | 000,000,000 | ---D | C]
 Skype -> C:\Documents and Settings\chris\Application Data\Skype -> [2010/04/04 22:00:27 | 000,000,000 | ---D | C]
 Skype -> C:\Program Files\Common Files\Skype -> [2010/04/04 22:00:11 | 000,000,000 | ---D | C]
 Skype -> C:\Program Files\Skype -> [2010/04/04 22:00:06 | 000,000,000 | R--D | C]
 Skype -> C:\Documents and Settings\All Users\Application Data\Skype -> [2010/04/04 22:00:01 | 000,000,000 | ---D | C]
 PunkBuster -> C:\Documents and Settings\chris\Local Settings\Application Data\PunkBuster -> [2010/03/29 19:45:56 | 000,000,000 | ---D | C]
 BFBC2 -> C:\Documents and Settings\chris\My Documents\BFBC2 -> [2010/03/29 19:45:53 | 000,000,000 | ---D | C]
 Spybot - Search & Destroy -> C:\Program Files\Spybot - Search & Destroy -> [2010/03/29 16:47:14 | 000,000,000 | ---D | C]
 Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy -> [2010/03/29 16:47:14 | 000,000,000 | ---D | C]
 runic games -> C:\Documents and Settings\chris\Application Data\runic games -> [2010/03/26 19:43:20 | 000,000,000 | ---D | C]
 Black Isle -> C:\Program Files\Black Isle -> [2010/03/19 15:24:03 | 000,000,000 | ---D | C]
 BioWare -> C:\Program Files\Common Files\BioWare -> [2010/03/16 12:17:37 | 000,000,000 | ---D | C]
 PMB Files -> C:\Documents and Settings\chris\Local Settings\Application Data\PMB Files -> [2010/03/07 13:57:58 | 000,000,000 | ---D | C]
 PMB Files -> C:\Documents and Settings\All Users\Application Data\PMB Files -> [2010/03/07 13:57:55 | 000,000,000 | ---D | C]
 Pando Networks -> C:\Program Files\Pando Networks -> [2010/03/07 13:57:49 | 000,000,000 | ---D | C]
 Dungeons and Dragons Online -> C:\Documents and Settings\chris\My Documents\Dungeons and Dragons Online -> [2010/03/07 13:13:05 | 000,000,000 | ---D | C]
 Turbine -> C:\Documents and Settings\chris\Local Settings\Application Data\Turbine -> [2010/03/07 13:12:23 | 000,000,000 | ---D | C]
 Turbine,_Inc -> C:\Documents and Settings\chris\Local Settings\Application Data\Turbine,_Inc -> [2010/03/07 13:07:17 | 000,000,000 | ---D | C]
 Turbine -> C:\Documents and Settings\All Users\Application Data\Turbine -> [2010/03/07 13:05:48 | 000,000,000 | ---D | C]
 Turbine -> C:\Program Files\Turbine -> [2010/03/07 13:05:36 | 000,000,000 | ---D | C]
 ApplicationHistory -> C:\Documents and Settings\chris\Local Settings\Application Data\ApplicationHistory -> [2010/03/07 13:05:14 | 000,000,000 | ---D | C]
 URTTEMP -> C:\WINDOWS\System32\URTTEMP -> [2010/03/07 13:03:41 | 000,000,000 | ---D | C]
 dvdcss -> C:\Documents and Settings\chris\Application Data\dvdcss -> [2010/03/06 16:12:59 | 000,000,000 | ---D | C]
 vlc -> C:\Documents and Settings\chris\Application Data\vlc -> [2010/03/06 16:12:49 | 000,000,000 | ---D | C]
 VideoLAN -> C:\Program Files\VideoLAN -> [2010/03/06 16:12:11 | 000,000,000 | ---D | C]
 PC Drivers HeadQuarters -> C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters -> [2010/03/06 15:57:29 | 000,000,000 | ---D | C]
 DivX -> C:\Documents and Settings\chris\Application Data\DivX -> [2010/03/06 15:50:43 | 000,000,000 | ---D | C]
 DivX -> C:\Program Files\DivX -> [2010/03/06 15:49:47 | 000,000,000 | ---D | C]
 ASUS -> C:\Program Files\ASUS -> [2010/03/05 08:54:26 | 000,000,000 | ---D | C]
 BioWare -> C:\Documents and Settings\All Users\Application Data\BioWare -> [2010/03/02 10:43:29 | 000,000,000 | ---D | C]
 BioWare -> C:\Documents and Settings\chris\My Documents\BioWare -> [2010/03/02 10:43:14 | 000,000,000 | ---D | C]
 Risen -> C:\Documents and Settings\chris\My Documents\Risen -> [2010/03/01 13:26:08 | 000,000,000 | ---D | C]
 Risen -> C:\Documents and Settings\chris\Local Settings\Application Data\Risen -> [2010/03/01 13:26:08 | 000,000,000 | ---D | C]
 Tages -> C:\Documents and Settings\All Users\Application Data\Tages -> [2010/03/01 13:25:37 | 000,000,000 | ---D | C]
 MSXML 4.0 -> C:\Program Files\MSXML 4.0 -> [2010/02/27 15:27:59 | 000,000,000 | ---D | C]
 Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [2010/02/27 03:50:51 | 000,000,000 | ---D | C]
 spmsg.dll -> C:\WINDOWS\System32\spmsg.dll -> [2010/02/27 03:46:26 | 000,016,928 | ---- | C | MD5 = 87BBF015ADDE24DBAFF1FE5A114EDB9C] (Microsoft Corporation)
 Windows Media Connect 2 -> C:\Program Files\Windows Media Connect 2 -> [2010/02/27 03:46:14 | 000,000,000 | ---D | C]
 My Videos -> C:\Documents and Settings\chris\My Documents\My Videos -> [2010/02/27 03:42:14 | 000,000,000 | R--D | C]
 it-IT -> C:\WINDOWS\System32\drivers\UMDF\it-IT -> [2010/02/27 03:35:33 | 000,000,000 | ---D | C]
 de-DE -> C:\WINDOWS\System32\drivers\UMDF\de-DE -> [2010/02/27 03:35:32 | 000,000,000 | ---D | C]
 fr-FR -> C:\WINDOWS\System32\drivers\UMDF\fr-FR -> [2010/02/27 03:35:31 | 000,000,000 | ---D | C]
 es-ES -> C:\WINDOWS\System32\drivers\UMDF\es-ES -> [2010/02/27 03:35:30 | 000,000,000 | ---D | C]
 spmsgXP_2k3.dll -> C:\WINDOWS\System32\spmsgXP_2k3.dll -> [2010/02/27 03:35:10 | 000,016,928 | ---- | C | MD5 = 87BBF015ADDE24DBAFF1FE5A114EDB9C] (Microsoft Corporation)
 en-US -> C:\WINDOWS\System32\drivers\UMDF\en-US -> [2010/02/27 03:34:57 | 000,000,000 | ---D | C]
 Zune -> C:\Program Files\Zune -> [2010/02/27 03:34:53 | 000,000,000 | ---D | C]
 imapi2fs.dll -> C:\WINDOWS\System32\imapi2fs.dll -> [2010/02/27 03:34:28 | 000,465,920 | ---- | C | MD5 = 69DFD640F3CCCC3276F387B495A9EFA0] (Microsoft Corporation)
 imapi2fs.dll -> C:\WINDOWS\System32\dllcache\imapi2fs.dll -> [2010/02/27 03:34:28 | 000,465,920 | ---- | C | MD5 = 69DFD640F3CCCC3276F387B495A9EFA0] (Microsoft Corporation)
 imapi2.dll -> C:\WINDOWS\System32\imapi2.dll -> [2010/02/27 03:34:28 | 000,317,952 | ---- | C | MD5 = 716D1906C3ECC0CA62BB53A939D5AEAD] (Microsoft Corporation)
 imapi2.dll -> C:\WINDOWS\System32\dllcache\imapi2.dll -> [2010/02/27 03:34:28 | 000,317,952 | ---- | C | MD5 = 716D1906C3ECC0CA62BB53A939D5AEAD] (Microsoft Corporation)
 cdrom.sys -> C:\WINDOWS\System32\dllcache\cdrom.sys -> [2010/02/27 03:34:28 | 000,062,976 | ---- | C | MD5 = 4B0A100EAF5C49EF3CCA8C641431EACC] (Microsoft Corporation)
 UMDF -> C:\WINDOWS\System32\drivers\UMDF -> [2010/02/27 03:33:57 | 000,000,000 | ---D | C]
 LogFiles -> C:\WINDOWS\System32\LogFiles -> [2010/02/27 03:33:57 | 000,000,000 | ---D | C]
 Ahead -> C:\Documents and Settings\chris\Local Settings\Application Data\Ahead -> [2010/02/27 03:30:43 | 000,000,000 | ---D | C]
 LightScribe -> C:\Program Files\Common Files\LightScribe -> [2010/02/27 03:29:32 | 000,000,000 | ---D | C]
 Ahead -> C:\Documents and Settings\chris\Application Data\Ahead -> [2010/02/27 03:28:48 | 000,000,000 | ---D | C]
 Ahead -> C:\Documents and Settings\All Users\Application Data\Ahead -> [2010/02/27 03:28:17 | 000,000,000 | ---D | C]
 Nero -> C:\Program Files\Nero -> [2010/02/27 03:25:35 | 000,000,000 | ---D | C]
 Nero -> C:\Documents and Settings\All Users\Application Data\Nero -> [2010/02/27 03:25:35 | 000,000,000 | ---D | C]
 Ahead -> C:\Program Files\Common Files\Ahead -> [2010/02/27 03:25:35 | 000,000,000 | ---D | C]
 RegisteredPackages -> C:\WINDOWS\RegisteredPackages -> [2010/02/27 03:24:56 | 000,000,000 | ---D | C]
 D3DCompiler_42.dll -> C:\WINDOWS\System32\D3DCompiler_42.dll -> [2010/02/26 09:25:13 | 001,974,616 | ---- | C | MD5 = B33B21DB610116262D906305CE65C354] (Microsoft Corporation)
 XAudio2_5.dll -> C:\WINDOWS\System32\XAudio2_5.dll -> [2010/02/26 09:25:13 | 000,515,416 | ---- | C | MD5 = 8B01FB723F3B30AB3DEBDDBF97CFE577] (Microsoft Corporation)
 xactengine3_5.dll -> C:\WINDOWS\System32\xactengine3_5.dll -> [2010/02/26 09:25:13 | 000,238,936 | ---- | C | MD5 = DB3C93E87452B8DAB4F58ED1FD2B1998] (Microsoft Corporation)
 d3dcsx_42.dll -> C:\WINDOWS\System32\d3dcsx_42.dll -> [2010/02/26 09:25:10 | 005,501,792 | ---- | C | MD5 = B337306DFB508A1BCEF1974BFBB8D924] (Microsoft Corporation)
 d3dx11_42.dll -> C:\WINDOWS\System32\d3dx11_42.dll -> [2010/02/26 09:25:10 | 000,235,344 | ---- | C | MD5 = D09AC80A4B5312239852836C84DF3392] (Microsoft Corporation)
 D3DX9_42.dll -> C:\WINDOWS\System32\D3DX9_42.dll -> [2010/02/26 09:25:09 | 001,892,184 | ---- | C | MD5 = C6A44FC3CF2F5801561804272217B14D] (Microsoft Corporation)
 d3dx10_42.dll -> C:\WINDOWS\System32\d3dx10_42.dll -> [2010/02/26 09:25:09 | 000,453,456 | ---- | C | MD5 = 501AC862517C5445742BEE8A2B88414E] (Microsoft Corporation)
 Downloads -> C:\Documents and Settings\chris\My Documents\Downloads -> [2010/02/26 08:56:25 | 000,000,000 | ---D | C]
 BitTorrent -> C:\Documents and Settings\chris\Application Data\BitTorrent -> [2010/02/26 05:39:39 | 000,000,000 | ---D | C]
 BitTorrent -> C:\Program Files\BitTorrent -> [2010/02/26 05:39:33 | 000,000,000 | ---D | C]
 LimeWire -> C:\Documents and Settings\chris\My Documents\LimeWire -> [2010/02/24 22:49:46 | 000,000,000 | ---D | C]
 Mozilla -> C:\Documents and Settings\chris\Application Data\Mozilla -> [2010/02/24 22:49:42 | 000,000,000 | ---D | C]
 LimeWire -> C:\Documents and Settings\chris\Application Data\LimeWire -> [2010/02/24 22:49:27 | 000,000,000 | ---D | C]
 Sun -> C:\Documents and Settings\chris\Application Data\Sun -> [2010/02/24 22:11:40 | 000,000,000 | ---D | C]
 LimeWire -> C:\Program Files\LimeWire -> [2010/02/24 22:11:38 | 000,000,000 | ---D | C]
 Adobe -> C:\Documents and Settings\chris\Local Settings\Application Data\Adobe -> [2010/02/24 20:52:34 | 000,000,000 | ---D | C]
 Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe -> [2010/02/24 20:51:51 | 000,000,000 | ---D | C]
 Adobe -> C:\Program Files\Common Files\Adobe -> [2010/02/24 20:51:42 | 000,000,000 | ---D | C]
 Adobe -> C:\Program Files\Adobe -> [2010/02/24 20:51:42 | 000,000,000 | ---D | C]
 XPSViewer -> C:\WINDOWS\System32\XPSViewer -> [2010/02/22 05:00:02 | 000,000,000 | ---D | C]
 MSBuild -> C:\Program Files\MSBuild -> [2010/02/22 04:59:59 | 000,000,000 | ---D | C]
 Reference Assemblies -> C:\Program Files\Reference Assemblies -> [2010/02/22 04:59:55 | 000,000,000 | ---D | C]
 printfilterpipelinesvc.exe -> C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe -> [2010/02/22 04:59:34 | 000,597,504 | ---- | C | MD5 = 9CAC2BEE7724FC829567400EE751856A] (Microsoft Corporation)
 xpsshhdr.dll -> C:\WINDOWS\System32\dllcache\xpsshhdr.dll -> [2010/02/22 04:59:34 | 000,575,488 | ---- | C | MD5 = 81C4B0077427391D582FBB1B6B9578CB] (Microsoft Corporation)
 prntvpt.dll -> C:\WINDOWS\System32\prntvpt.dll -> [2010/02/22 04:59:34 | 000,117,760 | ---- | C | MD5 = 180E1D44727EB72CB11EC5953C5E4C52] (Microsoft Corporation)
 filterpipelineprintproc.dll -> C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll -> [2010/02/22 04:59:34 | 000,089,088 | ---- | C | MD5 = EEE7F12D9FF46F68FBC0DA059A359E9E] (Microsoft Corporation)
 xpssvcs.dll -> C:\WINDOWS\System32\xpssvcs.dll -> [2010/02/22 04:59:33 | 001,676,288 | ---- | C | MD5 = 89B23B4BE691942072E0E3F7EDEB33B6] (Microsoft Corporation)
 xpssvcs.dll -> C:\WINDOWS\System32\dllcache\xpssvcs.dll -> [2010/02/22 04:59:33 | 001,676,288 | ---- | C | MD5 = 89B23B4BE691942072E0E3F7EDEB33B6] (Microsoft Corporation)
 a022857158d360bfa0 -> C:\a022857158d360bfa0 -> [2010/02/22 04:59:33 | 000,000,000 | ---D | C]
 D3DCompiler_41.dll -> C:\WINDOWS\System32\D3DCompiler_41.dll -> [2010/02/22 04:57:28 | 001,846,632 | ---- | C | MD5 = 781E8B5B6FDB3C9B4E4A4A9FB019960D] (Microsoft Corporation)
 d3dx10_41.dll -> C:\WINDOWS\System32\d3dx10_41.dll -> [2010/02/22 04:57:28 | 000,453,456 | ---- | C | MD5 = 1AA571774936717EE776DBED51E9EDF4] (Microsoft Corporation)
 D3DX9_41.dll -> C:\WINDOWS\System32\D3DX9_41.dll -> [2010/02/22 04:57:26 | 004,178,264 | ---- | C | MD5 = 3FA06CF5079B84155D18B05C08F7131B] (Microsoft Corporation)
 XAudio2_4.dll -> C:\WINDOWS\System32\XAudio2_4.dll -> [2010/02/22 04:57:24 | 000,517,448 | ---- | C | MD5 = E684C5FA18ADF9EA14737757413BF727] (Microsoft Corporation)
 XAPOFX1_3.dll -> C:\WINDOWS\System32\XAPOFX1_3.dll -> [2010/02/22 04:57:24 | 000,069,464 | ---- | C | MD5 = 30686ECE80545E06D78D156EB9F7D463] (Microsoft Corporation)
 xactengine3_4.dll -> C:\WINDOWS\System32\xactengine3_4.dll -> [2010/02/22 04:57:23 | 000,235,352 | ---- | C | MD5 = 686F8D1B4926D48227A06ACD4D41CD1E] (Microsoft Corporation)
 X3DAudio1_6.dll -> C:\WINDOWS\System32\X3DAudio1_6.dll -> [2010/02/22 04:57:22 | 000,022,360 | ---- | C | MD5 = E763798CAD2A90B6AB61854F50CD47DD] (Microsoft Corporation)
 D3DCompiler_40.dll -> C:\WINDOWS\System32\D3DCompiler_40.dll -> [2010/02/22 04:57:19 | 002,036,576 | ---- | C | MD5 = 3384134EEB8F223178C2EB8323003EC0] (Microsoft Corporation)
 d3dx10_40.dll -> C:\WINDOWS\System32\d3dx10_40.dll -> [2010/02/22 04:57:19 | 000,452,440 | ---- | C | MD5 = 91B4AAD4412BB223B466F3DFB43E86DA] (Microsoft Corporation)
 D3DX9_40.dll -> C:\WINDOWS\System32\D3DX9_40.dll -> [2010/02/22 04:57:17 | 004,379,984 | ---- | C | MD5 = EEA5E428CE63804F9B12D21C97B5968F] (Microsoft Corporation)
 XAudio2_3.dll -> C:\WINDOWS\System32\XAudio2_3.dll -> [2010/02/22 04:57:16 | 000,514,384 | ---- | C | MD5 = 47ED15DC87AE334C13C4DACD1BE2CCED] (Microsoft Corporation)
 XAPOFX1_2.dll -> C:\WINDOWS\System32\XAPOFX1_2.dll -> [2010/02/22 04:57:16 | 000,070,992 | ---- | C | MD5 = 295E47A75F278580F9441041EAAEA3D2] (Microsoft Corporation)
 XAudio2_2.dll -> C:\WINDOWS\System32\XAudio2_2.dll -> [2010/02/22 04:57:15 | 000,509,448 | ---- | C | MD5 = 50F4A0D5E6A0BAFEFA78F353533B8E06] (Microsoft Corporation)
 xactengine3_3.dll -> C:\WINDOWS\System32\xactengine3_3.dll -> [2010/02/22 04:57:15 | 000,235,856 | ---- | C | MD5 = 8BA296419AF3417D1E9806B83166E472] (Microsoft Corporation)
 XAPOFX1_1.dll -> C:\WINDOWS\System32\XAPOFX1_1.dll -> [2010/02/22 04:57:15 | 000,068,616 | ---- | C | MD5 = D95EAABF5D277EF91D9CA70151209E56] (Microsoft Corporation)
 X3DAudio1_5.dll -> C:\WINDOWS\System32\X3DAudio1_5.dll -> [2010/02/22 04:57:15 | 000,023,376 | ---- | C | MD5 = 350FEFE18B86BD4D9AB2A96D00215A49] (Microsoft Corporation)
 D3DCompiler_39.dll -> C:\WINDOWS\System32\D3DCompiler_39.dll -> [2010/02/22 04:57:14 | 001,493,528 | ---- | C | MD5 = C4F1972497FE2CEB7D900938C97FCF91] (Microsoft Corporation)
 d3dx10_39.dll -> C:\WINDOWS\System32\d3dx10_39.dll -> [2010/02/22 04:57:14 | 000,467,984 | ---- | C | MD5 = E6C2F1D8B667DDC04CB55B9F0159EF97] (Microsoft Corporation)
 xactengine3_2.dll -> C:\WINDOWS\System32\xactengine3_2.dll -> [2010/02/22 04:57:14 | 000,238,088 | ---- | C | MD5 = F3C6BE26949CAADB11DBF0086082FAC9] (Microsoft Corporation)
 D3DX9_39.dll -> C:\WINDOWS\System32\D3DX9_39.dll -> [2010/02/22 04:57:13 | 003,851,784 | ---- | C | MD5 = 8CB3DEFB8887C4F0846DB1FC1304D6D2] (Microsoft Corporation)
 XAudio2_1.dll -> C:\WINDOWS\System32\XAudio2_1.dll -> [2010/02/22 04:57:13 | 000,507,400 | ---- | C | MD5 = E34FF0115B1EE3B4E03D22AE9840EE03] (Microsoft Corporation)
 XAPOFX1_0.dll -> C:\WINDOWS\System32\XAPOFX1_0.dll -> [2010/02/22 04:57:13 | 000,065,032 | ---- | C | MD5 = DD165760F1B95200A3DA2D9DFDB84234] (Microsoft Corporation)
 D3DCompiler_38.dll -> C:\WINDOWS\System32\D3DCompiler_38.dll -> [2010/02/22 04:57:12 | 001,491,992 | ---- | C | MD5 = 103CBFC5591008AD33046E20E8E1EEBE] (Microsoft Corporation)
 d3dx10_38.dll -> C:\WINDOWS\System32\d3dx10_38.dll -> [2010/02/22 04:57:12 | 000,467,984 | ---- | C | MD5 = A2650B27472C21CDD817EEEDE65648E1] (Microsoft Corporation)
 xactengine3_1.dll -> C:\WINDOWS\System32\xactengine3_1.dll -> [2010/02/22 04:57:12 | 000,238,088 | ---- | C | MD5 = 2E0E25252E1D41752876E9FE12ADE175] (Microsoft Corporation)
 X3DAudio1_4.dll -> C:\WINDOWS\System32\X3DAudio1_4.dll -> [2010/02/22 04:57:12 | 000,025,608 | ---- | C | MD5 = E3832514BD21236067B7227F6165EF95] (Microsoft Corporation)
 D3DX9_38.dll -> C:\WINDOWS\System32\D3DX9_38.dll -> [2010/02/22 04:57:11 | 003,850,760 | ---- | C | MD5 = 8F3EB548AC4ED90252394F60C77E3196] (Microsoft Corporation)
 XAudio2_0.dll -> C:\WINDOWS\System32\XAudio2_0.dll -> [2010/02/22 04:57:10 | 000,479,752 | ---- | C | MD5 = 418CDC57E55EE79C3F86C13A19B3D5E3] (Microsoft Corporation)
 xactengine3_0.dll -> C:\WINDOWS\System32\xactengine3_0.dll -> [2010/02/22 04:57:09 | 000,238,088 | ---- | C | MD5 = 8A83673F0AB001870583FDE2B004FA59] (Microsoft Corporation)
 X3DAudio1_3.dll -> C:\WINDOWS\System32\X3DAudio1_3.dll -> [2010/02/22 04:57:08 | 000,025,608 | ---- | C | MD5 = C593FD0A96EE4B6390B653C4C641313F] (Microsoft Corporation)
 D3DCompiler_37.dll -> C:\WINDOWS\System32\D3DCompiler_37.dll -> [2010/02/22 04:57:07 | 001,420,824 | ---- | C | MD5 = EA752DBCE35045D3C830DC16578CC8AB] (Microsoft Corporation)
 d3dx10_37.dll -> C:\WINDOWS\System32\d3dx10_37.dll -> [2010/02/22 04:57:07 | 000,462,864 | ---- | C | MD5 = 4A43E9A2B17E4CAFA9CB5FEC0B5B686B] (Microsoft Corporation)
 D3DX9_37.dll -> C:\WINDOWS\System32\D3DX9_37.dll -> [2010/02/22 04:57:06 | 003,786,760 | ---- | C | MD5 = AC3C517FB0FBBE45FE44007BCD3625A7] (Microsoft Corporation)
 xactengine2_10.dll -> C:\WINDOWS\System32\xactengine2_10.dll -> [2010/02/22 04:57:05 | 000,267,272 | ---- | C | MD5 = 73E055AF78A64F9B2779D44407CA2AB6] (Microsoft Corporation)
 D3DCompiler_36.dll -> C:\WINDOWS\System32\D3DCompiler_36.dll -> [2010/02/22 04:57:04 | 001,374,232 | ---- | C | MD5 = FB4299688A0D3A37687C015AC2B9922D] (Microsoft Corporation)
 d3dx10_36.dll -> C:\WINDOWS\System32\d3dx10_36.dll -> [2010/02/22 04:57:04 | 000,444,776 | ---- | C | MD5 = D9158E78A368B08D9133043EB3058C12] (Microsoft Corporation)
 d3dx9_36.dll -> C:\WINDOWS\System32\d3dx9_36.dll -> [2010/02/22 04:57:03 | 003,734,536 | ---- | C | MD5 = 44BFEC5C9C82A2EE9871D88FD3B9A0E2] (Microsoft Corporation)
 xactengine2_9.dll -> C:\WINDOWS\System32\xactengine2_9.dll -> [2010/02/22 04:57:02 | 000,267,112 | ---- | C | MD5 = 46EE68F04A75A1CCF40235EA6F1CBA05] (Microsoft Corporation)
 d3dx9_35.dll -> C:\WINDOWS\System32\d3dx9_35.dll -> [2010/02/22 04:57:01 | 003,727,720 | ---- | C | MD5 = 3EF18B78D17C962F2B71AC1CB7757684] (Microsoft Corporation)
 D3DCompiler_35.dll -> C:\WINDOWS\System32\D3DCompiler_35.dll -> [2010/02/22 04:57:01 | 001,358,192 | ---- | C | MD5 = 5B441670A4F5F8BCCE76741902B8AF56] (Microsoft Corporation)
 d3dx10_35.dll -> C:\WINDOWS\System32\d3dx10_35.dll -> [2010/02/22 04:57:01 | 000,444,776 | ---- | C | MD5 = F3764552E45880DC49B82F38699AA87C] (Microsoft Corporation)
 xactengine2_8.dll -> C:\WINDOWS\System32\xactengine2_8.dll -> [2010/02/22 04:57:00 | 000,266,088 | ---- | C | MD5 = 499210C45AFEAADEE8CF4DCF7D5E570B] (Microsoft Corporation)
 X3DAudio1_2.dll -> C:\WINDOWS\System32\X3DAudio1_2.dll -> [2010/02/22 04:57:00 | 000,017,928 | ---- | C | MD5 = F6A9FC2AD2F9111372B5AB3BBA3707EC] (Microsoft Corporation)
 D3DCompiler_34.dll -> C:\WINDOWS\System32\D3DCompiler_34.dll -> [2010/02/22 04:56:59 | 001,124,720 | ---- | C | MD5 = 75F206C195BBACA6EF28565B1C0CD75C] (Microsoft Corporation)
 d3dx10_34.dll -> C:\WINDOWS\System32\d3dx10_34.dll -> [2010/02/22 04:56:59 | 000,443,752 | ---- | C | MD5 = 5AA9987F2E62B56D7661B6901901F927] (Microsoft Corporation)
 d3dx9_34.dll -> C:\WINDOWS\System32\d3dx9_34.dll -> [2010/02/22 04:56:58 | 003,497,832 | ---- | C | MD5 = 1CA939918ED1B930059B3A882DE6F648] (Microsoft Corporation)
 xinput1_3.dll -> C:\WINDOWS\System32\xinput1_3.dll -> [2010/02/22 04:56:58 | 000,081,768 | ---- | C | MD5 = 77F595DEE5FFACEA72B135B1FCE1312E] (Microsoft Corporation)
 xactengine2_7.dll -> C:\WINDOWS\System32\xactengine2_7.dll -> [2010/02/22 04:56:57 | 000,261,480 | ---- | C | MD5 = 7FEBB8CE2233CBAE738B16D42ED29674] (Microsoft Corporation)
 xactengine2_6.dll -> C:\WINDOWS\System32\xactengine2_6.dll -> [2010/02/22 04:56:52 | 000,255,848 | ---- | C | MD5 = 39000E033D39D19CCCE21AEAFCCE2476] (Microsoft Corporation)
 d3dx9_32.dll -> C:\WINDOWS\System32\d3dx9_32.dll -> [2010/02/22 04:56:51 | 003,426,072 | ---- | C | MD5 = 26AF232140C88B42D92A88F2198EDF6A] (Microsoft Corporation)
 xactengine2_5.dll -> C:\WINDOWS\System32\xactengine2_5.dll -> [2010/02/22 04:56:51 | 000,251,672 | ---- | C | MD5 = 86C93789E9006F1AC47ED9DD47D4C8A1] (Microsoft Corporation)
 xactengine2_4.dll -> C:\WINDOWS\System32\xactengine2_4.dll -> [2010/02/22 04:56:51 | 000,237,848 | ---- | C | MD5 = 6550E1A0A7BE611592C31222FCB981FB] (Microsoft Corporation)
 x3daudio1_1.dll -> C:\WINDOWS\System32\x3daudio1_1.dll -> [2010/02/22 04:56:51 | 000,015,128 | ---- | C | MD5 = 121B131EAA369D8F58DACC5C39A77D80] (Microsoft Corporation)
 d3dx9_31.dll -> C:\WINDOWS\System32\d3dx9_31.dll -> [2010/02/22 04:56:50 | 002,414,360 | ---- | C | MD5 = 797E24743937D67D69F28F2CF5052EE8] (Microsoft Corporation)
 xactengine2_3.dll -> C:\WINDOWS\System32\xactengine2_3.dll -> [2010/02/22 04:56:50 | 000,236,824 | ---- | C | MD5 = 69D841744B2BAE38FBB2D40A230A549C] (Microsoft Corporation)
 xinput1_2.dll -> C:\WINDOWS\System32\xinput1_2.dll -> [2010/02/22 04:56:50 | 000,062,744 | ---- | C | MD5 = 33B62BE226934E1B01F5043870C70427] (Microsoft Corporation)
 Logs -> C:\WINDOWS\Logs -> [2010/02/22 04:56:08 | 000,000,000 | ---D | C]
 aswFsBlk.sys -> C:\WINDOWS\System32\drivers\aswFsBlk.sys -> [2010/02/21 23:23:47 | 000,019,024 | ---- | C | MD5 = FB6A381C32A87EE6588EED61D22DC03B] (ALWIL Software)
 aswSP.sys -> C:\WINDOWS\System32\drivers\aswSP.sys -> [2010/02/21 23:23:46 | 000,162,640 | ---- | C | MD5 = 39BF48164A958F4BF0C0EC6CDC447DB5] (ALWIL Software)
 aswRdr.sys -> C:\WINDOWS\System32\drivers\aswRdr.sys -> [2010/02/21 23:23:46 | 000,023,376 | ---- | C | MD5 = 7827F70B86B29FBF112CBCE547205ACC] (ALWIL Software)
 aswTdi.sys -> C:\WINDOWS\System32\drivers\aswTdi.sys -> [2010/02/21 23:23:45 | 000,046,672 | ---- | C | MD5 = 755E4AFB683E3306886A0F4DF02A1575] (ALWIL Software)
 aswmon2.sys -> C:\WINDOWS\System32\drivers\aswmon2.sys -> [2010/02/21 23:23:43 | 000,100,432 | ---- | C | MD5 = 1A10CBECFDD0A597B27E2D0998D95CF9] (ALWIL Software)
 aswmon.sys -> C:\WINDOWS\System32\drivers\aswmon.sys -> [2010/02/21 23:23:43 | 000,094,800 | ---- | C | MD5 = 72BEDB9179163E04280D25314286D253] (ALWIL Software)
 aavmker4.sys -> C:\WINDOWS\System32\drivers\aavmker4.sys -> [2010/02/21 23:23:43 | 000,028,880 | ---- | C | MD5 = D5D75EDD02157FCD3EB576D4681E8C3E] (ALWIL Software)
 aswBoot.exe -> C:\WINDOWS\System32\aswBoot.exe -> [2010/02/21 23:23:37 | 000,153,184 | ---- | C | MD5 = A8D96F9986063D53EEBE9D1B09825CCF] (ALWIL Software)
 avastSS.scr -> C:\WINDOWS\System32\avastSS.scr -> [2010/02/21 23:23:37 | 000,038,848 | ---- | C | MD5 = A0160AD4CE53CDB21ABC67F6B6E1E07B] (ALWIL Software)
 Alwil Software -> C:\Program Files\Alwil Software -> [2010/02/21 23:23:34 | 000,000,000 | ---D | C]
 Alwil Software -> C:\Documents and Settings\All Users\Application Data\Alwil Software -> [2010/02/21 23:23:34 | 000,000,000 | ---D | C]
 My Games -> C:\Documents and Settings\chris\My Documents\My Games -> [2010/02/21 14:16:03 | 000,000,000 | ---D | C]
 d3dx9_33.dll -> C:\WINDOWS\System32\d3dx9_33.dll -> [2010/02/21 14:15:53 | 003,495,784 | ---- | C | MD5 = CDB1CD22BAFF21F48606B3C1A18B000B] (Microsoft Corporation)
 D3DCompiler_33.dll -> C:\WINDOWS\System32\D3DCompiler_33.dll -> [2010/02/21 14:15:53 | 001,123,696 | ---- | C | MD5 = FAE7E1D578C42A7C3D9D61A99D178BD5] (Microsoft Corporation)
 d3dx10_33.dll -> C:\WINDOWS\System32\d3dx10_33.dll -> [2010/02/21 14:15:53 | 000,443,752 | ---- | C | MD5 = 37A8171ACCF46A9C196054066C28827F] (Microsoft Corporation)
 pss -> C:\WINDOWS\pss -> [2010/02/21 13:19:40 | 000,000,000 | ---D | C]
 Ventrilo -> C:\Documents and Settings\chris\Application Data\Ventrilo -> [2010/02/20 20:25:18 | 000,000,000 | ---D | C]
 Ventrilo -> C:\Program Files\Ventrilo -> [2010/02/20 20:25:13 | 000,000,000 | ---D | C]
 Logitech -> C:\Documents and Settings\chris\Application Data\Logitech -> [2010/02/20 14:53:28 | 000,000,000 | ---D | C]
 Leadertech -> C:\Documents and Settings\chris\Application Data\Leadertech -> [2010/02/20 14:53:20 | 000,000,000 | ---D | C]
 LBeepKE.sys -> C:\WINDOWS\System32\drivers\LBeepKE.sys -> [2010/02/20 14:52:26 | 000,010,384 | ---- | C | MD5 = 9FFD1CF2A782F2560E78EEC4B8B8689E] (Logitech, Inc.)
 ReinstallBackups -> C:\WINDOWS\System32\ReinstallBackups -> [2010/02/20 14:51:52 | 000,000,000 | ---D | C]
 kemutb.dll -> C:\WINDOWS\System32\kemutb.dll -> [2010/02/20 14:51:13 | 000,170,512 | ---- | C | MD5 = 810F104256F6BCD7012545B0BEA18D23] (Logitech, Inc.)
 KemUtil.dll -> C:\WINDOWS\System32\KemUtil.dll -> [2010/02/20 14:51:13 | 000,145,936 | ---- | C | MD5 = 8ADAE4E00D86A8530B8176A853B4B9B9] (Logitech, Inc.)
 KemWnd.dll -> C:\WINDOWS\System32\KemWnd.dll -> [2010/02/20 14:51:13 | 000,117,264 | ---- | C | MD5 = 7BDCEAF13D9EC5873C43BD8063BEC871] (Logitech, Inc.)
 KemXML.dll -> C:\WINDOWS\System32\KemXML.dll -> [2010/02/20 14:51:13 | 000,084,496 | ---- | C | MD5 = 22AA20E24295D0D98AFF72C65BD7DBFA] (Logitech, Inc.)
 Logitech -> C:\Documents and Settings\All Users\Application Data\Logitech -> [2010/02/20 14:50:30 | 000,000,000 | ---D | C]
 Logishrd -> C:\Program Files\Common Files\Logishrd -> [2010/02/20 14:50:16 | 000,000,000 | ---D | C]
 Logitech -> C:\Program Files\Logitech -> [2010/02/20 14:50:09 | 000,000,000 | ---D | C]
 LogiShrd -> C:\Documents and Settings\All Users\Application Data\LogiShrd -> [2010/02/20 14:49:46 | 000,000,000 | ---D | C]
 xactengine2_2.dll -> C:\WINDOWS\System32\xactengine2_2.dll -> [2010/02/20 13:10:15 | 000,230,168 | ---- | C | MD5 = 5C4D3843B491C047B7A619901FBD2EC1] (Microsoft Corporation)
 xactengine2_1.dll -> C:\WINDOWS\System32\xactengine2_1.dll -> [2010/02/20 13:10:14 | 000,229,584 | ---- | C | MD5 = 7C9952111F4C743B9F0D8B68B6ED93C9] (Microsoft Corporation)
 xinput1_1.dll -> C:\WINDOWS\System32\xinput1_1.dll -> [2010/02/20 13:10:14 | 000,062,672 | ---- | C | MD5 = F1726346E583442541FE73429F8E9C10] (Microsoft Corporation)
 d3dx9_30.dll -> C:\WINDOWS\System32\d3dx9_30.dll -> [2010/02/20 13:10:09 | 002,388,176 | ---- | C | MD5 = E415862612E65F10D7D888443ECD7594] (Microsoft Corporation)
 xactengine2_0.dll -> C:\WINDOWS\System32\xactengine2_0.dll -> [2010/02/20 13:10:09 | 000,230,096 | ---- | C | MD5 = 2112FE0C46662D429347A7D7B49E3ECE] (Microsoft Corporation)
 x3daudio1_0.dll -> C:\WINDOWS\System32\x3daudio1_0.dll -> [2010/02/20 13:10:09 | 000,014,032 | ---- | C | MD5 = 4E961525CC7FF0E5D7DA19E170B7C14C] (Microsoft Corporation)
 d3dx9_29.dll -> C:\WINDOWS\System32\d3dx9_29.dll -> [2010/02/20 13:10:08 | 002,332,368 | ---- | C | MD5 = 99F4FC172A5ACE36CF00AA7038D23F2C] (Microsoft Corporation)
 d3dx9_28.dll -> C:\WINDOWS\System32\d3dx9_28.dll -> [2010/02/20 13:10:08 | 002,323,664 | ---- | C | MD5 = BE19B603DFBAA829EE5B7749B3BA97DB] (Microsoft Corporation)
 d3dx9_27.dll -> C:\WINDOWS\System32\d3dx9_27.dll -> [2010/02/20 13:10:08 | 002,319,568 | ---- | C | MD5 = 852EDC778A7A50077694F84D8E601234] (Microsoft Corporation)
 d3dx9_26.dll -> C:\WINDOWS\System32\d3dx9_26.dll -> [2010/02/20 13:10:08 | 002,297,552 | ---- | C | MD5 = 523AB607EEF81CC4D909E7FEBD8A788E] (Microsoft Corporation)
 xinput9_1_0.dll -> C:\WINDOWS\System32\xinput9_1_0.dll -> [2010/02/20 13:10:08 | 000,061,136 | ---- | C | MD5 = ADFB6D7B61E301761C700652B6FE7CCD] (Microsoft Corporation)
 d3dx9_25.dll -> C:\WINDOWS\System32\d3dx9_25.dll -> [2010/02/20 13:10:07 | 002,337,488 | ---- | C | MD5 = 5B48FE9D6686F0D54B26A005ACE24D1D] (Microsoft Corporation)
 d3dx9_24.dll -> C:\WINDOWS\System32\d3dx9_24.dll -> [2010/02/20 13:10:07 | 002,222,800 | ---- | C | MD5 = BC831661963763AC4D504C5CABB1FDD9] (Microsoft Corporation)
 assembly -> C:\WINDOWS\assembly -> [2010/02/20 13:08:49 | 000,000,000 | R-SD | C]
 Microsoft.NET -> C:\WINDOWS\Microsoft.NET -> [2010/02/20 13:08:37 | 000,000,000 | ---D | C]
 Neverwinter Nights 2 -> C:\Documents and Settings\chris\My Documents\Neverwinter Nights 2 -> [2010/02/20 13:06:21 | 000,000,000 | ---D | C]
 Atari -> C:\Program Files\Atari -> [2010/02/20 12:43:08 | 000,000,000 | ---D | C]
 Steam -> C:\Program Files\Steam -> [2010/02/20 09:44:45 | 000,000,000 | ---D | C]
 PrivacIE -> C:\Documents and Settings\chris\PrivacIE -> [2010/02/20 09:35:52 | 000,000,000 | -HSD | C]
 IETldCache -> C:\Documents and Settings\chris\IETldCache -> [2010/02/20 09:35:31 | 000,000,000 | -HSD | C]
 KB905474 -> C:\WINDOWS\System32\KB905474 -> [2010/02/20 09:33:01 | 000,000,000 | ---D | C]
 ie8updates -> C:\WINDOWS\ie8updates -> [2010/02/20 09:32:18 | 000,000,000 | ---D | C]
 ieframe.dll -> C:\WINDOWS\System32\dllcache\ieframe.dll -> [2010/02/20 09:32:14 | 011,070,976 | ---- | C | MD5 = 0D5C62E6462FEE517C7FB3B64A58EF1B] (Microsoft Corporation)
 iertutil.dll -> C:\WINDOWS\System32\dllcache\iertutil.dll -> [2010/02/20 09:32:14 | 001,985,536 | ---- | C | MD5 = 95825F207451C184CF341255B2212249] (Microsoft Corporation)
 msfeeds.dll -> C:\WINDOWS\System32\dllcache\msfeeds.dll -> [2010/02/20 09:32:14 | 000,594,432 | ---- | C | MD5 = 389CFF2900A585559FA5AE44B1263696] (Microsoft Corporation)
 msfeedsbs.dll -> C:\WINDOWS\System32\dllcache\msfeedsbs.dll -> [2010/02/20 09:32:14 | 000,055,296 | ---- | C | MD5 = 35A5A2DD5155228A8A7E2C4738AF1417] (Microsoft Corporation)
 WBEM -> C:\WINDOWS\WBEM -> [2010/02/20 09:32:08 | 000,000,000 | ---D | C]
 ie8 -> C:\WINDOWS\ie8 -> [2010/02/20 09:31:24 | 000,000,000 | -H-D | C]
 bthport.sys -> C:\WINDOWS\System32\dllcache\bthport.sys -> [2010/02/20 09:11:34 | 000,272,128 | ---- | C | MD5 = 662BFD909447DD9CC15B1A1C366583B4] (Microsoft Corporation)
 mrxsmb.sys -> C:\WINDOWS\System32\dllcache\mrxsmb.sys -> [2010/02/20 09:11:22 | 000,455,424 | ---- | C | MD5 = 421F7B922CEC5A5F340E7574A98F7B7C] (Microsoft Corporation)
 ntkrnlmp.exe -> C:\WINDOWS\System32\dllcache\ntkrnlmp.exe -> [2010/02/20 09:10:27 | 002,145,280 | ---- | C | MD5 = 9696C553F994340CD6AA5C5A724C3A19] (Microsoft Corporation)
 ntkrpamp.exe -> C:\WINDOWS\System32\dllcache\ntkrpamp.exe -> [2010/02/20 09:10:26 | 002,023,936 | ---- | C | MD5 = 089F1E207B067A4DDEB2EEC37BBB1AA7] (Microsoft Corporation)
 ntkrnlpa.exe -> C:\WINDOWS\System32\dllcache\ntkrnlpa.exe -> [2010/02/20 09:10:25 | 002,066,048 | ---- | C | MD5 = A6683E23468776F75EB2D8C6A02AAD3B] (Microsoft Corporation)
 spupdsvc.exe -> C:\WINDOWS\System32\spupdsvc.exe -> [2010/02/20 09:07:58 | 000,026,144 | ---- | C | MD5 = 03D7AD16AC204C48640CBE6ED8281A65] (Microsoft Corporation)
 PreInstall -> C:\WINDOWS\System32\PreInstall -> [2010/02/20 09:07:58 | 000,000,000 | ---D | C]
 $hf_mig$ -> C:\WINDOWS\$hf_mig$ -> [2010/02/20 09:07:57 | 000,000,000 | -H-D | C]
 ieencode.dll -> C:\WINDOWS\System32\ieencode.dll -> [2010/02/20 09:04:14 | 000,081,920 | ---- | C | MD5 = FE815987CE51282CAAEB1355A4B68761] (Microsoft Corporation)
 ieencode.dll -> C:\WINDOWS\System32\dllcache\ieencode.dll -> [2010/02/20 09:04:14 | 000,081,920 | ---- | C | MD5 = FE815987CE51282CAAEB1355A4B68761] (Microsoft Corporation)
 AGEIA Technologies -> C:\Program Files\AGEIA Technologies -> [2010/02/20 09:01:30 | 000,000,000 | ---D | C]
 Wise Installation Wizard -> C:\Program Files\Common Files\Wise Installation Wizard -> [2010/02/20 09:01:26 | 000,000,000 | ---D | C]
 NVIDIA Corporation -> C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation -> [2010/02/20 09:01:26 | 000,000,000 | ---D | C]
 NVIDIA Corporation -> C:\Program Files\NVIDIA Corporation -> [2010/02/20 09:01:22 | 000,000,000 | ---D | C]
 OpenCL.dll -> C:\WINDOWS\System32\OpenCL.dll -> [2010/02/20 09:00:29 | 000,061,440 | ---- | C | MD5 = 6214A9A805E306CC9AD3EE72FBDD7DDE] (Khronos Group)
 NVIDIA -> C:\NVIDIA -> [2010/02/20 09:00:26 | 000,000,000 | ---D | C]
 Adobe -> C:\Documents and Settings\chris\Application Data\Adobe -> [2010/02/20 08:58:40 | 000,000,000 | ---D | C]
 Macromedia -> C:\Documents and Settings\chris\Application Data\Macromedia -> [2010/02/20 08:58:36 | 000,000,000 | ---D | C]
 usbstor.sys -> C:\WINDOWS\System32\dllcache\usbstor.sys -> [2010/02/20 08:55:23 | 000,026,368 | ---- | C | MD5 = A32426D9B14A089EAA1D922E0C5801A9] (Microsoft Corporation)
 music -> C:\Documents and Settings\chris\Desktop\music -> [2010/02/20 08:54:20 | 000,000,000 | R--D | C]
 drivers -> C:\Documents and Settings\chris\Desktop\drivers -> [2010/02/20 08:54:12 | 000,000,000 | ---D | C]
 SoftwareDistribution -> C:\WINDOWS\System32\SoftwareDistribution -> [2010/02/20 08:45:25 | 000,000,000 | ---D | C]
 Rtenicxp.sys -> C:\WINDOWS\System32\drivers\Rtenicxp.sys -> [2010/02/20 08:44:51 | 000,108,800 | R--- | C | MD5 = B52B25F41BF3511071A0E7D10D659C56] (Realtek Semiconductor Corporation                           )
 RtNicProp32.dll -> C:\WINDOWS\System32\RtNicProp32.dll -> [2010/02/20 08:44:51 | 000,009,728 | R--- | C | MD5 = FDC5157D5D4E3D7D8F73C3B76CFB98D4] (Realtek Semiconductor Corporation                           )
 Realtek -> C:\Program Files\Realtek -> [2010/02/20 08:44:40 | 000,000,000 | ---D | C]
 OPTIONS -> C:\WINDOWS\OPTIONS -> [2010/02/20 08:44:40 | 000,000,000 | ---D | C]
 InstallShield -> C:\Documents and Settings\chris\Application Data\InstallShield -> [2010/02/20 08:44:37 | 000,000,000 | ---D | C]
 viahdcpl.cpl -> C:\WINDOWS\System32\viahdcpl.cpl -> [2010/02/20 08:43:35 | 000,008,704 | R--- | C | MD5 = D1FB44530EF6F77CCFCF08F9C6CC6A15] (Windows (R) Codename Longhorn DDK provider)
 splitter.sys -> C:\WINDOWS\System32\dllcache\splitter.sys -> [2010/02/20 08:43:34 | 000,006,272 | ---- | C | MD5 = AB8B92451ECB048A4D1DE7C3FFCB4A9F] (Microsoft Corporation)
 wdmaud.sys -> C:\WINDOWS\System32\dllcache\wdmaud.sys -> [2010/02/20 08:43:33 | 000,083,072 | ---- | C | MD5 = 6768ACF64B18196494413695F0C3A00F] (Microsoft Corporation)
 dmusic.sys -> C:\WINDOWS\System32\dllcache\dmusic.sys -> [2010/02/20 08:43:32 | 000,052,864 | ---- | C | MD5 = 8A208DFCF89792A484E76C40E5F50B45] (Microsoft Corporation)
 swmidi.sys.bak -> C:\WINDOWS\System32\drivers\swmidi.sys.bak -> [2010/02/20 08:43:31 | 000,056,576 | ---- | C | MD5 = 8CE882BCC6CF8A62F2B2323D95CB3D01] (Microsoft Corporation)
 swmidi.sys -> C:\WINDOWS\System32\dllcache\swmidi.sys -> [2010/02/20 08:43:31 | 000,056,576 | ---- | C | MD5 = 8CE882BCC6CF8A62F2B2323D95CB3D01] (Microsoft Corporation)
 aec.sys -> C:\WINDOWS\System32\dllcache\aec.sys -> [2010/02/20 08:43:30 | 000,142,592 | ---- | C | MD5 = 8BED39E3C35D6A489438B8141717A557] (Microsoft Corporation)
 kmixer.sys -> C:\WINDOWS\System32\dllcache\kmixer.sys -> [2010/02/20 08:43:29 | 000,172,416 | ---- | C | MD5 = 692BCF44383D056AED41B045A323D378] (Microsoft Corporation)
 sysaudio.sys -> C:\WINDOWS\System32\dllcache\sysaudio.sys -> [2010/02/20 08:43:28 | 000,060,800 | ---- | C | MD5 = 8B83F3ED0F1688B4958F77CD6D2BF290] (Microsoft Corporation)
 drmkaud.sys -> C:\WINDOWS\System32\dllcache\drmkaud.sys -> [2010/02/20 08:43:28 | 000,002,944 | ---- | C | MD5 = 8F5FCFF8E8848AFAC920905FBD9D33C8] (Microsoft Corporation)
 mspqm.sys -> C:\WINDOWS\System32\dllcache\mspqm.sys -> [2010/02/20 08:43:26 | 000,004,992 | ---- | C | MD5 = BAD59648BA099DA4A17680B39730CB3D] (Microsoft Corporation)
 mspclock.sys -> C:\WINDOWS\System32\dllcache\mspclock.sys -> [2010/02/20 08:43:25 | 000,005,376 | ---- | C | MD5 = 325BB26842FC7CCC1FCCE2C457317F3E] (Microsoft Corporation)
 portcls.sys -> C:\WINDOWS\System32\drivers\portcls.sys -> [2010/02/20 08:43:21 | 000,146,048 | ---- | C | MD5 = E82A496C3961EFC6828B508C310CE98F] (Microsoft Corporation)
 portcls.sys -> C:\WINDOWS\System32\dllcache\portcls.sys -> [2010/02/20 08:43:21 | 000,146,048 | ---- | C | MD5 = E82A496C3961EFC6828B508C310CE98F] (Microsoft Corporation)
 ksproxy.ax -> C:\WINDOWS\System32\ksproxy.ax -> [2010/02/20 08:43:21 | 000,129,536 | ---- | C | MD5 = F1941197A42F9F373CC70042FC82C950] (Microsoft Corporation)
 ksproxy.ax -> C:\WINDOWS\System32\dllcache\ksproxy.ax -> [2010/02/20 08:43:21 | 000,129,536 | ---- | C | MD5 = F1941197A42F9F373CC70042FC82C950] (Microsoft Corporation)
 drmk.sys -> C:\WINDOWS\System32\drivers\drmk.sys -> [2010/02/20 08:43:21 | 000,060,160 | ---- | C | MD5 = 6CB08593487F5701D2D2254E693EAFCE] (Microsoft Corporation)
 drmk.sys -> C:\WINDOWS\System32\dllcache\drmk.sys -> [2010/02/20 08:43:21 | 000,060,160 | ---- | C | MD5 = 6CB08593487F5701D2D2254E693EAFCE] (Microsoft Corporation)
 ksuser.dll -> C:\WINDOWS\System32\ksuser.dll -> [2010/02/20 08:43:21 | 000,004,096 | ---- | C | MD5 = 9B9F1C38D559047B8AC0DBA2D5FEBDE9] (Microsoft Corporation)
 ksuser.dll -> C:\WINDOWS\System32\dllcache\ksuser.dll -> [2010/02/20 08:43:21 | 000,004,096 | ---- | C | MD5 = 9B9F1C38D559047B8AC0DBA2D5FEBDE9] (Microsoft Corporation)
 VIA -> C:\Program Files\VIA -> [2010/02/20 08:43:13 | 000,000,000 | ---D | C]
 difxapi.dll -> C:\WINDOWS\System32\difxapi.dll -> [2010/02/20 08:43:12 | 000,331,184 | ---- | C | MD5 = 43AA80DECF5CB6D88296ACF7F87854C5] (Microsoft Corporation)
 ASUSInstAll -> C:\WINDOWS\ASUSInstAll -> [2010/02/20 08:41:44 | 000,000,000 | ---D | C]
 InstallShield Installation Information -> C:\Program Files\InstallShield Installation Information -> [2010/02/20 08:39:02 | 000,000,000 | -H-D | C]
 InstallShield -> C:\Program Files\Common Files\InstallShield -> [2010/02/20 08:38:53 | 000,000,000 | ---D | C]
 Identities -> C:\Documents and Settings\chris\Application Data\Identities -> [2010/02/20 08:33:36 | 000,000,000 | ---D | C]
 Uninstall Information -> C:\Program Files\Uninstall Information -> [2010/02/20 08:33:35 | 000,000,000 | -H-D | C]
 My Pictures -> C:\Documents and Settings\chris\My Documents\My Pictures -> [2010/02/20 08:33:34 | 000,000,000 | R--D | C]
 My Music -> C:\Documents and Settings\chris\My Documents\My Music -> [2010/02/20 08:33:34 | 000,000,000 | R--D | C]
 Microsoft -> C:\Documents and Settings\chris\Application Data\Microsoft -> [2010/02/20 08:33:21 | 000,000,000 | --SD | C]
 SendTo -> C:\Documents and Settings\chris\SendTo -> [2010/02/20 08:33:21 | 000,000,000 | RH-D | C]
 Application Data -> C:\Documents and Settings\chris\Application Data -> [2010/02/20 08:33:21 | 000,000,000 | RH-D | C]
 Start Menu -> C:\Documents and Settings\chris\Start Menu -> [2010/02/20 08:33:21 | 000,000,000 | R--D | C]
 My Documents -> C:\Documents and Settings\chris\My Documents -> [2010/02/20 08:33:21 | 000,000,000 | R--D | C]
 Favorites -> C:\Documents and Settings\chris\Favorites -> [2010/02/20 08:33:21 | 000,000,000 | R--D | C]
 Cookies -> C:\Documents and Settings\chris\Cookies -> [2010/02/20 08:33:21 | 000,000,000 | -HSD | C]
 Templates -> C:\Documents and Settings\chris\Templates -> [2010/02/20 08:33:21 | 000,000,000 | -H-D | C]
 PrintHood -> C:\Documents and Settings\chris\PrintHood -> [2010/02/20 08:33:21 | 000,000,000 | -H-D | C]
 NetHood -> C:\Documents and Settings\chris\NetHood -> [2010/02/20 08:33:21 | 000,000,000 | -H-D | C]
 Local Settings -> C:\Documents and Settings\chris\Local Settings -> [2010/02/20 08:33:21 | 000,000,000 | -H-D | C]
 Microsoft -> C:\Documents and Settings\chris\Local Settings\Application Data\Microsoft -> [2010/02/20 08:33:21 | 000,000,000 | ---D | C]
 Desktop -> C:\Documents and Settings\chris\Desktop -> [2010/02/20 08:33:21 | 000,000,000 | ---D | C]
 SoftwareDistribution -> C:\WINDOWS\SoftwareDistribution -> [2010/02/20 08:32:26 | 000,000,000 | ---D | C]
 Microsoft -> C:\WINDOWS\System32\Microsoft -> [2010/02/20 08:32:24 | 000,000,000 | --SD | C]
 Prefetch -> C:\WINDOWS\Prefetch -> [2010/02/20 08:32:24 | 000,000,000 | ---D | C]

[w619]

Microsoft -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft -> [2010/02/20 08:32:23 | 000,000,000 | ---D | M]
 Microsoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft -> [2010/02/20 08:32:11 | 000,000,000 | ---D | M]
 winsp.ime -> C:\WINDOWS\System32\dllcache\winsp.ime -> [2010/02/20 08:31:23 | 000,156,672 | ---- | C | MD5 = B81F91F69E20AA4593ABBB77343BD83E] (Microsoft Corporation)
 winpy.ime -> C:\WINDOWS\System32\dllcache\winpy.ime -> [2010/02/20 08:31:23 | 000,156,672 | ---- | C | MD5 = AFED5A91A1E3B2B3B6574F44C53193E2] (Microsoft Corporation)
 winzm.ime -> C:\WINDOWS\System32\dllcache\winzm.ime -> [2010/02/20 08:31:23 | 000,156,672 | ---- | C | MD5 = 5A4640E1F033110B095A4649664864DB] (Microsoft Corporation)
 winar30.ime -> C:\WINDOWS\System32\dllcache\winar30.ime -> [2010/02/20 08:31:22 | 000,079,360 | ---- | C | MD5 = 56948CD822AAD728895A74CC8EC0D735] (Microsoft Corporation)
 wingb.ime -> C:\WINDOWS\System32\dllcache\wingb.ime -> [2010/02/20 08:31:22 | 000,072,704 | ---- | C | MD5 = 9A75DC3DB95E811634D26A23E52325D3] (Microsoft Corporation)
 winime.ime -> C:\WINDOWS\System32\dllcache\winime.ime -> [2010/02/20 08:31:22 | 000,065,536 | ---- | C | MD5 = 2CC6DF8577A8648C6C802C067862443E] (Microsoft Corporation)
 weitekp9.dll -> C:\WINDOWS\System32\dllcache\weitekp9.dll -> [2010/02/20 08:31:22 | 000,041,600 | ---- | C | MD5 = C2C84E88A237E477D95A34B1C66F3F74] (Microsoft Corporation)
 weitekp9.sys -> C:\WINDOWS\System32\dllcache\weitekp9.sys -> [2010/02/20 08:31:22 | 000,031,232 | ---- | C | MD5 = 1EEBFF8F9B07174BE150A006E3B4B1BF] (Microsoft Corporation)
 w3svc.dll -> C:\WINDOWS\System32\dllcache\w3svc.dll -> [2010/02/20 08:31:21 | 000,364,032 | ---- | C | MD5 = AB22CAD443E9693C59E82D9EC3DF1B14] (Microsoft Corporation)
 voicesub.dll -> C:\WINDOWS\System32\dllcache\voicesub.dll -> [2010/02/20 08:31:21 | 000,086,073 | ---- | C | MD5 = 020646C126EAFD36712E871E014C109E] (Microsoft Corporation)
 wam51.dll -> C:\WINDOWS\System32\dllcache\wam51.dll -> [2010/02/20 08:31:21 | 000,076,800 | ---- | C | MD5 = EBA594C484AEAFF33E750CAEF3D1B414] (Microsoft Corporation)
 w3ext.dll -> C:\WINDOWS\System32\dllcache\w3ext.dll -> [2010/02/20 08:31:21 | 000,073,728 | ---- | C | MD5 = D5A71B1024685E4985ADE6638DB68E58] (Microsoft Corporation)
 wamreg51.dll -> C:\WINDOWS\System32\dllcache\wamreg51.dll -> [2010/02/20 08:31:21 | 000,053,248 | ---- | C | MD5 = 1EE883222C4DDC84B4C9A71438E56673] (Microsoft Corporation)
 w32.dll -> C:\WINDOWS\System32\dllcache\w32.dll -> [2010/02/20 08:31:21 | 000,048,256 | ---- | C | MD5 = 6BCEA8AB142A2E0F7EFDF48B36073ED1] (Microsoft Corporation)
 wamps51.dll -> C:\WINDOWS\System32\dllcache\wamps51.dll -> [2010/02/20 08:31:21 | 000,009,216 | ---- | C | MD5 = 59B9AB59F22C42A8DF051BBE0CEE5CAF] (Microsoft Corporation)
 w3svapi.dll -> C:\WINDOWS\System32\dllcache\w3svapi.dll -> [2010/02/20 08:31:21 | 000,005,632 | ---- | C | MD5 = 0FA7F72371AA82F3622CD5A072A09F51] (Microsoft Corporation)
 w3ctrs51.dll -> C:\WINDOWS\System32\dllcache\w3ctrs51.dll -> [2010/02/20 08:31:21 | 000,004,608 | ---- | C | MD5 = AF72838CB60CB8ABF9350BCB352A3DB8] (Microsoft Corporation)
 voicepad.dll -> C:\WINDOWS\System32\dllcache\voicepad.dll -> [2010/02/20 08:31:20 | 000,426,041 | ---- | C | MD5 = EA06391E7963C9135ACEEF13F26AE11C] (Microsoft Corporation)
 uihelper.dll -> C:\WINDOWS\System32\dllcache\uihelper.dll -> [2010/02/20 08:31:20 | 000,103,424 | ---- | C | MD5 = 78EA22D7CBCEC36191503B35D554F62A] (Microsoft Corporation)
 uniime.dll -> C:\WINDOWS\System32\dllcache\uniime.dll -> [2010/02/20 08:31:20 | 000,076,288 | ---- | C | MD5 = 4B1C1F9A10CE47FEA5407DAC4C1F4EF8] (Microsoft Corporation)
 unicdime.ime -> C:\WINDOWS\System32\dllcache\unicdime.ime -> [2010/02/20 08:31:20 | 000,065,024 | ---- | C | MD5 = 21EE9664CB49C1C797E751FE13675B10] (Microsoft Corporation)
 tintsetp.exe -> C:\WINDOWS\System32\dllcache\tintsetp.exe -> [2010/02/20 08:31:19 | 000,455,168 | ---- | C | MD5 = 024DC0F68DF5FD6AE9DD82DFBAF479D6] (Microsoft Corporation)
 tintlphr.exe -> C:\WINDOWS\System32\dllcache\tintlphr.exe -> [2010/02/20 08:31:19 | 000,044,032 | ---- | C | MD5 = 7854BDDC7DD769CF957C83A411C42643] (Microsoft Corporation)
 tools.dll -> C:\WINDOWS\System32\dllcache\tools.dll -> [2010/02/20 08:31:19 | 000,033,792 | ---- | C | MD5 = DDDD284DFFBBE5787E578A0E191778D7] (Microsoft Corporation)
 tsprof.exe -> C:\WINDOWS\System32\dllcache\tsprof.exe -> [2010/02/20 08:31:19 | 000,014,336 | ---- | C | MD5 = 4227873A5EA06BFC1C25A427191206BA] (Microsoft Corporation)
 tmigrate.dll -> C:\WINDOWS\System32\dllcache\tmigrate.dll -> [2010/02/20 08:31:19 | 000,010,240 | ---- | C | MD5 = C07E3E38FEC4E6F47037743AC216BE26] (Microsoft Corporation)
 tintlgnt.ime -> C:\WINDOWS\System32\dllcache\tintlgnt.ime -> [2010/02/20 08:31:18 | 000,571,392 | ---- | C | MD5 = ED0ABFC1B16BD862BDA52480C7A88A58] (Microsoft Corporation)
 thawbrkr.dll -> C:\WINDOWS\System32\dllcache\thawbrkr.dll -> [2010/02/20 08:31:18 | 000,185,344 | ---- | C | MD5 = 9970B6B4D37DA8D541537AA51068462D] (Microsoft Corporation)
 tdipx.sys -> C:\WINDOWS\System32\dllcache\tdipx.sys -> [2010/02/20 08:31:18 | 000,021,896 | ---- | C | MD5 = 182A77EECBDEA330472A9A7A6F1457CE] (Microsoft Corporation)
 tdspx.sys -> C:\WINDOWS\System32\dllcache\tdspx.sys -> [2010/02/20 08:31:18 | 000,019,464 | ---- | C | MD5 = 5FB281F720939CBE9961D1808CC270E9] (Microsoft Corporation)
 tdasync.sys -> C:\WINDOWS\System32\dllcache\tdasync.sys -> [2010/02/20 08:31:18 | 000,013,192 | ---- | C | MD5 = 3FC234C9E20918CE856FFA42C421E678] (Microsoft Corporation)
 svcext51.dll -> C:\WINDOWS\System32\dllcache\svcext51.dll -> [2010/02/20 08:31:17 | 000,046,592 | ---- | C | MD5 = 15922DE9A8AED8AFD48C229673C83938] (Microsoft Corporation)
 sspifilt.dll -> C:\WINDOWS\System32\dllcache\sspifilt.dll -> [2010/02/20 08:31:17 | 000,046,592 | ---- | C | MD5 = 0161C94DBBF5B7F478D97235F95040A1] (Microsoft Corporation)
 ssinc51.dll -> C:\WINDOWS\System32\dllcache\ssinc51.dll -> [2010/02/20 08:31:17 | 000,045,056 | ---- | C | MD5 = 6ADA500DC9DCA689C08382EED3C7252F] (Microsoft Corporation)
 status.dll -> C:\WINDOWS\System32\dllcache\status.dll -> [2010/02/20 08:31:17 | 000,016,896 | ---- | C | MD5 = 2184B434BD21EC2181016FF00B5785E5] (Microsoft Corporation)
 softkey.dll -> C:\WINDOWS\System32\dllcache\softkey.dll -> [2010/02/20 08:31:16 | 000,143,422 | ---- | C | MD5 = 7667476181E308CC87C9B290FAB66734] (Microsoft Corporation)
 srusbusd.dll -> C:\WINDOWS\System32\dllcache\srusbusd.dll -> [2010/02/20 08:31:16 | 000,101,376 | ---- | C | MD5 = 11054D9A6BE27CE0E434880D94AB88D7] (Microsoft Corporation)
 snmpincl.dll -> C:\WINDOWS\System32\dllcache\snmpincl.dll -> [2010/02/20 08:31:15 | 000,358,400 | ---- | C | MD5 = 2CD00443DD014FA02BB04B096621BC01] (Microsoft Corporation)
 snmpcl.dll -> C:\WINDOWS\System32\dllcache\snmpcl.dll -> [2010/02/20 08:31:15 | 000,259,072 | ---- | C | MD5 = E6E3D675529C26987073A96CF996ABC7] (Microsoft Corporation)
 snmpsmir.dll -> C:\WINDOWS\System32\dllcache\snmpsmir.dll -> [2010/02/20 08:31:15 | 000,188,416 | ---- | C | MD5 = 1CFF3B87C709807A9777983E0D94C2FA] (Microsoft Corporation)
 snmpthrd.dll -> C:\WINDOWS\System32\dllcache\snmpthrd.dll -> [2010/02/20 08:31:15 | 000,039,936 | ---- | C | MD5 = 1C161F328D3FE0075B24199565FFAAAA] (Microsoft Corporation)
 snmp.exe -> C:\WINDOWS\System32\dllcache\snmp.exe -> [2010/02/20 08:31:15 | 000,033,280 | ---- | C | MD5 = 60C377BE6B3CC83F6A8584934B181D2E] (Microsoft Corporation)
 snmpstup.dll -> C:\WINDOWS\System32\dllcache\snmpstup.dll -> [2010/02/20 08:31:15 | 000,010,240 | ---- | C | MD5 = FD713334253ADD2DF665B6003AF6101B] (Microsoft Corporation)
 snmptrap.exe -> C:\WINDOWS\System32\dllcache\snmptrap.exe -> [2010/02/20 08:31:15 | 000,008,704 | ---- | C | MD5 = 80A050795A107A76C2B1CD4CFBE010E6] (Microsoft Corporation)
 EXCH_snprfdll.dll -> C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll -> [2010/02/20 08:31:15 | 000,007,168 | ---- | C | MD5 = 2686A3462805BDD858BCDA4A051BD8C8] (Microsoft Corporation)
 snmpmib.dll -> C:\WINDOWS\System32\dllcache\snmpmib.dll -> [2010/02/20 08:31:15 | 000,006,144 | ---- | C | MD5 = 6A473B625E465946F73FB2C24412656C] (Microsoft Corporation)
 smtpsvc.dll -> C:\WINDOWS\System32\dllcache\smtpsvc.dll -> [2010/02/20 08:31:14 | 000,456,192 | ---- | C | MD5 = 4971C76B967D772850EF693EFE4F1FC3] (Microsoft Corporation)
 smi2smir.exe -> C:\WINDOWS\System32\dllcache\smi2smir.exe -> [2010/02/20 08:31:14 | 000,236,544 | ---- | C | MD5 = 8F81884447C7AAB1E8B5E036A729BECD] (Microsoft Corporation)
 smb6w.dll -> C:\WINDOWS\System32\dllcache\smb6w.dll -> [2010/02/20 08:31:14 | 000,031,744 | ---- | C | MD5 = 808AD86A63FB9AD741626F28191DD30B] (Microsoft Corporation)
 smierrsm.dll -> C:\WINDOWS\System32\dllcache\smierrsm.dll -> [2010/02/20 08:31:14 | 000,015,872 | ---- | C | MD5 = 847AF2BE9B4B5F8DCD45122C254E02E1] (Microsoft Corporation)
 EXCH_smtpctrs.dll -> C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll -> [2010/02/20 08:31:14 | 000,012,288 | ---- | C | MD5 = 1136F3F9B7CB44E738EC79363A69894D] (Microsoft Corporation)
 smtpapi.dll -> C:\WINDOWS\System32\dllcache\smtpapi.dll -> [2010/02/20 08:31:14 | 000,010,752 | ---- | C | MD5 = F22ED2CD5E26514C6E8D21B5DA4572A3] (Microsoft Corporation)
 smierrsy.dll -> C:\WINDOWS\System32\dllcache\smierrsy.dll -> [2010/02/20 08:31:14 | 000,005,632 | ---- | C | MD5 = 7E5BAA911B293B8B409467A6C8E18FF1] (Microsoft Corporation)
 smimsgif.dll -> C:\WINDOWS\System32\dllcache\smimsgif.dll -> [2010/02/20 08:31:14 | 000,005,632 | ---- | C | MD5 = 0663A3CB3BAA5CF0FA8EF8D353B00528] (Microsoft Corporation)
 sm9aw.dll -> C:\WINDOWS\System32\dllcache\sm9aw.dll -> [2010/02/20 08:31:13 | 000,038,912 | ---- | C | MD5 = 607F8AE61F1F2C1B74844AEBEDEFF17E] (Microsoft Corporation)
 sma3w.dll -> C:\WINDOWS\System32\dllcache\sma3w.dll -> [2010/02/20 08:31:13 | 000,031,744 | ---- | C | MD5 = 1AB521AAFC4ABC4EA2B1C8586EFD0D25] (Microsoft Corporation)
 sm81w.dll -> C:\WINDOWS\System32\dllcache\sm81w.dll -> [2010/02/20 08:31:13 | 000,030,208 | ---- | C | MD5 = B6B39AB80BDDC2A9CD9E32882C1C63AE] (Microsoft Corporation)
 sm87w.dll -> C:\WINDOWS\System32\dllcache\sm87w.dll -> [2010/02/20 08:31:13 | 000,030,208 | ---- | C | MD5 = AEA9EC0C67E56126D5D662DBD20754C8] (Microsoft Corporation)
 sm8cw.dll -> C:\WINDOWS\System32\dllcache\sm8cw.dll -> [2010/02/20 08:31:13 | 000,029,184 | ---- | C | MD5 = 5B7D7F775EC8399286BA532AD298B5BB] (Microsoft Corporation)
 sm92w.dll -> C:\WINDOWS\System32\dllcache\sm92w.dll -> [2010/02/20 08:31:13 | 000,026,624 | ---- | C | MD5 = 89FA842B3E35F1AF297BA4EA00255996] (Microsoft Corporation)
 sm93w.dll -> C:\WINDOWS\System32\dllcache\sm93w.dll -> [2010/02/20 08:31:13 | 000,026,624 | ---- | C | MD5 = 6E4D1C747FC0986CBC529FAAFB586FF3] (Microsoft Corporation)
 sm8dw.dll -> C:\WINDOWS\System32\dllcache\sm8dw.dll -> [2010/02/20 08:31:13 | 000,026,112 | ---- | C | MD5 = F8E7B105E2814AA3F44C6C7F6E4EFFB6] (Microsoft Corporation)
 sm90w.dll -> C:\WINDOWS\System32\dllcache\sm90w.dll -> [2010/02/20 08:31:13 | 000,026,112 | ---- | C | MD5 = BD90C4CA478EDB20E1F164EB1230CA61] (Microsoft Corporation)
 sm8aw.dll -> C:\WINDOWS\System32\dllcache\sm8aw.dll -> [2010/02/20 08:31:13 | 000,026,112 | ---- | C | MD5 = 906A056CD1B0078024BBB745BF52C44F] (Microsoft Corporation)
 sm89w.dll -> C:\WINDOWS\System32\dllcache\sm89w.dll -> [2010/02/20 08:31:13 | 000,026,112 | ---- | C | MD5 = 00476A41EDD186AC3266DBC305AC3FEB] (Microsoft Corporation)
 sm59w.dll -> C:\WINDOWS\System32\dllcache\sm59w.dll -> [2010/02/20 08:31:13 | 000,025,088 | ---- | C | MD5 = 82F4A36A879CE17A6BAB34373FDD14A2] (Microsoft Corporation)
 simptcp.dll -> C:\WINDOWS\System32\dllcache\simptcp.dll -> [2010/02/20 08:31:13 | 000,018,944 | ---- | C | MD5 = 9C454CD857B4C0CCF7A614B047616503] (Microsoft Corporation)
 seo.dll -> C:\WINDOWS\System32\dllcache\seo.dll -> [2010/02/20 08:31:11 | 000,221,696 | ---- | C | MD5 = 6118B7CD42B72DE0B1463CE4A20B999B] (Microsoft Corporation)
 rwia330.dll -> C:\WINDOWS\System32\dllcache\rwia330.dll -> [2010/02/20 08:31:11 | 000,079,872 | ---- | C | MD5 = 766C7E5CD3954FD844E292E085A735A6] (Ricoh Co., Ltd.)
 rwia001.dll -> C:\WINDOWS\System32\dllcache\rwia001.dll -> [2010/02/20 08:31:11 | 000,079,872 | ---- | C | MD5 = 371789DFF094B22FA8D0A053487DBD06] (Ricoh Co., Ltd.)
 EXCH_scripto.dll -> C:\WINDOWS\System32\dllcache\EXCH_scripto.dll -> [2010/02/20 08:31:11 | 000,057,856 | ---- | C | MD5 = 58220583C9A183DA498D7CEDF21CDB4A] (Microsoft Corporation)
 rw330ext.dll -> C:\WINDOWS\System32\dllcache\rw330ext.dll -> [2010/02/20 08:31:11 | 000,029,184 | ---- | C | MD5 = DB760168190A6C902AF3DD81B3B14673] (Ricoh Co., Ltd.)
 rw001ext.dll -> C:\WINDOWS\System32\dllcache\rw001ext.dll -> [2010/02/20 08:31:11 | 000,027,648 | ---- | C | MD5 = 8D0F94CEF377385DAE2C8A66A81498DB] (Microsoft Corporation)
 EXCH_seos.dll -> C:\WINDOWS\System32\dllcache\EXCH_seos.dll -> [2010/02/20 08:31:11 | 000,026,112 | ---- | C | MD5 = 0628529994F453CBCE9E6E680A529E48] (Microsoft Corporation)
 rwnh.dll -> C:\WINDOWS\System32\dllcache\rwnh.dll -> [2010/02/20 08:31:11 | 000,009,728 | ---- | C | MD5 = 5D55DEFB3AB92BC43C4DFD06935FA0F1] (Microsoft Corporation)
 romanime.ime -> C:\WINDOWS\System32\dllcache\romanime.ime -> [2010/02/20 08:31:10 | 000,026,112 | ---- | C | MD5 = 2F15D7D52D74C84172EC3440BBF543FC] (Microsoft Corporation)
 EXCH_regtrace.exe -> C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe -> [2010/02/20 08:31:10 | 000,023,040 | ---- | C | MD5 = 5BDD05AC1AFBAB931EC1DE0AB40D15F4] (Microsoft Corporation)
 register.exe -> C:\WINDOWS\System32\dllcache\register.exe -> [2010/02/20 08:31:10 | 000,014,848 | ---- | C | MD5 = 65454CC9B68270EF99550AE3BD9CB916] (Microsoft Corporation)
 rpcref.dll -> C:\WINDOWS\System32\dllcache\rpcref.dll -> [2010/02/20 08:31:10 | 000,004,096 | ---- | C | MD5 = C42ADC86AC5EF0803DE8B92D5AD1A4AD] (Microsoft Corporation)
 quick.ime -> C:\WINDOWS\System32\dllcache\quick.ime -> [2010/02/20 08:31:09 | 000,077,824 | ---- | C | MD5 = FA97615A0C79C51FAD96911D2D946B77] (Microsoft Corporation)
 ramdisk.sys -> C:\WINDOWS\System32\dllcache\ramdisk.sys -> [2010/02/20 08:31:09 | 000,020,736 | ---- | C | MD5 = EB631AD8B3E8DCE20CEF046B6D602B98] (Microsoft Corporation)
 quser.exe -> C:\WINDOWS\System32\dllcache\quser.exe -> [2010/02/20 08:31:09 | 000,016,384 | ---- | C | MD5 = 1ADB5F8A30D7CE657213EBACE82D4FB1] (Microsoft Corporation)
 query.exe -> C:\WINDOWS\System32\dllcache\query.exe -> [2010/02/20 08:31:09 | 000,009,728 | ---- | C | MD5 = 4663DC45BB2B2A58BA4833212BDBF49D] (Microsoft Corporation)
 pmxviceo.dll -> C:\WINDOWS\System32\dllcache\pmxviceo.dll -> [2010/02/20 08:31:08 | 000,131,584 | ---- | C | MD5 = D077742744581BFC73D31929091AFE34] (Microsoft Corporation)
 pintlphr.exe -> C:\WINDOWS\System32\dllcache\pintlphr.exe -> [2010/02/20 08:31:08 | 000,070,144 | ---- | C | MD5 = D6BDB1A89AE17B6F35D6B91D42B5350E] (Microsoft Corporation)
 pmigrate.dll -> C:\WINDOWS\System32\dllcache\pmigrate.dll -> [2010/02/20 08:31:08 | 000,067,584 | ---- | C | MD5 = 46123FC1B7B4FF8C38E356EC540A69F4] (Microsoft Corporation)
 pmxmcro.dll -> C:\WINDOWS\System32\dllcache\pmxmcro.dll -> [2010/02/20 08:31:08 | 000,011,264 | ---- | C | MD5 = 859B2F2A4F5A5E3B03BD3F118E233B0F] (Microsoft Corporation)
 pwsdata.dll -> C:\WINDOWS\System32\dllcache\pwsdata.dll -> [2010/02/20 08:31:08 | 000,007,680 | ---- | C | MD5 = 5A1055ABBD8909B62AB70EE63AC9CA90] (Microsoft Corporation)
 pmxgl.dll -> C:\WINDOWS\System32\dllcache\pmxgl.dll -> [2010/02/20 08:31:08 | 000,006,144 | ---- | C | MD5 = 287E80ACC6FA3FC42D1FF3827F745814] (Microsoft Corporation)
 pintlgnt.ime -> C:\WINDOWS\System32\dllcache\pintlgnt.ime -> [2010/02/20 08:31:07 | 000,482,304 | ---- | C | MD5 = 7E0B8C97043388405471FD76E8F189FD] (Microsoft Corporation)
 phon.ime -> C:\WINDOWS\System32\dllcache\phon.ime -> [2010/02/20 08:31:07 | 000,079,360 | ---- | C | MD5 = BB665DCB93104E4D81678E55A765F4FF] (Microsoft Corporation)
 pintlcsd.dll -> C:\WINDOWS\System32\dllcache\pintlcsd.dll -> [2010/02/20 08:31:07 | 000,053,760 | ---- | C | MD5 = E376AB09FEE480E97E969014E53CC3A9] (Microsoft Corporation)
 pagecnt.dll -> C:\WINDOWS\System32\dllcache\pagecnt.dll -> [2010/02/20 08:31:07 | 000,031,744 | ---- | C | MD5 = 7198C70FEBAE7D732766AED9F4222756] (Microsoft Corporation)
 permchk.dll -> C:\WINDOWS\System32\dllcache\permchk.dll -> [2010/02/20 08:31:07 | 000,020,992 | ---- | C | MD5 = DCC55A259025097B13C0A9CFBAF69E3A] (Microsoft Corporation)
 padrs411.dll -> C:\WINDOWS\System32\dllcache\padrs411.dll -> [2010/02/20 08:31:06 | 000,036,927 | ---- | C | MD5 = 864804AAE4D7B83CCC96586A56E2AAF2] (Microsoft Corporation)
 padrs404.dll -> C:\WINDOWS\System32\dllcache\padrs404.dll -> [2010/02/20 08:31:06 | 000,015,872 | ---- | C | MD5 = 292B6B8DC2A285E389BE76BAE18CB4FE] (Microsoft Corporation)
 padrs804.dll -> C:\WINDOWS\System32\dllcache\padrs804.dll -> [2010/02/20 08:31:06 | 000,015,360 | ---- | C | MD5 = BF96714DA21F404B2F5E43EAB31FC56F] (Microsoft Corporation)
 padrs412.dll -> C:\WINDOWS\System32\dllcache\padrs412.dll -> [2010/02/20 08:31:06 | 000,014,336 | ---- | C | MD5 = 341228ACBE35A053ADA326599FED96CA] (Microsoft Corporation)
 nextlink.dll -> C:\WINDOWS\System32\dllcache\nextlink.dll -> [2010/02/20 08:31:05 | 000,053,248 | ---- | C | MD5 = 8972374DF6ECCBE620433FF4D6893BEF] (Microsoft Corporation)
 nsepm.dll -> C:\WINDOWS\System32\dllcache\nsepm.dll -> [2010/02/20 08:31:05 | 000,044,544 | ---- | C | MD5 = D4F0113C084930EF51D37C156A0E3589] (Microsoft Corporation)
 EXCH_ntfsdrv.dll -> C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll -> [2010/02/20 08:31:05 | 000,038,912 | ---- | C | MD5 = EEE6EFD0A1861B8322D0BF9B0060A8D5] (Microsoft Corporation)
 multibox.dll -> C:\WINDOWS\System32\dllcache\multibox.dll -> [2010/02/20 08:31:04 | 000,229,439 | ---- | C | MD5 = BE230BC12F742B3766AF2587FE1CFECF] (Microsoft Corporation)
 mtstocom.exe -> C:\WINDOWS\System32\dllcache\mtstocom.exe -> [2010/02/20 08:31:04 | 000,119,808 | ---- | C | MD5 = 665666ADAEA4ECA5942518785CB94CAF] (Microsoft Corporation)
 msir3jp.lex -> C:\WINDOWS\System32\dllcache\msir3jp.lex -> [2010/02/20 08:31:02 | 001,875,968 | ---- | C | MD5 = ECC48F386F8B79D809AEDA327ACA7B0B] (Microsoft Corporation)
 msir3jp.dll -> C:\WINDOWS\System32\dllcache\msir3jp.dll -> [2010/02/20 08:31:02 | 000,098,304 | ---- | C | MD5 = EC57AD860A8BFBE497B03F017DA29CF1] (Microsoft Corporation)
 msiregmv.exe -> C:\WINDOWS\System32\dllcache\msiregmv.exe -> [2010/02/20 08:31:02 | 000,040,960 | ---- | C | MD5 = 64024D168BA513F47E5A68BFD0630844] (Microsoft Corporation)
 mga.sys -> C:\WINDOWS\System32\dllcache\mga.sys -> [2010/02/20 08:30:59 | 000,092,416 | ---- | C | MD5 = 4EF72AAAD5DF2FC276A8A0D84ED14218] (Microsoft Corporation)
 mga.dll -> C:\WINDOWS\System32\dllcache\mga.dll -> [2010/02/20 08:30:59 | 000,092,032 | ---- | C | MD5 = C0CCCEF35CEF805A3FC0FA8A883CF61F] (Microsoft Corporation)
 metada51.dll -> C:\WINDOWS\System32\dllcache\metada51.dll -> [2010/02/20 08:30:59 | 000,085,504 | ---- | C | MD5 = 4B9E117CB68E8486792176C10337E11D] (Microsoft Corporation)
 migregdb.exe -> C:\WINDOWS\System32\dllcache\migregdb.exe -> [2010/02/20 08:30:59 | 000,007,680 | ---- | C | MD5 = 11028D0B142FCCC52213E3A7C9078089] (Microsoft Corporation)
 EXCH_mailmsg.dll -> C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll -> [2010/02/20 08:30:58 | 000,065,536 | ---- | C | MD5 = C983CBCF269AE56BFAD04039780C45E6] (Microsoft Corporation)
 md5filt.dll -> C:\WINDOWS\System32\dllcache\md5filt.dll -> [2010/02/20 08:30:58 | 000,037,888 | ---- | C | MD5 = F0F848EF2FE9107D07422F704EB549E7] (Microsoft Corporation)
 mdsync.dll -> C:\WINDOWS\System32\dllcache\mdsync.dll -> [2010/02/20 08:30:58 | 000,026,624 | ---- | C | MD5 = 15424788217C6540ABBA81D612407B5C] (Microsoft Corporation)
 lpdsvc.dll -> C:\WINDOWS\System32\dllcache\lpdsvc.dll -> [2010/02/20 08:30:58 | 000,022,528 | ---- | C | MD5 = 6AE16E3191823E1AF2DDCE6D759864A1] (Microsoft Corporation)
 logscrpt.dll -> C:\WINDOWS\System32\dllcache\logscrpt.dll -> [2010/02/20 08:30:58 | 000,022,016 | ---- | C | MD5 = 66455AF2F36535B6A41253C8CBADDB85] (Microsoft Corporation)
 lprmon.dll -> C:\WINDOWS\System32\dllcache\lprmon.dll -> [2010/02/20 08:30:58 | 000,018,944 | ---- | C | MD5 = ECFF42413E9744A6F80BA8F2A77704AF] (Microsoft Corporation)
 lonsint.dll -> C:\WINDOWS\System32\dllcache\lonsint.dll -> [2010/02/20 08:30:58 | 000,013,312 | ---- | C | MD5 = AA146BECA421B20E3319EDA983DC17C1] (Microsoft Corporation)
 lmmib2.dll -> C:\WINDOWS\System32\dllcache\lmmib2.dll -> [2010/02/20 08:30:57 | 000,033,792 | ---- | C | MD5 = 7AC9F99C9E12A5C0C35B0A9891543AEC] (Microsoft Corporation)
 korwbrkr.dll -> C:\WINDOWS\System32\dllcache\korwbrkr.dll -> [2010/02/20 08:30:56 | 000,070,656 | ---- | C | MD5 = 952E2F1C32F2A18C8922D35AF98B035B] (Microsoft Corporation)
 kbdnecat.dll -> C:\WINDOWS\System32\dllcache\kbdnecat.dll -> [2010/02/20 08:30:56 | 000,009,216 | ---- | C | MD5 = 33356389C4760487E71D24D4F3083D18] (Microsoft Corporation)
 kbdnecnt.dll -> C:\WINDOWS\System32\dllcache\kbdnecnt.dll -> [2010/02/20 08:30:56 | 000,007,680 | ---- | C | MD5 = 664285630FD21995F24A2551E34A7237] (Microsoft Corporation)
 kbdnec95.dll -> C:\WINDOWS\System32\dllcache\kbdnec95.dll -> [2010/02/20 08:30:56 | 000,007,168 | ---- | C | MD5 = C4674F556D1C0B797DD5BADB7A64F7E6] (Microsoft Corporation)
 kbdth3.dll -> C:\WINDOWS\System32\dllcache\kbdth3.dll -> [2010/02/20 08:30:56 | 000,006,144 | ---- | C | MD5 = ECFC16BFAB5537D9542AB9365796F25B] (Microsoft Corporation)
 kbdth2.dll -> C:\WINDOWS\System32\dllcache\kbdth2.dll -> [2010/02/20 08:30:56 | 000,006,144 | ---- | C | MD5 = 797C5AF6A1558AF3EDF134B2591D8CE2] (Microsoft Corporation)
 kbdurdu.dll -> C:\WINDOWS\System32\dllcache\kbdurdu.dll -> [2010/02/20 08:30:56 | 000,005,632 | ---- | C | MD5 = CCB32FB83707777CF590170EC69F0643] (Microsoft Corporation)
 kbdvntc.dll -> C:\WINDOWS\System32\dllcache\kbdvntc.dll -> [2010/02/20 08:30:56 | 000,005,632 | ---- | C | MD5 = 89FD6D6E233393794FB75CF79DDC1E06] (Microsoft Corporation)
 kbdth1.dll -> C:\WINDOWS\System32\dllcache\kbdth1.dll -> [2010/02/20 08:30:56 | 000,005,632 | ---- | C | MD5 = 6C7CFEEA3BCE3D6CC7548580FE4DEF1C] (Microsoft Corporation)
 kbdusa.dll -> C:\WINDOWS\System32\dllcache\kbdusa.dll -> [2010/02/20 08:30:56 | 000,005,632 | ---- | C | MD5 = 465E698788EC46B5E59A755CB0DE850A] (Microsoft Corporation)
 kbdsyr2.dll -> C:\WINDOWS\System32\dllcache\kbdsyr2.dll -> [2010/02/20 08:30:56 | 000,005,632 | ---- | C | MD5 = 315CFD150C86E55FD62475C91BE0BA8E] (Microsoft Corporation)
 kbdth0.dll -> C:\WINDOWS\System32\dllcache\kbdth0.dll -> [2010/02/20 08:30:56 | 000,005,632 | ---- | C | MD5 = 0E3F96C13EE88880860E5F542A54EE6B] (Microsoft Corporation)
 kbdsyr1.dll -> C:\WINDOWS\System32\dllcache\kbdsyr1.dll -> [2010/02/20 08:30:56 | 000,005,632 | ---- | C | MD5 = 02DC4BC9DB5980B5E7E911681E67ACF3] (Microsoft Corporation)
 kbdibm02.dll -> C:\WINDOWS\System32\dllcache\kbdibm02.dll -> [2010/02/20 08:30:55 | 000,007,168 | ---- | C | MD5 = 60D7FA4362D56730A6513DEC866E8489] (Microsoft Corporation)
 kbdlk41a.dll -> C:\WINDOWS\System32\dllcache\kbdlk41a.dll -> [2010/02/20 08:30:55 | 000,006,656 | ---- | C | MD5 = 6E358B0063B7D26BF43B1E7C8574BF45] (Microsoft Corporation)
 kbdlk41j.dll -> C:\WINDOWS\System32\dllcache\kbdlk41j.dll -> [2010/02/20 08:30:55 | 000,006,144 | ---- | C | MD5 = 9DBAD0AC31691E224FE2C175A13066C6] (Microsoft Corporation)
 kbdinpun.dll -> C:\WINDOWS\System32\dllcache\kbdinpun.dll -> [2010/02/20 08:30:55 | 000,006,144 | ---- | C | MD5 = 970A761FF57216E83AB852050CE4F6BF] (Microsoft Corporation)
 kbdax2.dll -> C:\WINDOWS\System32\dllcache\kbdax2.dll -> [2010/02/20 08:30:55 | 000,006,144 | ---- | C | MD5 = 377BE6FC749019B820392FD006351063] (Microsoft Corporation)
 kbdinmar.dll -> C:\WINDOWS\System32\dllcache\kbdinmar.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = F74D447B49E790BC96C6420EFBC49C4A] (Microsoft Corporation)
 kbdinkan.dll -> C:\WINDOWS\System32\dllcache\kbdinkan.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = D52F3380C21BA600BCFE9F45BCA6E887] (Microsoft Corporation)
 kbdheb.dll -> C:\WINDOWS\System32\dllcache\kbdheb.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = CD5DDA84167F24446183126083EE6C19] (Microsoft Corporation)
 kbdfa.dll -> C:\WINDOWS\System32\dllcache\kbdfa.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = B04DB738D62A7469C634FF9CD73402BF] (Microsoft Corporation)
 kbddiv1.dll -> C:\WINDOWS\System32\dllcache\kbddiv1.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = 93D31B209FEFDC09431E8EFB708E7028] (Microsoft Corporation)
 kbdindev.dll -> C:\WINDOWS\System32\dllcache\kbdindev.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = 835B4EF731C6FD35720C380B6A5B6F22] (Microsoft Corporation)
 kbddiv2.dll -> C:\WINDOWS\System32\dllcache\kbddiv2.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = 80E27279675CF29517DD0B6CFBE05504] (Microsoft Corporation)
 kbdinguj.dll -> C:\WINDOWS\System32\dllcache\kbdinguj.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = 7FE7B02305737B8367ECF5F3A462991E] (Microsoft Corporation)
 kbdintel.dll -> C:\WINDOWS\System32\dllcache\kbdintel.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = 6C8CDF20DA9962616506E99BC293E153] (Microsoft Corporation)
 kbdintam.dll -> C:\WINDOWS\System32\dllcache\kbdintam.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = 5490159446E337B474BEA2C7E20F3E00] (Microsoft Corporation)
 kbdinhin.dll -> C:\WINDOWS\System32\dllcache\kbdinhin.dll -> [2010/02/20 08:30:55 | 000,005,632 | ---- | C | MD5 = 1FADCB5933564255A49614520B44B98E] (Microsoft Corporation)
 kbdgeo.dll -> C:\WINDOWS\System32\dllcache\kbdgeo.dll -> [2010/02/20 08:30:55 | 000,005,120 | ---- | C | MD5 = E98DC261A6D62610293FF0CBDA8CAF65] (Microsoft Corporation)
 kbdarmw.dll -> C:\WINDOWS\System32\dllcache\kbdarmw.dll -> [2010/02/20 08:30:55 | 000,005,120 | ---- | C | MD5 = 1004B259E77BEF2033CAF435760D95A6] (Microsoft Corporation)
 iprip.dll -> C:\WINDOWS\System32\dllcache\iprip.dll -> [2010/02/20 08:30:54 | 000,035,328 | ---- | C | MD5 = F08D74EC300B8BA60CA953C58A24D19E] (Microsoft Corporation)
 iscomlog.dll -> C:\WINDOWS\System32\dllcache\iscomlog.dll -> [2010/02/20 08:30:54 | 000,026,624 | ---- | C | MD5 = 1052A30843A752429AB223779D678AB2] (Microsoft Corporation)
 jupiw.dll -> C:\WINDOWS\System32\dllcache\jupiw.dll -> [2010/02/20 08:30:54 | 000,018,432 | ---- | C | MD5 = 5EF62C900E273B3FF9C01B2E66DCD7C8] (Microsoft Corporation)
 iwrps.dll -> C:\WINDOWS\System32\dllcache\iwrps.dll -> [2010/02/20 08:30:54 | 000,009,216 | ---- | C | MD5 = 4EBFD4D6FBEF72AD186F5721E2EC39DB] (Microsoft Corporation)
 isapips.dll -> C:\WINDOWS\System32\dllcache\isapips.dll -> [2010/02/20 08:30:54 | 000,007,168 | ---- | C | MD5 = EF1A40D0102B924CD408FDFDB68DC090] (Microsoft Corporation)
 kbd106n.dll -> C:\WINDOWS\System32\dllcache\kbd106n.dll -> [2010/02/20 08:30:54 | 000,006,144 | ---- | C | MD5 = 4A191F7F95107D19582F242223FA4F02] (Microsoft Corporation)
 kbd101.dll -> C:\WINDOWS\System32\dllcache\kbd101.dll -> [2010/02/20 08:30:54 | 000,006,144 | ---- | C | MD5 = 3B479B92A1159A2CFF613B3FAA2AD9CD] (Microsoft Corporation)
 kbd101a.dll -> C:\WINDOWS\System32\dllcache\kbd101a.dll -> [2010/02/20 08:30:54 | 000,006,144 | ---- | C | MD5 = 22757DEB6FC0968F5B10270DBBA7DB05] (Microsoft Corporation)
 kbda2.dll -> C:\WINDOWS\System32\dllcache\kbda2.dll -> [2010/02/20 08:30:54 | 000,005,632 | ---- | C | MD5 = DF209C6F4CB8C10FA5DAB828A4164045] (Microsoft Corporation)
 kbda3.dll -> C:\WINDOWS\System32\dllcache\kbda3.dll -> [2010/02/20 08:30:54 | 000,005,632 | ---- | C | MD5 = D43F274BDC082FD86EFB72719DD8ECDB] (Microsoft Corporation)
 kbda1.dll -> C:\WINDOWS\System32\dllcache\kbda1.dll -> [2010/02/20 08:30:54 | 000,005,632 | ---- | C | MD5 = B6B5F451810EA14F9447BB5BB96B22F0] (Microsoft Corporation)
 kbdarme.dll -> C:\WINDOWS\System32\dllcache\kbdarme.dll -> [2010/02/20 08:30:54 | 000,005,120 | ---- | C | MD5 = 0EC03162E932B49E635A79445CCE1E4C] (Microsoft Corporation)
 imskf.dll -> C:\WINDOWS\System32\dllcache\imskf.dll -> [2010/02/20 08:30:53 | 000,315,455 | ---- | C | MD5 = 441072193AF1073A0E1D9DAD49D25015] (Microsoft Corporation)
 infocomm.dll -> C:\WINDOWS\System32\dllcache\infocomm.dll -> [2010/02/20 08:30:53 | 000,257,024 | ---- | C | MD5 = CF4C67E4C81BE8586B4EDE9E4FE0D267] (Microsoft Corporation)
 inetin51.exe -> C:\WINDOWS\System32\dllcache\inetin51.exe -> [2010/02/20 08:30:53 | 000,015,360 | ---- | C | MD5 = DB3C22745C0DA4666F3BE31F1AF36B2F] (Microsoft Corporation)
 infoctrs.dll -> C:\WINDOWS\System32\dllcache\infoctrs.dll -> [2010/02/20 08:30:53 | 000,008,704 | ---- | C | MD5 = FF3DCB79A1E0E96EBBD2D69610CCBF58] (Microsoft Corporation)
 imskdic.dll -> C:\WINDOWS\System32\dllcache\imskdic.dll -> [2010/02/20 08:30:52 | 000,471,102 | ---- | C | MD5 = C40AB2EFFFE3AC4A1351D0C6CAF3FAF9] (Microsoft Corporation)
 imjputyc.dll -> C:\WINDOWS\System32\dllcache\imjputyc.dll -> [2010/02/20 08:30:52 | 000,274,489 | ---- | C | MD5 = 22D76C7122051F200BB89FF7696D0DFA] (Microsoft Corporation)
 imjputy.exe -> C:\WINDOWS\System32\dllcache\imjputy.exe -> [2010/02/20 08:30:52 | 000,262,200 | ---- | C | MD5 = 40059162F691911DAD738CF7A5D569A1] (Microsoft Corporation)
 imjprw.exe -> C:\WINDOWS\System32\dllcache\imjprw.exe -> [2010/02/20 08:30:52 | 000,233,527 | ---- | C | MD5 = CCEB77BA901F8F5EB0092F860E88C3C5] (Microsoft Corporation)
 imjpmig.exe -> C:\WINDOWS\System32\dllcache\imjpmig.exe -> [2010/02/20 08:30:52 | 000,208,952 | ---- | C | MD5 = 7BBE4CF421AECC7F0226EDD75F12079F] (Microsoft Corporation)
 imlang.dll -> C:\WINDOWS\System32\dllcache\imlang.dll -> [2010/02/20 08:30:52 | 000,102,456 | ---- | C | MD5 = 0208F05B70F4C7EE1092A6397B942A12] (Microsoft Corporation)
 imkrinst.exe -> C:\WINDOWS\System32\dllcache\imkrinst.exe -> [2010/02/20 08:30:52 | 000,059,904 | ---- | C | MD5 = A7EEB5B6405DBAEB1128B09B6ADEF8F8] (Microsoft Corporation)
 imjpuex.exe -> C:\WINDOWS\System32\dllcache\imjpuex.exe -> [2010/02/20 08:30:52 | 000,045,109 | ---- | C | MD5 = 95BD14E24F1438AA1CC5AC023D03C9EC] (Microsoft Corporation)
 imjpcus.dll -> C:\WINDOWS\System32\dllcache\imjpcus.dll -> [2010/02/20 08:30:51 | 000,716,856 | ---- | C | MD5 = AD777D8DFC38B11C7705EDA50085F51E] (Microsoft Corporation)
 imjpcic.dll -> C:\WINDOWS\System32\dllcache\imjpcic.dll -> [2010/02/20 08:30:51 | 000,368,696 | ---- | C | MD5 = 0C9FAEF61D6BD19E9A1E5C4F490D2FC9] (Microsoft Corporation)
 imjpdct.exe -> C:\WINDOWS\System32\dllcache\imjpdct.exe -> [2010/02/20 08:30:51 | 000,307,257 | ---- | C | MD5 = 9F2D3141ED8AAA078C27F27D8BBC188B] (Microsoft Corporation)
 imjpdsvr.exe -> C:\WINDOWS\System32\dllcache\imjpdsvr.exe -> [2010/02/20 08:30:51 | 000,155,705 | ---- | C | MD5 = 08785071B116574B079DF3B4E4D37D4B] (Microsoft Corporation)
 imjpdct.dll -> C:\WINDOWS\System32\dllcache\imjpdct.dll -> [2010/02/20 08:30:51 | 000,081,976 | ---- | C | MD5 = A4C1445FC17E42A91AAE2A734684A75F] (Microsoft Corporation)
 imjpdadm.exe -> C:\WINDOWS\System32\dllcache\imjpdadm.exe -> [2010/02/20 08:30:51 | 000,057,398 | ---- | C | MD5 = 3CF7E3BE7038EB5A68319C36CD11AB90] (Microsoft Corporation)
 imjp81k.dll -> C:\WINDOWS\System32\dllcache\imjp81k.dll -> [2010/02/20 08:30:50 | 000,811,064 | ---- | C | MD5 = 2FA3AA17542825F837E119CC669943BC] (Microsoft Corporation)
 imjp81.ime -> C:\WINDOWS\System32\dllcache\imjp81.ime -> [2010/02/20 08:30:50 | 000,340,023 | ---- | C | MD5 = 5510BBA7190C545610597F0A109E0CA0] (Microsoft Corporation)
 imepadsv.exe -> C:\WINDOWS\System32\dllcache\imepadsv.exe -> [2010/02/20 08:30:50 | 000,311,359 | ---- | C | MD5 = E3EAF21C5981464B2992EDAE76DA680C] (Microsoft Corporation)
 imekrcic.dll -> C:\WINDOWS\System32\dllcache\imekrcic.dll -> [2010/02/20 08:30:50 | 000,106,496 | ---- | C | MD5 = 7930A91B89D67DE4A53B7BC837CC34CE] (Microsoft Corporation)
 imepadsm.dll -> C:\WINDOWS\System32\dllcache\imepadsm.dll -> [2010/02/20 08:30:50 | 000,102,463 | ---- | C | MD5 = 7FAB5149CA8F5518E641E68B47708F63] (Microsoft Corporation)
 imekr61.ime -> C:\WINDOWS\System32\dllcache\imekr61.ime -> [2010/02/20 08:30:50 | 000,094,720 | ---- | C | MD5 = 0BE4186EF76AED034FE43A0797F963FA] (Microsoft Corporation)
 imekrmbx.dll -> C:\WINDOWS\System32\dllcache\imekrmbx.dll -> [2010/02/20 08:30:50 | 000,086,016 | ---- | C | MD5 = B3D8FAE939CB1267247CB012218DC08A] (Microsoft Corporation)
 imekrmig.exe -> C:\WINDOWS\System32\dllcache\imekrmig.exe -> [2010/02/20 08:30:50 | 000,044,032 | ---- | C | MD5 = E6BB63BBE1BED01769CA87F4DAC286C8] (Microsoft Corporation)
 iische51.dll -> C:\WINDOWS\System32\dllcache\iische51.dll -> [2010/02/20 08:30:49 | 000,145,408 | ---- | C | MD5 = 383C02E69393F6A5D345DAFE729503F4] (Microsoft Corporation)
 iislog51.dll -> C:\WINDOWS\System32\dllcache\iislog51.dll -> [2010/02/20 08:30:49 | 000,079,872 | ---- | C | MD5 = 45AE139A4B7CB1951A37BCA3DC6CA372] (Microsoft Corporation)
 iisclex4.dll -> C:\WINDOWS\System32\dllcache\iisclex4.dll -> [2010/02/20 08:30:49 | 000,060,928 | ---- | C | MD5 = 60B31A23DC69C5974DAC031D12F05F2E] (Microsoft Corporation)
 iisadmin.dll -> C:\WINDOWS\System32\dllcache\iisadmin.dll -> [2010/02/20 08:30:49 | 000,025,088 | ---- | C | MD5 = 173531318F4A58593CF5C2F06426C3B6] (Microsoft Corporation)
 iiscrmap.dll -> C:\WINDOWS\System32\dllcache\iiscrmap.dll -> [2010/02/20 08:30:49 | 000,019,456 | ---- | C | MD5 = 52FF0C30B20DDC8134048B72C4EB9C86] (Microsoft Corporation)
 iisfecnv.dll -> C:\WINDOWS\System32\dllcache\iisfecnv.dll -> [2010/02/20 08:30:49 | 000,007,168 | ---- | C | MD5 = 0E64ED5EB846635639B3C658E7711A5E] (Microsoft Corporation)
 iissync.exe -> C:\WINDOWS\System32\dllcache\iissync.exe -> [2010/02/20 08:30:49 | 000,006,656 | ---- | C | MD5 = FB2208D05B6946EDCB7D5EA486033DC2] (Microsoft Corporation)
 iismui.dll -> C:\WINDOWS\System32\dllcache\iismui.dll -> [2010/02/20 08:30:49 | 000,003,584 | ---- | C | MD5 = CCF09AE003FE2EE15CB3696A3B8A6274] (Microsoft Corporation)
 hwxkor.dll -> C:\WINDOWS\System32\dllcache\hwxkor.dll -> [2010/02/20 08:30:45 | 010,129,408 | ---- | C | MD5 = 2A50D8AD12B16758DF06E7C0848ABF48] (Microsoft Corporation)
 hwxcht.dll -> C:\WINDOWS\System32\dllcache\hwxcht.dll -> [2010/02/20 08:30:36 | 010,096,640 | ---- | C | MD5 = AE60E8F7A33E3527C2EAD08C8A8A8953] (Microsoft Corporation)
 httpext.dll -> C:\WINDOWS\System32\dllcache\httpext.dll -> [2010/02/20 08:30:35 | 000,268,288 | ---- | C | MD5 = 3BBC58E91B4FE8E8DBB96304DF9151FD] (Microsoft Corporation)
 httpod51.dll -> C:\WINDOWS\System32\dllcache\httpod51.dll -> [2010/02/20 08:30:35 | 000,061,440 | ---- | C | MD5 = F5654FFD93BE43237FCD3E9F88039119] (Microsoft Corporation)
 hostmib.dll -> C:\WINDOWS\System32\dllcache\hostmib.dll -> [2010/02/20 08:30:35 | 000,039,936 | ---- | C | MD5 = C744B07A16F5FBAAF2892716F4DBCB1B] (Microsoft Corporation)
 hanjadic.dll -> C:\WINDOWS\System32\dllcache\hanjadic.dll -> [2010/02/20 08:30:35 | 000,036,864 | ---- | C | MD5 = 11B2D075297FF95EB49182FB9DA618F2] (Microsoft Corporation)
 httpmb51.dll -> C:\WINDOWS\System32\dllcache\httpmb51.dll -> [2010/02/20 08:30:35 | 000,008,192 | ---- | C | MD5 = F7540AA476A8A5DC175DF2E02ADC5093] (Microsoft Corporation)
 fxsxp32.dll -> C:\WINDOWS\System32\dllcache\fxsxp32.dll -> [2010/02/20 08:30:34 | 000,400,384 | ---- | C | MD5 = D8248466625F48A31820F2B8EA81660A] (Microsoft Corporation)
 fxstiff.dll -> C:\WINDOWS\System32\dllcache\fxstiff.dll -> [2010/02/20 08:30:34 | 000,397,312 | ---- | C | MD5 = 1144EF6B4BB72E33B41912AE1AE4F97A] (Microsoft Corporation)
 fxst30.dll -> C:\WINDOWS\System32\dllcache\fxst30.dll -> [2010/02/20 08:30:34 | 000,246,272 | ---- | C | MD5 = 0CE5F8AE9C371A965D17E3F2ED134809] (Microsoft Corporation)
 fxswzrd.dll -> C:\WINDOWS\System32\dllcache\fxswzrd.dll -> [2010/02/20 08:30:34 | 000,192,512 | ---- | C | MD5 = 02F152AA793BDCC06F6BF68DACC313CE] (Microsoft Corporation)
 fxsui.dll -> C:\WINDOWS\System32\dllcache\fxsui.dll -> [2010/02/20 08:30:34 | 000,154,112 | ---- | C | MD5 = C82A7449C35518E50969F4804B9E868E] (Microsoft Corporation)
 gzip.dll -> C:\WINDOWS\System32\dllcache\gzip.dll -> [2010/02/20 08:30:34 | 000,032,256 | ---- | C | MD5 = ECA78193AB6F44F5B3DDEC6C4E069186] (Microsoft Corporation)
 fxsst.dll -> C:\WINDOWS\System32\dllcache\fxsst.dll -> [2010/02/20 08:30:33 | 000,562,176 | ---- | C | MD5 = 90A9B542C9300E540864D9FE1C42A130] (Microsoft Corporation)
 fxscomex.dll -> C:\WINDOWS\System32\dllcache\fxscomex.dll -> [2010/02/20 08:30:33 | 000,285,184 | ---- | C | MD5 = E777FB8B90D71DBF80D33C04298A44AE] (Microsoft Corporation)
 fxssvc.exe -> C:\WINDOWS\System32\dllcache\fxssvc.exe -> [2010/02/20 08:30:33 | 000,267,776 | ---- | C | MD5 = E97D6A8684466DF94FF3BC24FB787A07] (Microsoft Corporation)
 fxscover.exe -> C:\WINDOWS\System32\dllcache\fxscover.exe -> [2010/02/20 08:30:33 | 000,229,376 | ---- | C | MD5 = 18D08C2775806ED82B08524078BA03A2] (Microsoft Corporation)
 fxsclnt.exe -> C:\WINDOWS\System32\dllcache\fxsclnt.exe -> [2010/02/20 08:30:33 | 000,142,848 | ---- | C | MD5 = 3FB7A90504E70D19CF4A206880620BEF] (Microsoft Corporation)
 fxsclntr.dll -> C:\WINDOWS\System32\dllcache\fxsclntr.dll -> [2010/02/20 08:30:33 | 000,132,608 | ---- | C | MD5 = 20F602BDAA95289994D60A55EA042D55] (Microsoft Corporation)
 fxscfgwz.dll -> C:\WINDOWS\System32\dllcache\fxscfgwz.dll -> [2010/02/20 08:30:33 | 000,111,104 | ---- | C | MD5 = 5999F0404FF132D3017FD9F3AF60F8BE] (Microsoft Corporation)
 fxscom.dll -> C:\WINDOWS\System32\dllcache\fxscom.dll -> [2010/02/20 08:30:33 | 000,072,192 | ---- | C | MD5 = C01219BEC6694C7416F862DA995603A6] (Microsoft Corporation)
 fxsevent.dll -> C:\WINDOWS\System32\dllcache\fxsevent.dll -> [2010/02/20 08:30:33 | 000,055,296 | ---- | C | MD5 = BDB83C844EDEC9BD01A94750D2C38DDF] (Microsoft Corporation)
 fxsroute.dll -> C:\WINDOWS\System32\dllcache\fxsroute.dll -> [2010/02/20 08:30:33 | 000,031,744 | ---- | C | MD5 = 2D583E2844FDD592D1629EB6B10E5702] (Microsoft Corporation)
 fxsdrv.dll -> C:\WINDOWS\System32\dllcache\fxsdrv.dll -> [2010/02/20 08:30:33 | 000,026,624 | ---- | C | MD5 = B23B7E66F340426BE5983ADF9016720F] (Microsoft Corporation)
 fxsext32.dll -> C:\WINDOWS\System32\dllcache\fxsext32.dll -> [2010/02/20 08:30:33 | 000,023,552 | ---- | C | MD5 = F555284E8596BEEB4C55CD82E6B4C3BC] (Microsoft Corporation)
 fxsmon.dll -> C:\WINDOWS\System32\dllcache\fxsmon.dll -> [2010/02/20 08:30:33 | 000,023,552 | ---- | C | MD5 = CC6292CA575E851E5B74BF8883AB967A] (Microsoft Corporation)
 fxssend.exe -> C:\WINDOWS\System32\dllcache\fxssend.exe -> [2010/02/20 08:30:33 | 000,011,264 | ---- | C | MD5 = 7A54FD8CDB223BC5A7224C91882C586A] (Microsoft Corporation)
 fxsperf.dll -> C:\WINDOWS\System32\dllcache\fxsperf.dll -> [2010/02/20 08:30:33 | 000,008,704 | ---- | C | MD5 = 8E091559EE14792D81B47BA26501FF42] (Microsoft Corporation)
 fxsres.dll -> C:\WINDOWS\System32\dllcache\fxsres.dll -> [2010/02/20 08:30:33 | 000,006,656 | ---- | C | MD5 = C3B131D6CB671B294154C986984509AC] (Microsoft Corporation)
 fp4autl.dll -> C:\WINDOWS\System32\dllcache\fp4autl.dll -> [2010/02/20 08:30:32 | 000,618,605 | ---- | C | MD5 = A181AF6CC485F3FADAF673F9EFCA2600] (Microsoft Corporation)
 fxsapi.dll -> C:\WINDOWS\System32\dllcache\fxsapi.dll -> [2010/02/20 08:30:32 | 000,451,584 | ---- | C | MD5 = 0329D0A4F230094B669A87BB3B85606E] (Microsoft Corporation)
 ftpsv251.dll -> C:\WINDOWS\System32\dllcache\ftpsv251.dll -> [2010/02/20 08:30:32 | 000,125,952 | ---- | C | MD5 = 0EFE595BF3342B68DDA1AD6630DBF041] (Microsoft Corporation)
 fpadmcgi.exe -> C:\WINDOWS\System32\dllcache\fpadmcgi.exe -> [2010/02/20 08:30:32 | 000,024,632 | ---- | C | MD5 = F00AF2BCAFF4AF688508716A4640DD92] (Microsoft Corporation)
 fpadmdll.dll -> C:\WINDOWS\System32\dllcache\fpadmdll.dll -> [2010/02/20 08:30:32 | 000,020,541 | ---- | C | MD5 = 6E5B8C0AB998B39F489357CE9D8ED408] (Microsoft Corporation)
 flattemp.exe -> C:\WINDOWS\System32\dllcache\flattemp.exe -> [2010/02/20 08:30:32 | 000,014,848 | ---- | C | MD5 = 87D3ED1916265ADA35B898DAEEFBBB73] (Microsoft Corporation)
 ftpctrs2.dll -> C:\WINDOWS\System32\dllcache\ftpctrs2.dll -> [2010/02/20 08:30:32 | 000,007,680 | ---- | C | MD5 = 6940BB66E8FC9307947E64FA3AB27799] (Microsoft Corporation)
 ftlx041e.dll -> C:\WINDOWS\System32\dllcache\ftlx041e.dll -> [2010/02/20 08:30:32 | 000,006,144 | ---- | C | MD5 = E7B5FBCE2684A6AF661AEDEB2D6C741C] (Microsoft Corporation)
 ftpmib.dll -> C:\WINDOWS\System32\dllcache\ftpmib.dll -> [2010/02/20 08:30:32 | 000,006,144 | ---- | C | MD5 = 01F6A8FB09C0FA0633E27D3FCB32DE71] (Microsoft Corporation)

[w619]

evntagnt.dll -> C:\WINDOWS\System32\dllcache\evntagnt.dll -> [2010/02/20 08:30:31 | 000,101,888 | ---- | C | MD5 = 14390243E43F290A61B0B1FB3602DC4F] (Microsoft Corporation)
 evntwin.exe -> C:\WINDOWS\System32\dllcache\evntwin.exe -> [2010/02/20 08:30:31 | 000,092,160 | ---- | C | MD5 = 944C37B5812DE862086DCBC313BEE3AB] (Microsoft Corporation)
 esunid.dll -> C:\WINDOWS\System32\dllcache\esunid.dll -> [2010/02/20 08:30:31 | 000,045,056 | ---- | C | MD5 = 923C2BD529CDF07B034147ECFAC3FDE5] (SEIKO EPSON CORP.)
 EXCH_fcachdll.dll -> C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll -> [2010/02/20 08:30:31 | 000,043,520 | ---- | C | MD5 = A2AB8BA0D91306C1AEB4235DD1D16A5E] (Microsoft Corporation)
 et4000.sys -> C:\WINDOWS\System32\dllcache\et4000.sys -> [2010/02/20 08:30:31 | 000,025,856 | ---- | C | MD5 = 52016D76B6F9810186DFDD5CCD53FA79] (Microsoft Corporation)
 evntcmd.exe -> C:\WINDOWS\System32\dllcache\evntcmd.exe -> [2010/02/20 08:30:31 | 000,024,064 | ---- | C | MD5 = 3E42EC792FE69A064585DCEA58336A01] (Microsoft Corporation)
 exstrace.dll -> C:\WINDOWS\System32\dllcache\exstrace.dll -> [2010/02/20 08:30:31 | 000,014,336 | ---- | C | MD5 = 5C4C5B46DF01A44515059E274439FEEB] (Microsoft Corporation)
 f3ahvoas.dll -> C:\WINDOWS\System32\dllcache\f3ahvoas.dll -> [2010/02/20 08:30:31 | 000,007,168 | ---- | C | MD5 = 0CB0A3BE2B48345085710D842C1BBC05] (Microsoft Corporation)
 edb500.dll -> C:\WINDOWS\System32\dllcache\edb500.dll -> [2010/02/20 08:30:30 | 000,514,587 | ---- | C | MD5 = D177E174BBA4349CAB132AA801FB430E] (Microsoft Corporation)
 esuimgd.dll -> C:\WINDOWS\System32\dllcache\esuimgd.dll -> [2010/02/20 08:30:30 | 000,057,856 | ---- | C | MD5 = 39CE8197EBDB097381901151A8490AE5] (SEIKO EPSON CORP.)
 esucmd.dll -> C:\WINDOWS\System32\dllcache\esucmd.dll -> [2010/02/20 08:30:30 | 000,031,744 | ---- | C | MD5 = DA0932D916311FB2AB761D62BCA0597C] (SEIKO EPSON CORP.)
 dayi.ime -> C:\WINDOWS\System32\dllcache\dayi.ime -> [2010/02/20 08:30:28 | 000,078,848 | ---- | C | MD5 = DC47D5147C07FE214380FC866963C8C0] (Microsoft Corporation)
 cplexe.exe -> C:\WINDOWS\System32\dllcache\cplexe.exe -> [2010/02/20 08:30:27 | 000,057,399 | ---- | C | MD5 = 135BD481FA24E24895B147FCCDC3BCC7] (Microsoft Corporation)
 davcdata.exe -> C:\WINDOWS\System32\dllcache\davcdata.exe -> [2010/02/20 08:30:27 | 000,042,496 | ---- | C | MD5 = E73DBE781CEAB122C698A3863E362775] (Microsoft Corporation)
 cprofile.exe -> C:\WINDOWS\System32\dllcache\cprofile.exe -> [2010/02/20 08:30:27 | 000,018,944 | ---- | C | MD5 = 05BD17032A05CAAE3231BB6755C8F4DC] (Microsoft Corporation)
 convlog.exe -> C:\WINDOWS\System32\dllcache\convlog.exe -> [2010/02/20 08:30:26 | 000,056,320 | ---- | C | MD5 = 68BCB7A7E8A752A6C19BA09DE202E9B6] (Microsoft Corporation)
 controt.dll -> C:\WINDOWS\System32\dllcache\controt.dll -> [2010/02/20 08:30:26 | 000,033,792 | ---- | C | MD5 = 9AD7C65121C8DEB404A8324BD62FE48F] (Microsoft Corporation)
 compfilt.dll -> C:\WINDOWS\System32\dllcache\compfilt.dll -> [2010/02/20 08:30:26 | 000,024,064 | ---- | C | MD5 = F005DFD204C96C94D4F1ED32377EF256] (Microsoft Corporation)
 counters.dll -> C:\WINDOWS\System32\dllcache\counters.dll -> [2010/02/20 08:30:26 | 000,020,480 | ---- | C | MD5 = 7C6CE07A37B1114BE16E12B492F75190] (Microsoft Corporation)
 cintsetp.exe -> C:\WINDOWS\System32\dllcache\cintsetp.exe -> [2010/02/20 08:30:25 | 000,480,256 | ---- | C | MD5 = BE88F67F4B2BD8B6B93B4DB223CE88BC] (Microsoft Corporation)
 cintime.dll -> C:\WINDOWS\System32\dllcache\cintime.dll -> [2010/02/20 08:30:25 | 000,198,656 | ---- | C | MD5 = 134D4AE18B4794DDE4B198F446E4145D] (Microsoft Corporation)
 chtmbx.dll -> C:\WINDOWS\System32\dllcache\chtmbx.dll -> [2010/02/20 08:30:25 | 000,097,792 | ---- | C | MD5 = 81F15F64359E95B2B9660CE02997EA0F] (Microsoft Corporation)
 chtskdic.dll -> C:\WINDOWS\System32\dllcache\chtskdic.dll -> [2010/02/20 08:30:25 | 000,056,320 | ---- | C | MD5 = F0ABEF69B8AD6FE776E67CC1FB1BA804] (Microsoft Corporation)
 cintlgnt.ime -> C:\WINDOWS\System32\dllcache\cintlgnt.ime -> [2010/02/20 08:30:25 | 000,021,504 | ---- | C | MD5 = 96DDB1E61337B7BE52F650C9B570FC46] (Microsoft Corporation)
 chsbrkr.dll -> C:\WINDOWS\System32\dllcache\chsbrkr.dll -> [2010/02/20 08:30:24 | 001,677,824 | ---- | C | MD5 = 91F6765610FDE0F2B46FB448DDA19408] (Microsoft Corporation)
 chtbrkr.dll -> C:\WINDOWS\System32\dllcache\chtbrkr.dll -> [2010/02/20 08:30:24 | 000,838,144 | ---- | C | MD5 = 10EDEF25D19C0123943FDD1CB9A0E36A] (Microsoft Corporation)
 chgusr.exe -> C:\WINDOWS\System32\dllcache\chgusr.exe -> [2010/02/20 08:30:24 | 000,014,336 | ---- | C | MD5 = EBC74CBA2EB2EA783F0A8F09207CF0BE] (Microsoft Corporation)
 chajei.ime -> C:\WINDOWS\System32\dllcache\chajei.ime -> [2010/02/20 08:30:23 | 000,078,336 | ---- | C | MD5 = 0419BC2473FA62BF61F615B4893CA299] (Microsoft Corporation)
 cap7146.sys -> C:\WINDOWS\System32\dllcache\cap7146.sys -> [2010/02/20 08:30:23 | 000,054,528 | ---- | C | MD5 = D57D0F293E4C296F89C148DB40A089AC] (Philips Semiconductors GmbH)
 chgport.exe -> C:\WINDOWS\System32\dllcache\chgport.exe -> [2010/02/20 08:30:23 | 000,015,872 | ---- | C | MD5 = 4C7E7570DA312657D58FEBB5735AA04A] (Microsoft Corporation)
 chglogon.exe -> C:\WINDOWS\System32\dllcache\chglogon.exe -> [2010/02/20 08:30:23 | 000,013,312 | ---- | C | MD5 = 015FC95FDD6105E050FF9D52637145A9] (Microsoft Corporation)
 change.exe -> C:\WINDOWS\System32\dllcache\change.exe -> [2010/02/20 08:30:23 | 000,009,728 | ---- | C | MD5 = 7094D790ECB2665FA49787B38CFAD078] (Microsoft Corporation)
 c_g18030.dll -> C:\WINDOWS\System32\dllcache\c_g18030.dll -> [2010/02/20 08:30:22 | 000,218,112 | ---- | C | MD5 = 4F210DE49BA0BDE0CA42AB74563D103C] (Microsoft Corporation)
 c_iscii.dll -> C:\WINDOWS\System32\dllcache\c_iscii.dll -> [2010/02/20 08:30:22 | 000,010,752 | ---- | C | MD5 = E36A034E3E54682477808BA92FECB075] (Microsoft Corporation)
 c_is2022.dll -> C:\WINDOWS\System32\dllcache\c_is2022.dll -> [2010/02/20 08:30:22 | 000,006,656 | ---- | C | MD5 = 2D51049B3DCE322880D9BC577677C225] (Microsoft Corporation)
 browscap.dll -> C:\WINDOWS\System32\dllcache\browscap.dll -> [2010/02/20 08:30:19 | 000,045,568 | ---- | C | MD5 = 1D47C8D93237BE21DAFFFA3F6AA733FB] (Microsoft Corporation)
 asptxn.dll -> C:\WINDOWS\System32\dllcache\asptxn.dll -> [2010/02/20 08:30:18 | 000,029,184 | ---- | C | MD5 = 21DBF6EF3D7729C0B26F36CF7802AFCE] (Microsoft Corporation)
 aspperf.dll -> C:\WINDOWS\System32\dllcache\aspperf.dll -> [2010/02/20 08:30:18 | 000,010,240 | ---- | C | MD5 = 6BD9EC5CC983BE5463A78EC92478E930] (Microsoft Corporation)
 authfilt.dll -> C:\WINDOWS\System32\dllcache\authfilt.dll -> [2010/02/20 08:30:18 | 000,009,216 | ---- | C | MD5 = 6FB79F7E5A040E71C579EB2B259810C3] (Microsoft Corporation)
 asp51.dll -> C:\WINDOWS\System32\dllcache\asp51.dll -> [2010/02/20 08:30:17 | 000,369,664 | ---- | C | MD5 = DA8A0D8BF9C6C1CC3AB712B7CEE7310F] (Microsoft Corporation)
 aqueue.dll -> C:\WINDOWS\System32\dllcache\aqueue.dll -> [2010/02/20 08:30:17 | 000,331,264 | ---- | C | MD5 = 5126AD9453668872D1BEB6477BD5C909] (Microsoft Corporation)
 appconf.dll -> C:\WINDOWS\System32\dllcache\appconf.dll -> [2010/02/20 08:30:17 | 000,108,544 | ---- | C | MD5 = CE7879467360D4AA83282CB108159938] (Microsoft Corporation)
 EXCH_aqadmin.dll -> C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll -> [2010/02/20 08:30:17 | 000,045,056 | ---- | C | MD5 = 3A62EE4657CD9645A677C7FBB5E3BE26] (Microsoft Corporation)
 agt0412.dll -> C:\WINDOWS\System32\dllcache\agt0412.dll -> [2010/02/20 08:30:17 | 000,019,456 | ---- | C | MD5 = 673AF99B34393B6D62D527A1D8684B9D] (Microsoft Corporation)
 agt0804.dll -> C:\WINDOWS\System32\dllcache\agt0804.dll -> [2010/02/20 08:30:17 | 000,019,456 | ---- | C | MD5 = 1310C12FC76A0D998E8447780234166F] (Microsoft Corporation)
 adrot.dll -> C:\WINDOWS\System32\dllcache\adrot.dll -> [2010/02/20 08:30:16 | 000,049,664 | ---- | C | MD5 = 52CF128DF70F518FCC408BF96324F729] (Microsoft Corporation)
 agt0411.dll -> C:\WINDOWS\System32\dllcache\agt0411.dll -> [2010/02/20 08:30:16 | 000,019,456 | ---- | C | MD5 = CF87B6CFE0E39C0ED9A3EC36489C331F] (Microsoft Corporation)
 agt040d.dll -> C:\WINDOWS\System32\dllcache\agt040d.dll -> [2010/02/20 08:30:16 | 000,019,456 | ---- | C | MD5 = 66FB2CFD2B32D2CE66DEFEF70F08C13D] (Microsoft Corporation)
 agt0401.dll -> C:\WINDOWS\System32\dllcache\agt0401.dll -> [2010/02/20 08:30:16 | 000,019,456 | ---- | C | MD5 = 61A7A3A9134094E291119A84A9A66F18] (Microsoft Corporation)
 agt0404.dll -> C:\WINDOWS\System32\dllcache\agt0404.dll -> [2010/02/20 08:30:16 | 000,019,456 | ---- | C | MD5 = 10B62053FBC4239837A537FF5D954DD1] (Microsoft Corporation)
 EXCH_adsiisex.dll -> C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll -> [2010/02/20 08:30:16 | 000,005,632 | ---- | C | MD5 = 74225903D1DAD268CD9D45F3FCD0660A] (Microsoft Corporation)
 admexs.dll -> C:\WINDOWS\System32\dllcache\admexs.dll -> [2010/02/20 08:30:15 | 000,029,696 | ---- | C | MD5 = 8B1520068B9C6BFB58BA63ABF8DBE25E] (Microsoft Corporation)
 admxprox.dll -> C:\WINDOWS\System32\dllcache\admxprox.dll -> [2010/02/20 08:30:15 | 000,006,144 | ---- | C | MD5 = F56B019F9B473CCB07EFBF5091D3CE25] (Microsoft Corporation)
 tcptest.exe -> C:\WINDOWS\System32\dllcache\tcptest.exe -> [2010/02/20 08:30:14 | 000,032,827 | ---- | C | MD5 = 412ED815756DEE6F7290A8D54A424332] (Microsoft Corporation)
 tcptsat.dll -> C:\WINDOWS\System32\dllcache\tcptsat.dll -> [2010/02/20 08:30:14 | 000,016,384 | ---- | C | MD5 = BBFF94CBC60CFFC7365BBC9F251EFFB5] (Microsoft Corporation)
 staxmem.dll -> C:\WINDOWS\System32\dllcache\staxmem.dll -> [2010/02/20 08:30:14 | 000,008,192 | ---- | C | MD5 = 3E3DC22FEDED0AAFF9604A6EA16404FB] (Microsoft Corporation)
 wamregps.dll -> C:\WINDOWS\System32\dllcache\wamregps.dll -> [2010/02/20 08:30:14 | 000,007,168 | ---- | C | MD5 = 0F424EDEF5DE908239B1B72D7803E7DF] (Microsoft Corporation)
 smtpsnap.dll -> C:\WINDOWS\System32\dllcache\smtpsnap.dll -> [2010/02/20 08:30:13 | 002,134,528 | ---- | C | MD5 = 4BD1211CDBF435E10BC4A6961BEC5F20] (Microsoft Corporation)
 smtpadm.dll -> C:\WINDOWS\System32\dllcache\smtpadm.dll -> [2010/02/20 08:30:13 | 000,189,440 | ---- | C | MD5 = CD6842EDBD6931FBEB6D0627117766FC] (Microsoft Corporation)
 shtml.dll -> C:\WINDOWS\System32\dllcache\shtml.dll -> [2010/02/20 08:30:13 | 000,020,536 | ---- | C | MD5 = 7B2AA831D00F2C11B70A0C8D60D67BD6] (Microsoft Corporation)
 shtml.exe -> C:\WINDOWS\System32\dllcache\shtml.exe -> [2010/02/20 08:30:13 | 000,016,437 | ---- | C | MD5 = 42A8698526DD794C0CDE86DD1EBABDEA] (Microsoft Corporation)
 logui.ocx -> C:\WINDOWS\System32\dllcache\logui.ocx -> [2010/02/20 08:30:11 | 000,076,800 | ---- | C | MD5 = 4419590A0A60FA437314B6D0CDA84098] (Microsoft Corporation)
 isatq.dll -> C:\WINDOWS\System32\dllcache\isatq.dll -> [2010/02/20 08:30:11 | 000,068,608 | ---- | C | MD5 = 415009D769F1651B83F59AD6625FCDD6] (Microsoft Corporation)
 inetsloc.dll -> C:\WINDOWS\System32\dllcache\inetsloc.dll -> [2010/02/20 08:30:11 | 000,019,968 | ---- | C | MD5 = 294FEE755CC4A6A8F556B19A8F4F1C76] (Microsoft Corporation)
 infoadmn.dll -> C:\WINDOWS\System32\dllcache\infoadmn.dll -> [2010/02/20 08:30:11 | 000,013,312 | ---- | C | MD5 = 08E93ED452CECD72F0EAFBB08489A175] (Microsoft Corporation)
 inetmgr.exe -> C:\WINDOWS\System32\dllcache\inetmgr.exe -> [2010/02/20 08:30:11 | 000,007,680 | ---- | C | MD5 = BD6D8F2B9E0063CC7CA677EE0ED0CF1C] (Microsoft Corporation)
 inetmgr.dll -> C:\WINDOWS\System32\dllcache\inetmgr.dll -> [2010/02/20 08:30:10 | 000,829,440 | ---- | C | MD5 = F0A30FF7A188A22BDE053CA709AA5259] (Microsoft Corporation)
 iisui.dll -> C:\WINDOWS\System32\dllcache\iisui.dll -> [2010/02/20 08:30:10 | 000,169,984 | ---- | C | MD5 = 4AF2AB2AF64CD46E8FFED86A9B13C132] (Microsoft Corporation)
 iisrtl.dll -> C:\WINDOWS\System32\dllcache\iisrtl.dll -> [2010/02/20 08:30:10 | 000,133,632 | ---- | C | MD5 = EA77DB688F86723EF710F41E56777734] (Microsoft Corporation)
 iisext51.dll -> C:\WINDOWS\System32\dllcache\iisext51.dll -> [2010/02/20 08:30:10 | 000,068,608 | ---- | C | MD5 = AF2B8B4D48FF9849EA06850D4B8312D2] (Microsoft Corporation)
 iismap.dll -> C:\WINDOWS\System32\dllcache\iismap.dll -> [2010/02/20 08:30:10 | 000,064,512 | ---- | C | MD5 = CD2DCBA9155D7F03001E5B6EE5963638] (Microsoft Corporation)
 iisrstas.exe -> C:\WINDOWS\System32\dllcache\iisrstas.exe -> [2010/02/20 08:30:10 | 000,030,720 | ---- | C | MD5 = 167E83E9776B57FA5CD3B37FBD1D935F] (Microsoft Corporation)
 fpremadm.exe -> C:\WINDOWS\System32\dllcache\fpremadm.exe -> [2010/02/20 08:30:10 | 000,020,538 | ---- | C | MD5 = B02F79BCE36D992B357779A7E329DC2E] (Microsoft Corporation)
 iisreset.exe -> C:\WINDOWS\System32\dllcache\iisreset.exe -> [2010/02/20 08:30:10 | 000,014,336 | ---- | C | MD5 = 0E638F28758084C7821BD45F10DB286D] (Microsoft Corporation)
 ftpsapi2.dll -> C:\WINDOWS\System32\dllcache\ftpsapi2.dll -> [2010/02/20 08:30:10 | 000,006,144 | ---- | C | MD5 = 19B7369A0C15701716CA5662CAFF18C5] (Microsoft Corporation)
 iisrstap.dll -> C:\WINDOWS\System32\dllcache\iisrstap.dll -> [2010/02/20 08:30:10 | 000,005,632 | ---- | C | MD5 = 43AB2571C0DFCF7367033C3387A65E57] (Microsoft Corporation)
 fp4awel.dll -> C:\WINDOWS\System32\dllcache\fp4awel.dll -> [2010/02/20 08:30:09 | 000,876,653 | ---- | C | MD5 = 539E2AA58AFCBDFCF15C965D53545CDC] (Microsoft Corporation)
 fpmmc.dll -> C:\WINDOWS\System32\dllcache\fpmmc.dll -> [2010/02/20 08:30:09 | 000,598,071 | ---- | C | MD5 = 6BFE9E65977FAB5987AAC80218ED9F8D] (Microsoft Corporation)
 fpmmcsat.dll -> C:\WINDOWS\System32\dllcache\fpmmcsat.dll -> [2010/02/20 08:30:09 | 000,208,896 | ---- | C | MD5 = 7648059461B601B4FBF82E39EC37E22B] (Microsoft Corporation)
 fpcount.exe -> C:\WINDOWS\System32\dllcache\fpcount.exe -> [2010/02/20 08:30:09 | 000,188,494 | ---- | C | MD5 = 224B007D7C4292F8186C7B7762161BD9] (Microsoft Corporation)
 fp98swin.exe -> C:\WINDOWS\System32\dllcache\fp98swin.exe -> [2010/02/20 08:30:09 | 000,109,328 | ---- | C | MD5 = 1CEBC12EC1EAFFDFEBB5354936A8D32A] (Microsoft Corporation)
 fp4awebs.dll -> C:\WINDOWS\System32\dllcache\fp4awebs.dll -> [2010/02/20 08:30:09 | 000,049,212 | ---- | C | MD5 = AFB3EAF47D8D8B0EC49B5A56907D6B4E] (Microsoft Corporation)
 fp4avnb.dll -> C:\WINDOWS\System32\dllcache\fp4avnb.dll -> [2010/02/20 08:30:09 | 000,041,020 | ---- | C | MD5 = DBF21AA3672ABD66A7A81367918C6558] (Microsoft Corporation)
 fp4avss.dll -> C:\WINDOWS\System32\dllcache\fp4avss.dll -> [2010/02/20 08:30:09 | 000,032,826 | ---- | C | MD5 = 794791B86C36FA195F04EAB3475BBF46] (Microsoft Corporation)
 fpexedll.dll -> C:\WINDOWS\System32\dllcache\fpexedll.dll -> [2010/02/20 08:30:09 | 000,020,541 | ---- | C | MD5 = B4914A686146393C690DC0F78A0D5328] (Microsoft Corporation)
 fp98sadm.exe -> C:\WINDOWS\System32\dllcache\fp98sadm.exe -> [2010/02/20 08:30:09 | 000,014,608 | ---- | C | MD5 = 4CE9301E409B099669EE87F41EB0312D] (Microsoft Corporation)
 certwiz.ocx -> C:\WINDOWS\System32\dllcache\certwiz.ocx -> [2010/02/20 08:30:08 | 000,275,968 | ---- | C | MD5 = 687F8234896C60B54FE4555F08069A15] (Microsoft Corporation)
 cfgwiz.exe -> C:\WINDOWS\System32\dllcache\cfgwiz.exe -> [2010/02/20 08:30:08 | 000,188,480 | ---- | C | MD5 = C91B0AF008E40FB467AE75520DC5261A] (Microsoft Corporation)
 fp4amsft.dll -> C:\WINDOWS\System32\dllcache\fp4amsft.dll -> [2010/02/20 08:30:08 | 000,184,435 | ---- | C | MD5 = 4AC6CABEB780130CE6458B07F19B8CD0] (Microsoft Corporation)
 fp4apws.dll -> C:\WINDOWS\System32\dllcache\fp4apws.dll -> [2010/02/20 08:30:08 | 000,147,513 | ---- | C | MD5 = 9857E73F640487CD202997DB6F8C4DCB] (Microsoft Corporation)
 fp4atxt.dll -> C:\WINDOWS\System32\dllcache\fp4atxt.dll -> [2010/02/20 08:30:08 | 000,102,509 | ---- | C | MD5 = 3234E92257E365F8AFD5F7D33A939D9B] (Microsoft Corporation)
 certmap.ocx -> C:\WINDOWS\System32\dllcache\certmap.ocx -> [2010/02/20 08:30:08 | 000,094,720 | ---- | C | MD5 = B9FD14BF4EA0EB75B0D2C0759CAA8F03] (Microsoft Corporation)
 fp4anscp.dll -> C:\WINDOWS\System32\dllcache\fp4anscp.dll -> [2010/02/20 08:30:08 | 000,082,035 | ---- | C | MD5 = 07809EBACF4CECEAD6513CC1F1188F38] (Microsoft Corporation)
 cnfgprts.ocx -> C:\WINDOWS\System32\dllcache\cnfgprts.ocx -> [2010/02/20 08:30:08 | 000,076,288 | ---- | C | MD5 = 929AAEAF93C4ACDCCDAFFC0B0EC10584] (Microsoft Corporation)
 fp4areg.dll -> C:\WINDOWS\System32\dllcache\fp4areg.dll -> [2010/02/20 08:30:08 | 000,049,210 | ---- | C | MD5 = 4801B97855B110822917F1A798020BE1] (Microsoft Corporation)
 coadmin.dll -> C:\WINDOWS\System32\dllcache\coadmin.dll -> [2010/02/20 08:30:08 | 000,046,592 | ---- | C | MD5 = 0E9106A49B72FF5E6C7EED93373A401A] (Microsoft Corporation)
 adsiis51.dll -> C:\WINDOWS\System32\dllcache\adsiis51.dll -> [2010/02/20 08:30:07 | 000,290,816 | ---- | C | MD5 = B9EDD879AF15961954DE893E60BB48D2] (Microsoft Corporation)
 admwprox.dll -> C:\WINDOWS\System32\dllcache\admwprox.dll -> [2010/02/20 08:30:07 | 000,043,520 | ---- | C | MD5 = 11848E7EBAF7D9624FA99B05226DB027] (Microsoft Corporation)
 author.dll -> C:\WINDOWS\System32\dllcache\author.dll -> [2010/02/20 08:30:07 | 000,020,540 | ---- | C | MD5 = B3391935817CD98EA7ED5B70AE713245] (Microsoft Corporation)
 author.exe -> C:\WINDOWS\System32\dllcache\author.exe -> [2010/02/20 08:30:07 | 000,016,439 | ---- | C | MD5 = 64F04CCD27271961B8E4A5DA12B54EB6] (Microsoft Corporation)
 admin.exe -> C:\WINDOWS\System32\dllcache\admin.exe -> [2010/02/20 08:30:07 | 000,016,439 | ---- | C | MD5 = 64F04CCD27271961B8E4A5DA12B54EB6] (Microsoft Corporation)
 admin.dll -> C:\WINDOWS\System32\dllcache\admin.dll -> [2010/02/20 08:30:05 | 000,020,540 | ---- | C | MD5 = 0D71BE0D4344813AD0F86B44C1B966DB] (Microsoft Corporation)
 xircom -> C:\WINDOWS\System32\xircom -> [2010/02/20 08:30:04 | 000,000,000 | ---D | C]
 xerox -> C:\Program Files\xerox -> [2010/02/20 08:30:04 | 000,000,000 | ---D | C]
 microsoft frontpage -> C:\Program Files\microsoft frontpage -> [2010/02/20 08:30:04 | 000,000,000 | ---D | C]
 Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2010/02/20 08:29:45 | 000,000,000 | --SD | M]
 Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2010/02/20 08:29:45 | 000,000,000 | --SD | M]
 mapi32.dll -> C:\WINDOWS\System32\mapi32.dll -> [2010/02/20 08:29:36 | 000,112,128 | ---- | C | MD5 = E81BBE78A8EF85ACD490B3E64EF63A7C] (Microsoft Corporation)
 DRM -> C:\Documents and Settings\All Users\DRM -> [2010/02/20 08:29:07 | 000,000,000 | -HSD | C]
 Downloaded Program Files -> C:\WINDOWS\Downloaded Program Files -> [2010/02/20 08:29:01 | 000,000,000 | --SD | C]
 Offline Web Pages -> C:\WINDOWS\Offline Web Pages -> [2010/02/20 08:29:01 | 000,000,000 | R--D | C]
 WindowsUpdate -> C:\Program Files\WindowsUpdate -> [2010/02/20 08:28:54 | 000,000,000 | -H-D | C]
 DirectX -> C:\WINDOWS\System32\DirectX -> [2010/02/20 08:28:38 | 000,000,000 | ---D | C]
 notiflag.exe -> C:\WINDOWS\System32\dllcache\notiflag.exe -> [2010/02/20 08:28:32 | 000,035,328 | ---- | C | MD5 = E5785CAED1D5D422A2906170521FD4C3] (Microsoft Corporation)
 brpinfo.dll -> C:\WINDOWS\System32\dllcache\brpinfo.dll -> [2010/02/20 08:28:32 | 000,021,504 | ---- | C | MD5 = 6073EDCE194E187E3362D153C19422B9] (Microsoft Corporation)
 atrace.dll -> C:\WINDOWS\System32\dllcache\atrace.dll -> [2010/02/20 08:28:32 | 000,011,264 | ---- | C | MD5 = 1204FA2AB2A5F321125F777E8D061B22] (Microsoft Corporation)
 atrace.dll -> C:\WINDOWS\System32\atrace.dll -> [2010/02/20 08:28:32 | 000,011,264 | ---- | C | MD5 = 1204FA2AB2A5F321125F777E8D061B22] (Microsoft Corporation)
 helphost.exe -> C:\WINDOWS\System32\dllcache\helphost.exe -> [2010/02/20 08:28:31 | 000,099,840 | ---- | C | MD5 = CF2C9FE66DC2F03BA808291EF5FE0A41] (Microsoft Corporation)
 hcappres.dll -> C:\WINDOWS\System32\dllcache\hcappres.dll -> [2010/02/20 08:28:31 | 000,006,656 | ---- | C | MD5 = CAF25369B9C7CA27D700D89EA8C7E528] (Microsoft Corporation)
 srdiag.exe -> C:\WINDOWS\System32\dllcache\srdiag.exe -> [2010/02/20 08:28:22 | 000,047,104 | ---- | C | MD5 = 61309EBC9DB4669399591E1D7040D0DB] (Microsoft Corporation)
 nmevtmsg.dll -> C:\WINDOWS\System32\nmevtmsg.dll -> [2010/02/20 08:28:21 | 000,012,288 | ---- | C | MD5 = 3C891D38FF07120FD926F51A37568646] (Microsoft Corporation)
 nmevtmsg.dll -> C:\WINDOWS\System32\dllcache\nmevtmsg.dll -> [2010/02/20 08:28:21 | 000,012,288 | ---- | C | MD5 = 3C891D38FF07120FD926F51A37568646] (Microsoft Corporation)
 acctres.dll -> C:\WINDOWS\System32\dllcache\acctres.dll -> [2010/02/20 08:28:20 | 000,064,512 | ---- | C | MD5 = 441086F355F0DEA94621984C9A3BE765] (Microsoft Corporation)
 acctres.dll -> C:\WINDOWS\System32\acctres.dll -> [2010/02/20 08:28:20 | 000,064,512 | ---- | C | MD5 = 441086F355F0DEA94621984C9A3BE765] (Microsoft Corporation)
 msinfo32.exe -> C:\WINDOWS\System32\dllcache\msinfo32.exe -> [2010/02/20 08:28:20 | 000,039,936 | ---- | C | MD5 = 090D5891041E35E18C77F664581C0BD6] (Microsoft Corporation)
 cb32.exe -> C:\WINDOWS\System32\dllcache\cb32.exe -> [2010/02/20 08:28:20 | 000,012,288 | ---- | C | MD5 = B2950DA8CC2722D7DF69F549143C2950] (Microsoft Corporation)
 wb32.exe -> C:\WINDOWS\System32\dllcache\wb32.exe -> [2010/02/20 08:28:20 | 000,012,288 | ---- | C | MD5 = 0C1619499CA3DFA0D1D22F128B98BB59] (Microsoft Corporation)
 Services -> C:\Program Files\Common Files\Services -> [2010/02/20 08:28:19 | 000,000,000 | ---D | C]

[w619]

icwtutor.exe -> C:\WINDOWS\System32\dllcache\icwtutor.exe -> [2010/02/20 08:28:16 | 000,073,728 | ---- | C | MD5 = 4AD3DA672915DB74B7673CFA211213FA] (Microsoft Corporation)
 icwres.dll -> C:\WINDOWS\System32\dllcache\icwres.dll -> [2010/02/20 08:28:16 | 000,061,440 | ---- | C | MD5 = FD2B2C4D558C583BD21D746250ADD3AB] (Microsoft Corporation)
 trialoc.dll -> C:\WINDOWS\System32\dllcache\trialoc.dll -> [2010/02/20 08:28:16 | 000,040,960 | ---- | C | MD5 = 8CA04F69DC152D68C273867F221F5CFE] (Microsoft Corporation)
 mssoapr.dll -> C:\WINDOWS\System32\dllcache\mssoapr.dll -> [2010/02/20 08:28:16 | 000,023,552 | ---- | C | MD5 = 238C4E8AA053D037379A1D9CBBD6A444] (Microsoft Corporation)
 icfgnt5.dll -> C:\WINDOWS\System32\icfgnt5.dll -> [2010/02/20 08:28:16 | 000,016,384 | ---- | C | MD5 = BE085C746EA903B38204053FF709C634] (Microsoft Corporation)
 icfgnt5.dll -> C:\WINDOWS\System32\dllcache\icfgnt5.dll -> [2010/02/20 08:28:16 | 000,016,384 | ---- | C | MD5 = BE085C746EA903B38204053FF709C634] (Microsoft Corporation)
 isignup.exe -> C:\WINDOWS\System32\dllcache\isignup.exe -> [2010/02/20 08:28:16 | 000,016,384 | ---- | C | MD5 = 6E54B39233E0D7607D340B4D40564134] (Microsoft Corporation)
 Tasks -> C:\WINDOWS\Tasks -> [2010/02/20 08:28:16 | 000,000,000 | --SD | C]
 mssoap1.dll -> C:\WINDOWS\System32\dllcache\mssoap1.dll -> [2010/02/20 08:28:15 | 000,235,520 | ---- | C | MD5 = 85C22A362F588A47DDE85DC94E0F73E3] (Microsoft Corporation)
 ieinfo5.ocx -> C:\WINDOWS\System32\dllcache\ieinfo5.ocx -> [2010/02/20 08:28:15 | 000,093,184 | ---- | C | MD5 = E7751E6684EBE5BB16D8999FB1E9AA8D] (Microsoft Corporation)
 wisc10.dll -> C:\WINDOWS\System32\dllcache\wisc10.dll -> [2010/02/20 08:28:15 | 000,025,088 | ---- | C | MD5 = 472FE480817B770BABEF22F6E2B68194] (Microsoft Corporation)
 MSSoap -> C:\Program Files\Common Files\MSSoap -> [2010/02/20 08:28:15 | 000,000,000 | ---D | C]
 srchui.dll -> C:\WINDOWS\System32\dllcache\srchui.dll -> [2010/02/20 08:28:11 | 000,726,078 | ---- | C | MD5 = 36FB831C6BDA449730DEAD22901C7FC0] (Microsoft Corporation)
 srchctls.dll -> C:\WINDOWS\System32\dllcache\srchctls.dll -> [2010/02/20 08:28:11 | 000,058,434 | ---- | C | MD5 = F7B835130EA8A6D900ED425CFF42E394] (Microsoft Corporation)
 msgr3en.dll -> C:\WINDOWS\System32\dllcache\msgr3en.dll -> [2010/02/20 08:28:10 | 003,166,208 | ---- | C | MD5 = 212BB4EE895E4B40E6A7C212868074C9] (Microsoft Corporation)
 VGX.dll -> C:\WINDOWS\System32\dllcache\VGX.dll -> [2010/02/20 08:28:10 | 000,759,296 | ---- | C | MD5 = E9B8DFF0C25C3933A1B4216AFC3619B0] (Microsoft Corporation)
 srchasst -> C:\WINDOWS\srchasst -> [2010/02/20 08:28:10 | 000,000,000 | ---D | C]
 Macromed -> C:\WINDOWS\System32\Macromed -> [2010/02/20 08:28:09 | 000,000,000 | ---D | C]
 setup_wm.exe -> C:\WINDOWS\System32\dllcache\setup_wm.exe -> [2010/02/20 08:28:08 | 001,669,120 | ---- | C | MD5 = B75457B45B2D23AA996659C69AEAD919] (Microsoft Corporation)
 mpvis.dll -> C:\WINDOWS\System32\dllcache\mpvis.dll -> [2010/02/20 08:28:08 | 000,243,712 | ---- | C | MD5 = B46324A943915EC6FBF521F3C31961DA] (Microsoft Corporation)
 wmpband.dll -> C:\WINDOWS\System32\dllcache\wmpband.dll -> [2010/02/20 08:28:08 | 000,096,256 | ---- | C | MD5 = 0E3D30F8CDD82E7E64938459CA90D9F0] (Microsoft Corporation)
 migrate.exe -> C:\WINDOWS\System32\dllcache\migrate.exe -> [2010/02/20 08:28:07 | 000,786,432 | ---- | C | MD5 = 2A7A3A8F016FBA41D92070EEE333F97E] (Microsoft Corporation)
 npdrmv2.dll -> C:\WINDOWS\System32\dllcache\npdrmv2.dll -> [2010/02/20 08:28:07 | 000,226,816 | ---- | C | MD5 = 28000D7EEB2FD95A36E1A7539F599C3B] (Microsoft Corporation)
 wmpns.dll -> C:\WINDOWS\System32\dllcache\wmpns.dll -> [2010/02/20 08:28:07 | 000,221,184 | ---- | C | MD5 = C5B41140DBDA488A02E8D33B5FF95686] (Microsoft Corporation)
 wmplayer.exe -> C:\WINDOWS\System32\dllcache\wmplayer.exe -> [2010/02/20 08:28:07 | 000,064,000 | ---- | C | MD5 = D478331FEE85E840F7D89EDD06190DFC] (Microsoft Corporation)
 custsat.dll -> C:\WINDOWS\System32\dllcache\custsat.dll -> [2010/02/20 08:28:07 | 000,033,792 | ---- | C | MD5 = BD86E02064D60C6B324F3E1ED4183059] (Microsoft Corporation)
 npdsplay.dll -> C:\WINDOWS\System32\dllcache\npdsplay.dll -> [2010/02/20 08:28:06 | 000,364,544 | ---- | C | MD5 = 5D41BCD19A3D90E4EBB58A6BFB79E4F7] (Microsoft Corporation (written by Digital Renaissance Inc.))
 npwmsdrm.dll -> C:\WINDOWS\System32\dllcache\npwmsdrm.dll -> [2010/02/20 08:28:06 | 000,010,240 | ---- | C | MD5 = 8B6884E3E1E5F8ABA5FA0C6A2B13181D] (Microsoft Corporation)
 mplayer2.exe -> C:\WINDOWS\System32\dllcache\mplayer2.exe -> [2010/02/20 08:28:06 | 000,004,639 | ---- | C | MD5 = E0F1B981CD9F2C10FA21118AE09F4114] (Microsoft Corporation)
 wuaueng.dll -> C:\WINDOWS\System32\dllcache\wuaueng.dll -> [2010/02/20 08:28:05 | 001,929,952 | ---- | C | MD5 = 6298277B73C77FA99106B271A7525163] (Microsoft Corporation)
 wucltui.dll -> C:\WINDOWS\System32\wucltui.dll -> [2010/02/20 08:28:05 | 000,327,896 | ---- | C | MD5 = 39AA47A1ACBB6A92BF875B535EEAF911] (Microsoft Corporation)
 wucltui.dll -> C:\WINDOWS\System32\dllcache\wucltui.dll -> [2010/02/20 08:28:05 | 000,327,896 | ---- | C | MD5 = 39AA47A1ACBB6A92BF875B535EEAF911] (Microsoft Corporation)
 wuaucpl.cpl -> C:\WINDOWS\System32\dllcache\wuaucpl.cpl -> [2010/02/20 08:28:05 | 000,217,816 | ---- | C | MD5 = 37BF196917FA0C591BAFCD7949524FF3] (Microsoft Corporation)
 wuweb.dll -> C:\WINDOWS\System32\dllcache\wuweb.dll -> [2010/02/20 08:28:05 | 000,209,632 | ---- | C | MD5 = 033AF4CE25B6D871F0DE2C982658E049] (Microsoft Corporation)
 wuaueng1.dll -> C:\WINDOWS\System32\wuaueng1.dll -> [2010/02/20 08:28:05 | 000,183,296 | ---- | C | MD5 = CAD35C78C72E1D2154CB55A49FB4E1CC] (Microsoft Corporation)
 wuaueng1.dll -> C:\WINDOWS\System32\dllcache\wuaueng1.dll -> [2010/02/20 08:28:05 | 000,183,296 | ---- | C | MD5 = CAD35C78C72E1D2154CB55A49FB4E1CC] (Microsoft Corporation)
 wuauclt1.exe -> C:\WINDOWS\System32\wuauclt1.exe -> [2010/02/20 08:28:05 | 000,165,888 | ---- | C | MD5 = 7EF35DB257F647A73DB396AA9760D011] (Microsoft Corporation)
 wuauclt1.exe -> C:\WINDOWS\System32\dllcache\wuauclt1.exe -> [2010/02/20 08:28:05 | 000,165,888 | ---- | C | MD5 = 7EF35DB257F647A73DB396AA9760D011] (Microsoft Corporation)
 wuauclt.exe -> C:\WINDOWS\System32\dllcache\wuauclt.exe -> [2010/02/20 08:28:05 | 000,053,472 | ---- | C | MD5 = 62BB79160F86CD962F312C68C6239BFD] (Microsoft Corporation)
 wups.dll -> C:\WINDOWS\System32\wups.dll -> [2010/02/20 08:28:05 | 000,035,552 | ---- | C | MD5 = 1D326842006C4BE77ECD848CF89F01AB] (Microsoft Corporation)
 wups.dll -> C:\WINDOWS\System32\dllcache\wups.dll -> [2010/02/20 08:28:05 | 000,035,552 | ---- | C | MD5 = 1D326842006C4BE77ECD848CF89F01AB] (Microsoft Corporation)
 wuauserv.dll -> C:\WINDOWS\System32\dllcache\wuauserv.dll -> [2010/02/20 08:28:05 | 000,006,656 | ---- | C | MD5 = 35321FB577CDC98CE3EB3A3EB9E4610A] (Microsoft Corporation)
 wuapi.dll -> C:\WINDOWS\System32\wuapi.dll -> [2010/02/20 08:28:04 | 000,575,704 | ---- | C | MD5 = 009758CC06B7F55B4A4D16A66E243C24] (Microsoft Corporation)
 wuapi.dll -> C:\WINDOWS\System32\dllcache\wuapi.dll -> [2010/02/20 08:28:04 | 000,575,704 | ---- | C | MD5 = 009758CC06B7F55B4A4D16A66E243C24] (Microsoft Corporation)
 qmgr.dll -> C:\WINDOWS\System32\dllcache\qmgr.dll -> [2010/02/20 08:28:04 | 000,409,088 | ---- | C | MD5 = 574738F61FCA2935F5265DC4E5691314] (Microsoft Corporation)
 qmgrprxy.dll -> C:\WINDOWS\System32\qmgrprxy.dll -> [2010/02/20 08:28:04 | 000,018,944 | ---- | C | MD5 = F1DAC7969C1337AF790BD1D981AA780C] (Microsoft Corporation)
 qmgrprxy.dll -> C:\WINDOWS\System32\dllcache\qmgrprxy.dll -> [2010/02/20 08:28:04 | 000,018,944 | ---- | C | MD5 = F1DAC7969C1337AF790BD1D981AA780C] (Microsoft Corporation)
 bitsprx2.dll -> C:\WINDOWS\System32\dllcache\bitsprx2.dll -> [2010/02/20 08:28:04 | 000,008,192 | ---- | C | MD5 = 9B2E14F4D66A59306584566A705F8CDD] (Microsoft Corporation)
 bitsprx2.dll -> C:\WINDOWS\System32\bitsprx2.dll -> [2010/02/20 08:28:04 | 000,008,192 | ---- | C | MD5 = 9B2E14F4D66A59306584566A705F8CDD] (Microsoft Corporation)
 bitsprx4.dll -> C:\WINDOWS\System32\dllcache\bitsprx4.dll -> [2010/02/20 08:28:04 | 000,007,168 | ---- | C | MD5 = 97AE3A4180CAB360F44F7F03E5E0F409] (Microsoft Corporation)
 bitsprx4.dll -> C:\WINDOWS\System32\bitsprx4.dll -> [2010/02/20 08:28:04 | 000,007,168 | ---- | C | MD5 = 97AE3A4180CAB360F44F7F03E5E0F409] (Microsoft Corporation)
 bitsprx3.dll -> C:\WINDOWS\System32\dllcache\bitsprx3.dll -> [2010/02/20 08:28:04 | 000,007,168 | ---- | C | MD5 = 08763C1AE79D88D122207D0471E834DB] (Microsoft Corporation)
 bitsprx3.dll -> C:\WINDOWS\System32\bitsprx3.dll -> [2010/02/20 08:28:04 | 000,007,168 | ---- | C | MD5 = 08763C1AE79D88D122207D0471E834DB] (Microsoft Corporation)
 wmm2res2.dll -> C:\WINDOWS\System32\dllcache\wmm2res2.dll -> [2010/02/20 08:28:02 | 000,005,632 | ---- | C | MD5 = 2FB4984EBEF2F1E74D6C0867F9099091] (Microsoft Corporation)
 wmm2eres.dll -> C:\WINDOWS\System32\dllcache\wmm2eres.dll -> [2010/02/20 08:28:02 | 000,004,096 | ---- | C | MD5 = AA1E8A314692133AD1F963465417F615] (Microsoft Corporation)
 wmm2res.dll -> C:\WINDOWS\System32\dllcache\wmm2res.dll -> [2010/02/20 08:28:01 | 004,256,768 | ---- | C | MD5 = FB4219755CD6D416AC06A38AAFBE6268] (Microsoft Corporation)
 wmm2fxa.dll -> C:\WINDOWS\System32\dllcache\wmm2fxa.dll -> [2010/02/20 08:28:01 | 000,502,272 | ---- | C | MD5 = 7C50487F2A394F722A4649E656DB5564] (Microsoft Corporation)
 wmm2filt.dll -> C:\WINDOWS\System32\dllcache\wmm2filt.dll -> [2010/02/20 08:28:01 | 000,402,432 | ---- | C | MD5 = 0DD3015E8F262D2467461BE651E54528] (Microsoft Corporation)
 wmm2fxb.dll -> C:\WINDOWS\System32\dllcache\wmm2fxb.dll -> [2010/02/20 08:28:01 | 000,325,632 | ---- | C | MD5 = 3366EFAA9440BC7220C874137D690816] (Microsoft Corporation)
 wmm2ae.dll -> C:\WINDOWS\System32\dllcache\wmm2ae.dll -> [2010/02/20 08:28:01 | 000,167,936 | ---- | C | MD5 = A31C2F7DCB2765F5A7804E96A77E3753] (Microsoft Corporation)
 wmm2ext.dll -> C:\WINDOWS\System32\dllcache\wmm2ext.dll -> [2010/02/20 08:28:01 | 000,007,680 | ---- | C | MD5 = BC1D036E33F8779ED0D2DC6B528B891C] (Microsoft Corporation)
 moviemk.exe -> C:\WINDOWS\System32\dllcache\moviemk.exe -> [2010/02/20 08:27:59 | 003,558,912 | ---- | C | MD5 = E002A7E05185BD7FC7646CD229311B22] (Microsoft Corporation)
 Movie Maker -> C:\Program Files\Movie Maker -> [2010/02/20 08:27:59 | 000,000,000 | ---D | C]
 msobmain.dll -> C:\WINDOWS\System32\dllcache\msobmain.dll -> [2010/02/20 08:27:46 | 000,565,248 | ---- | C | MD5 = 7AEE2C65745A3E053343C04D2DB545EC] (Microsoft Corporation)
 msobdl.dll -> C:\WINDOWS\System32\dllcache\msobdl.dll -> [2010/02/20 08:27:46 | 000,016,384 | ---- | C | MD5 = 1397003EEB2E8168DC5A812F6F1E3BD6] (Microsoft Corporation)
 msobcomm.dll -> C:\WINDOWS\System32\dllcache\msobcomm.dll -> [2010/02/20 08:27:45 | 000,122,368 | ---- | C | MD5 = 4F41722B32202FEE8D251F28578C3215] (Microsoft Corporation)
 oobebaln.exe -> C:\WINDOWS\System32\dllcache\oobebaln.exe -> [2010/02/20 08:27:45 | 000,051,200 | ---- | C | MD5 = 108793450496F028BB9D0C6D6DE0ADE9] (Microsoft Corporation)
 msobshel.dll -> C:\WINDOWS\System32\dllcache\msobshel.dll -> [2010/02/20 08:27:45 | 000,030,720 | ---- | C | MD5 = 9B321E19786E073EF5949AD3222CDEB1] (Microsoft Corporation)
 msoobe.exe -> C:\WINDOWS\System32\dllcache\msoobe.exe -> [2010/02/20 08:27:45 | 000,029,184 | ---- | C | MD5 = 482AE619667429CD12D23A9089F5BF22] (Microsoft Corporation)
 msobweb.dll -> C:\WINDOWS\System32\dllcache\msobweb.dll -> [2010/02/20 08:27:45 | 000,019,456 | ---- | C | MD5 = 62F013A78163643A2E638AF9739B788E] (Microsoft Corporation)
 uploadm.exe -> C:\WINDOWS\System32\dllcache\uploadm.exe -> [2010/02/20 08:27:42 | 000,150,528 | ---- | C | MD5 = F8709DDF1063462FECE91F386FF7BA99] (Microsoft Corporation)
 safrslv.dll -> C:\WINDOWS\System32\safrslv.dll -> [2010/02/20 08:27:42 | 000,045,568 | ---- | C | MD5 = 62A9B35C335A85311DC1280568CE9D89] (Microsoft Corporation)
 safrslv.dll -> C:\WINDOWS\System32\dllcache\safrslv.dll -> [2010/02/20 08:27:42 | 000,045,568 | ---- | C | MD5 = 62A9B35C335A85311DC1280568CE9D89] (Microsoft Corporation)
 safrcdlg.dll -> C:\WINDOWS\System32\safrcdlg.dll -> [2010/02/20 08:27:42 | 000,043,520 | ---- | C | MD5 = CC8E648AE54B18037F7D0A91D196FE91] (Microsoft Corporation)
 safrcdlg.dll -> C:\WINDOWS\System32\dllcache\safrcdlg.dll -> [2010/02/20 08:27:42 | 000,043,520 | ---- | C | MD5 = CC8E648AE54B18037F7D0A91D196FE91] (Microsoft Corporation)
 racpldlg.dll -> C:\WINDOWS\System32\racpldlg.dll -> [2010/02/20 08:27:42 | 000,043,520 | ---- | C | MD5 = 59AD4CEDBFCD1EEFCAC19E25BA15E2F3] (Microsoft Corporation)
 racpldlg.dll -> C:\WINDOWS\System32\dllcache\racpldlg.dll -> [2010/02/20 08:27:42 | 000,043,520 | ---- | C | MD5 = 59AD4CEDBFCD1EEFCAC19E25BA15E2F3] (Microsoft Corporation)
 safrdm.dll -> C:\WINDOWS\System32\safrdm.dll -> [2010/02/20 08:27:42 | 000,029,696 | ---- | C | MD5 = 482A0A0E3AE3F6A2564F8BE32767DCDB] (Microsoft Corporation)
 safrdm.dll -> C:\WINDOWS\System32\dllcache\safrdm.dll -> [2010/02/20 08:27:42 | 000,029,696 | ---- | C | MD5 = 482A0A0E3AE3F6A2564F8BE32767DCDB] (Microsoft Corporation)
 pchshell.dll -> C:\WINDOWS\System32\dllcache\pchshell.dll -> [2010/02/20 08:27:41 | 000,102,912 | ---- | C | MD5 = D62DF91F9C1BE7A5FD422C3408E988E4] (Microsoft Corporation)
 pchsvc.dll -> C:\WINDOWS\System32\dllcache\pchsvc.dll -> [2010/02/20 08:27:41 | 000,038,400 | ---- | C | MD5 = 4FCCA060DFE0C51A09DD5C3843888BCD] (Microsoft Corporation)
 helpsvc.exe -> C:\WINDOWS\System32\dllcache\helpsvc.exe -> [2010/02/20 08:27:39 | 000,744,448 | ---- | C | MD5 = B9CBAEA39CEA686827D152C650247EED] (Microsoft Corporation)
 msconfig.exe -> C:\WINDOWS\System32\dllcache\msconfig.exe -> [2010/02/20 08:27:39 | 000,169,984 | ---- | C | MD5 = A81135541C9D4EBCE43EFA8AD31395B4] (Microsoft Corporation)
 hscupd.exe -> C:\WINDOWS\System32\dllcache\hscupd.exe -> [2010/02/20 08:27:39 | 000,018,432 | ---- | C | MD5 = E40E2580AB6FF1EF4867535E085A7005] (Microsoft Corporation)
 helpctr.exe -> C:\WINDOWS\System32\dllcache\helpctr.exe -> [2010/02/20 08:27:38 | 000,769,024 | ---- | C | MD5 = B32A4DB8FA8BA07AFB1E86F8C9FB852E] (Microsoft Corporation)
 fltmgr.sys -> C:\WINDOWS\System32\dllcache\fltmgr.sys -> [2010/02/20 08:27:38 | 000,129,792 | ---- | C | MD5 = B2CF4B0786F8212CB92ED2B50C6DB6B0] (Microsoft Corporation)
 fltMc.exe -> C:\WINDOWS\System32\fltMc.exe -> [2010/02/20 08:27:38 | 000,023,040 | ---- | C | MD5 = 1DE61BAEDE3FD349B7AE86F428C25482] (Microsoft Corporation)
 fltmc.exe -> C:\WINDOWS\System32\dllcache\fltmc.exe -> [2010/02/20 08:27:38 | 000,023,040 | ---- | C | MD5 = 1DE61BAEDE3FD349B7AE86F428C25482] (Microsoft Corporation)
 fltlib.dll -> C:\WINDOWS\System32\dllcache\fltlib.dll -> [2010/02/20 08:27:38 | 000,016,896 | ---- | C | MD5 = 5D43C9A33F18C707BA169AFDA88BDF30] (Microsoft Corporation)
 rstrui.exe -> C:\WINDOWS\System32\dllcache\rstrui.exe -> [2010/02/20 08:27:37 | 000,380,416 | ---- | C | MD5 = BD6C1488F63D64DEA8EE514802FC2CDD] (Microsoft Corporation)
 srrstr.dll -> C:\WINDOWS\System32\srrstr.dll -> [2010/02/20 08:27:37 | 000,239,104 | ---- | C | MD5 = 92E2A2574186BCBB7027A6048E1B8B1B] (Microsoft Corporation)
 srrstr.dll -> C:\WINDOWS\System32\dllcache\srrstr.dll -> [2010/02/20 08:27:37 | 000,239,104 | ---- | C | MD5 = 92E2A2574186BCBB7027A6048E1B8B1B] (Microsoft Corporation)
 srsvc.dll -> C:\WINDOWS\System32\dllcache\srsvc.dll -> [2010/02/20 08:27:37 | 000,171,008 | ---- | C | MD5 = 3805DF0AC4296A34BA4BF93B346CC378] (Microsoft Corporation)
 sr.sys -> C:\WINDOWS\System32\dllcache\sr.sys -> [2010/02/20 08:27:37 | 000,073,472 | ---- | C | MD5 = 76BB022C2FB6902FD5BDD4F78FC13A5D] (Microsoft Corporation)
 srclient.dll -> C:\WINDOWS\System32\dllcache\srclient.dll -> [2010/02/20 08:27:37 | 000,067,584 | ---- | C | MD5 = 77A54BDFBAD4604E6131AE68E3CF76D6] (Microsoft Corporation)
 Restore -> C:\WINDOWS\System32\Restore -> [2010/02/20 08:27:37 | 000,000,000 | ---D | C]
 ils.dll -> C:\WINDOWS\System32\ils.dll -> [2010/02/20 08:27:36 | 000,081,920 | ---- | C | MD5 = A1E481512C1602C36D3384FEB7DDEC12] (Microsoft Corporation)
 ils.dll -> C:\WINDOWS\System32\dllcache\ils.dll -> [2010/02/20 08:27:36 | 000,081,920 | ---- | C | MD5 = A1E481512C1602C36D3384FEB7DDEC12] (Microsoft Corporation)
 mnmdd.dll -> C:\WINDOWS\System32\mnmdd.dll -> [2010/02/20 08:27:36 | 000,034,560 | ---- | C | MD5 = 621822F2F2BDE521D3FC687B62659B76] (Microsoft Corporation)
 mnmdd.dll -> C:\WINDOWS\System32\dllcache\mnmdd.dll -> [2010/02/20 08:27:36 | 000,034,560 | ---- | C | MD5 = 621822F2F2BDE521D3FC687B62659B76] (Microsoft Corporation)
 nmmkcert.dll -> C:\WINDOWS\System32\nmmkcert.dll -> [2010/02/20 08:27:36 | 000,028,672 | ---- | C | MD5 = 14E333392A7C41AF18F21849AEE1741E] (Microsoft Corporation)
 nmmkcert.dll -> C:\WINDOWS\System32\dllcache\nmmkcert.dll -> [2010/02/20 08:27:36 | 000,028,672 | ---- | C | MD5 = 14E333392A7C41AF18F21849AEE1741E] (Microsoft Corporation)
 callcont.dll -> C:\WINDOWS\System32\dllcache\callcont.dll -> [2010/02/20 08:27:35 | 000,385,024 | ---- | C | MD5 = 58B72FA16E492BE251BE8BAED4EEEA5E] (Microsoft Corporation)
 nmas.dll -> C:\WINDOWS\System32\dllcache\nmas.dll -> [2010/02/20 08:27:35 | 000,229,376 | ---- | C | MD5 = 9919666EDF0CA103CFDF73311745FA8B] (Microsoft Corporation)
 msconf.dll -> C:\WINDOWS\System32\msconf.dll -> [2010/02/20 08:27:35 | 000,069,632 | ---- | C | MD5 = BBF115327F043F0BD46C58393261E6DD] (Microsoft Corporation)
 msconf.dll -> C:\WINDOWS\System32\dllcache\msconf.dll -> [2010/02/20 08:27:35 | 000,069,632 | ---- | C | MD5 = BBF115327F043F0BD46C58393261E6DD] (Microsoft Corporation)
 dcap32.dll -> C:\WINDOWS\System32\dllcache\dcap32.dll -> [2010/02/20 08:27:35 | 000,040,960 | ---- | C | MD5 = 54394D27498A3A22FF45BF8D17673CC6] (Microsoft Corporation)
 mnmsrvc.exe -> C:\WINDOWS\System32\dllcache\mnmsrvc.exe -> [2010/02/20 08:27:35 | 000,032,768 | ---- | C | MD5 = D18F1F0C101D06A1C1ADF26EED16FCDD] (Microsoft Corporation)
 nmasnt.dll -> C:\WINDOWS\System32\dllcache\nmasnt.dll -> [2010/02/20 08:27:35 | 000,028,672 | ---- | C | MD5 = D8B40D49C178A1B75B7EDFCF7B2CB26C] (Microsoft Corporation)
 nac.dll -> C:\WINDOWS\System32\dllcache\nac.dll -> [2010/02/20 08:27:34 | 000,221,184 | ---- | C | MD5 = 9788B2D29359C3CC4BA4337B780F80A7] (Microsoft Corporation)
 nmcom.dll -> C:\WINDOWS\System32\dllcache\nmcom.dll -> [2010/02/20 08:27:34 | 000,077,824 | ---- | C | MD5 = 93D4EBED7A83167763559DBC96A5295F] (Microsoft Corporation)
 rrcm.dll -> C:\WINDOWS\System32\dllcache\rrcm.dll -> [2010/02/20 08:27:34 | 000,061,440 | ---- | C | MD5 = 496735FD32B87280C3233ED7C92A9536] (Microsoft Corporation)
 h323cc.dll -> C:\WINDOWS\System32\dllcache\h323cc.dll -> [2010/02/20 08:27:34 | 000,057,344 | ---- | C | MD5 = B41E36C2A71D107C130F457449FFB918] (Microsoft Corporation)
 confmrsl.dll -> C:\WINDOWS\System32\dllcache\confmrsl.dll -> [2010/02/20 08:27:34 | 000,045,056 | ---- | C | MD5 = D5E2052AB842AAA1A30E51D9B7A026E6] (Microsoft Corporation)
 mst120.dll -> C:\WINDOWS\System32\dllcache\mst120.dll -> [2010/02/20 08:27:33 | 000,274,432 | ---- | C | MD5 = 70CFD6B620446A192C9DC37A10E285AD] (Microsoft Corporation)
 nmwb.dll -> C:\WINDOWS\System32\dllcache\nmwb.dll -> [2010/02/20 08:27:33 | 000,188,416 | ---- | C | MD5 = 9513DF3EBD4E4DAE73E9F7B34575A884] (Microsoft Corporation)
 nmoldwb.dll -> C:\WINDOWS\System32\dllcache\nmoldwb.dll -> [2010/02/20 08:27:33 | 000,172,032 | ---- | C | MD5 = E913EBF5FD86B067E3E227E6A1D3CCD6] (Microsoft Corporation)
 nmft.dll -> C:\WINDOWS\System32\dllcache\nmft.dll -> [2010/02/20 08:27:33 | 000,151,552 | ---- | C | MD5 = 19FC9548C2594103C536EC30D6A497A4] (Microsoft Corporation)
 nmchat.dll -> C:\WINDOWS\System32\dllcache\nmchat.dll -> [2010/02/20 08:27:33 | 000,081,920 | ---- | C | MD5 = 4726AB38D7570B687DE5061B690B6856] (Microsoft Corporation)
 mst123.dll -> C:\WINDOWS\System32\dllcache\mst123.dll -> [2010/02/20 08:27:33 | 000,057,344 | ---- | C | MD5 = A60A37007B52F839044F37DCC26418E8] (Microsoft Corporation)
 conf.exe -> C:\WINDOWS\System32\dllcache\conf.exe -> [2010/02/20 08:27:32 | 001,032,192 | ---- | C | MD5 = 781DA7B4E3D8F28EB8BE9184BBD12811] (Microsoft Corporation)
 msoeacct.dll -> C:\WINDOWS\System32\msoeacct.dll -> [2010/02/20 08:27:32 | 000,252,928 | ---- | C | MD5 = 871888B4AA0CA343E73C81E94AD4ED93] (Microsoft Corporation)
 msoeacct.dll -> C:\WINDOWS\System32\dllcache\msoeacct.dll -> [2010/02/20 08:27:32 | 000,252,928 | ---- | C | MD5 = 871888B4AA0CA343E73C81E94AD4ED93] (Microsoft Corporation)
 msoert2.dll -> C:\WINDOWS\System32\msoert2.dll -> [2010/02/20 08:27:32 | 000,105,984 | ---- | C | MD5 = 0485AB01B862FB91C21D39BD60BDF2AC] (Microsoft Corporation)
 msoert2.dll -> C:\WINDOWS\System32\dllcache\msoert2.dll -> [2010/02/20 08:27:32 | 000,105,984 | ---- | C | MD5 = 0485AB01B862FB91C21D39BD60BDF2AC] (Microsoft Corporation)
 wab.exe -> C:\WINDOWS\System32\dllcache\wab.exe -> [2010/02/20 08:27:32 | 000,046,080 | ---- | C | MD5 = 8F08609E4E0B3D26814B3073A42DF415] (Microsoft Corporation)
 wabfind.dll -> C:\WINDOWS\System32\dllcache\wabfind.dll -> [2010/02/20 08:27:32 | 000,032,768 | ---- | C | MD5 = 3BF5D6639C726B4BAA9DBB3FA130B2C3] (Microsoft Corporation)
 wabmig.exe -> C:\WINDOWS\System32\dllcache\wabmig.exe -> [2010/02/20 08:27:32 | 000,030,208 | ---- | C | MD5 = 3DA1F70B0E28685A790E61567CB01C8C] (Microsoft Corporation)
 NetMeeting -> C:\Program Files\NetMeeting -> [2010/02/20 08:27:32 | 000,000,000 | ---D | C]
 wab32.dll -> C:\WINDOWS\System32\dllcache\wab32.dll -> [2010/02/20 08:27:31 | 000,510,976 | ---- | C | MD5 = 165A968CAA9734216FF0EB192F5FBD7F] (Microsoft Corporation)
 wab32res.dll -> C:\WINDOWS\System32\dllcache\wab32res.dll -> [2010/02/20 08:27:31 | 000,249,856 | ---- | C | MD5 = 9179353100DB37AE37B4D703E3FF3387] (Microsoft Corporation)
 directdb.dll -> C:\WINDOWS\System32\dllcache\directdb.dll -> [2010/02/20 08:27:31 | 000,086,528 | ---- | C | MD5 = A0C2CB21F4B521429F033FDEB18D63D7] (Microsoft Corporation)
 wabimp.dll -> C:\WINDOWS\System32\dllcache\wabimp.dll -> [2010/02/20 08:27:31 | 000,085,504 | ---- | C | MD5 = 0FF223E3CED361D7570959BEFF8FA44F] (Microsoft Corporation)
 inetres.dll -> C:\WINDOWS\System32\inetres.dll -> [2010/02/20 08:27:31 | 000,048,128 | ---- | C | MD5 = A6F6923B46802785B9A47A03AE3CD8BF] (Microsoft Corporation)
 inetres.dll -> C:\WINDOWS\System32\dllcache\inetres.dll -> [2010/02/20 08:27:31 | 000,048,128 | ---- | C | MD5 = A6F6923B46802785B9A47A03AE3CD8BF] (Microsoft Corporation)
 inetcomm.dll -> C:\WINDOWS\System32\dllcache\inetcomm.dll -> [2010/02/20 08:27:30 | 000,691,712 | ---- | C | MD5 = 1853EF92E14E84EA982ABE9156CE14EF] (Microsoft Corporation)
 oeimport.dll -> C:\WINDOWS\System32\dllcache\oeimport.dll -> [2010/02/20 08:27:30 | 000,104,448 | ---- | C | MD5 = C3228251A53AF828A2F0A1C5439963D7] (Microsoft Corporation)
 msimn.exe -> C:\WINDOWS\System32\dllcache\msimn.exe -> [2010/02/20 08:27:30 | 000,060,416 | ---- | C | MD5 = 1EEAE496A51F017D04DD41322935D2B9] (Microsoft Corporation)
 msoeres.dll -> C:\WINDOWS\System32\dllcache\msoeres.dll -> [2010/02/20 08:27:29 | 002,479,616 | ---- | C | MD5 = 116AA2B169ABD0B620961CAFF0AEAC84] (Microsoft Corporation)
 mstask.dll -> C:\WINDOWS\System32\dllcache\mstask.dll -> [2010/02/20 08:27:28 | 000,274,944 | ---- | C | MD5 = 4044E880593FE1AC9942190FCE414BE7] (Microsoft Corporation)
 schedsvc.dll -> C:\WINDOWS\System32\dllcache\schedsvc.dll -> [2010/02/20 08:27:28 | 000,192,512 | ---- | C | MD5 = 0A9A7365A1CA4319AA7C1D6CD8E4EAFA] (Microsoft Corporation)
 setup50.exe -> C:\WINDOWS\System32\dllcache\setup50.exe -> [2010/02/20 08:27:28 | 000,073,216 | ---- | C | MD5 = 8058C01E0B96EC2F74FF764BE1B67D7F] (Microsoft Corporation)
 oemig50.exe -> C:\WINDOWS\System32\dllcache\oemig50.exe -> [2010/02/20 08:27:28 | 000,060,416 | ---- | C | MD5 = 63A25A27D494BDD49D995EADAA44A53B] (Microsoft Corporation)
 oemiglib.dll -> C:\WINDOWS\System32\dllcache\oemiglib.dll -> [2010/02/20 08:27:28 | 000,035,328 | ---- | C | MD5 = 7AEEBBB73BA93D7524E193FF7F1DC731] (Microsoft Corporation)
 mstinit.exe -> C:\WINDOWS\System32\mstinit.exe -> [2010/02/20 08:27:28 | 000,012,288 | ---- | C | MD5 = D5788A5243D1DD160E0F97AA4808B2BE] (Microsoft Corporation)
 mstinit.exe -> C:\WINDOWS\System32\dllcache\mstinit.exe -> [2010/02/20 08:27:28 | 000,012,288 | ---- | C | MD5 = D5788A5243D1DD160E0F97AA4808B2BE] (Microsoft Corporation)
 Outlook Express -> C:\Program Files\Outlook Express -> [2010/02/20 08:27:28 | 000,000,000 | ---D | C]
 inetcfg.dll -> C:\WINDOWS\System32\inetcfg.dll -> [2010/02/20 08:27:27 | 000,274,432 | ---- | C | MD5 = 474EABDCA846408BB854EE6542888D29] (Microsoft Corporation)
 inetcfg.dll -> C:\WINDOWS\System32\dllcache\inetcfg.dll -> [2010/02/20 08:27:27 | 000,274,432 | ---- | C | MD5 = 474EABDCA846408BB854EE6542888D29] (Microsoft Corporation)
 isign32.dll -> C:\WINDOWS\System32\isign32.dll -> [2010/02/20 08:27:27 | 000,081,920 | ---- | C | MD5 = F15BDF85AA23961FB61338D34B988B1C] (Microsoft Corporation)
 isign32.dll -> C:\WINDOWS\System32\dllcache\isign32.dll -> [2010/02/20 08:27:27 | 000,081,920 | ---- | C | MD5 = F15BDF85AA23961FB61338D34B988B1C] (Microsoft Corporation)
 icwdial.dll -> C:\WINDOWS\System32\icwdial.dll -> [2010/02/20 08:27:27 | 000,073,728 | ---- | C | MD5 = 009F0BE67B62150904D266A1D5BDC95B] (Microsoft Corporation)
 icwdial.dll -> C:\WINDOWS\System32\dllcache\icwdial.dll -> [2010/02/20 08:27:27 | 000,073,728 | ---- | C | MD5 = 009F0BE67B62150904D266A1D5BDC95B] (Microsoft Corporation)
 icwphbk.dll -> C:\WINDOWS\System32\icwphbk.dll -> [2010/02/20 08:27:27 | 000,065,536 | ---- | C | MD5 = 922ED2C991F4D05107467C854D38BB71] (Microsoft Corporation)
 icwphbk.dll -> C:\WINDOWS\System32\dllcache\icwphbk.dll -> [2010/02/20 08:27:27 | 000,065,536 | ---- | C | MD5 = 922ED2C991F4D05107467C854D38BB71] (Microsoft Corporation)
 icwhelp.dll -> C:\WINDOWS\System32\dllcache\icwhelp.dll -> [2010/02/20 08:27:26 | 000,172,032 | ---- | C | MD5 = 6EC79F9CD3FA2EEE99E31B4D5F1A7D8A] (Microsoft Corporation)
 icwconn.dll -> C:\WINDOWS\System32\dllcache\icwconn.dll -> [2010/02/20 08:27:26 | 000,061,440 | ---- | C | MD5 = 1FA1BA149106E56869D7EF601F70605A] (Microsoft Corporation)
 icwutil.dll -> C:\WINDOWS\System32\dllcache\icwutil.dll -> [2010/02/20 08:27:26 | 000,049,152 | ---- | C | MD5 = 2A5C863C8DA85727E37759A37B468B5B] (Microsoft Corporation)
 icwdl.dll -> C:\WINDOWS\System32\dllcache\icwdl.dll -> [2010/02/20 08:27:26 | 000,032,768 | ---- | C | MD5 = D898B162DDFAEC91F371197D214D49FF] (Microsoft Corporation)
 icwrmind.exe -> C:\WINDOWS\System32\dllcache\icwrmind.exe -> [2010/02/20 08:27:26 | 000,024,576 | ---- | C | MD5 = 762E8FB1BC0AC306DC0CFCE76FFEB934] (Microsoft Corporation)
 inetwiz.exe -> C:\WINDOWS\System32\dllcache\inetwiz.exe -> [2010/02/20 08:27:26 | 000,020,480 | ---- | C | MD5 = 967B5E52CA77911F2E6B3BD497A51766] (Microsoft Corporation)
 dao360.dll -> C:\WINDOWS\System32\dllcache\dao360.dll -> [2010/02/20 08:27:25 | 000,554,008 | ---- | C | MD5 = 54E10AD6EBBEDCB221ADED5D9F0C8F3F] (Microsoft Corporation)
 sqlxmlx.dll -> C:\WINDOWS\System32\dllcache\sqlxmlx.dll -> [2010/02/20 08:27:25 | 000,217,088 | ---- | C | MD5 = 87A071E9FC385EC4AC2877E5CBCFC007] (Microsoft Corporation)
 icwconn1.exe -> C:\WINDOWS\System32\dllcache\icwconn1.exe -> [2010/02/20 08:27:25 | 000,214,528 | ---- | C | MD5 = 5D4C1C55D0CE844E3D7E28413C2F8014] (Microsoft Corporation)
 icwconn2.exe -> C:\WINDOWS\System32\dllcache\icwconn2.exe -> [2010/02/20 08:27:25 | 000,086,016 | ---- | C | MD5 = EBEA03067798E4F96A69DF77DF81D2C8] (Microsoft Corporation)
 oledb32.dll -> C:\WINDOWS\System32\dllcache\oledb32.dll -> [2010/02/20 08:27:24 | 000,487,424 | ---- | C | MD5 = DC095DB6D468CB5B653E05F865487E57] (Microsoft Corporation)
 msdaps.dll -> C:\WINDOWS\System32\dllcache\msdaps.dll -> [2010/02/20 08:27:24 | 000,204,800 | ---- | C | MD5 = 90C12209E574F0E4BD304B259E3EBA15] (Microsoft Corporation)
 msdatl3.dll -> C:\WINDOWS\System32\dllcache\msdatl3.dll -> [2010/02/20 08:27:24 | 000,094,208 | ---- | C | MD5 = 73BAFFA0B02320690CDC606241078CE4] (Microsoft Corporation)
 msdaosp.dll -> C:\WINDOWS\System32\dllcache\msdaosp.dll -> [2010/02/20 08:27:24 | 000,077,824 | ---- | C | MD5 = AA9F095779F076D98EE782E809C3165F] (Microsoft Corporation)
 oledb32r.dll -> C:\WINDOWS\System32\dllcache\oledb32r.dll -> [2010/02/20 08:27:24 | 000,065,536 | ---- | C | MD5 = F86A2C7C279C746D5C5E06941ED4C337] (Microsoft Corporation)
 msdasql.dll -> C:\WINDOWS\System32\dllcache\msdasql.dll -> [2010/02/20 08:27:23 | 000,315,392 | ---- | C | MD5 = 1ED4C96EC76C3DDFCABD7644DA23F4B6] (Microsoft Corporation)
 msdaora.dll -> C:\WINDOWS\System32\dllcache\msdaora.dll -> [2010/02/20 08:27:23 | 000,233,472 | ---- | C | MD5 = 834C7566B55B282AB82BBF9A9BCDD067] (Microsoft Corporation)
 msadox.dll -> C:\WINDOWS\System32\dllcache\msadox.dll -> [2010/02/20 08:27:23 | 000,200,704 | ---- | C | MD5 = 66686516C9A0B2125CC6FFFBA6E21BD2] (Microsoft Corporation)
 msadomd.dll -> C:\WINDOWS\System32\dllcache\msadomd.dll -> [2010/02/20 08:27:23 | 000,180,224 | ---- | C | MD5 = 89B2E9F4A4E7C2EC8BB66CD17A4E3721] (Microsoft Corporation)
 msjro.dll -> C:\WINDOWS\System32\dllcache\msjro.dll -> [2010/02/20 08:27:23 | 000,102,400 | ---- | C | MD5 = 52942890468AEEB1D05ACAD1E0507A73] (Microsoft Corporation)
 msado27.tlb -> C:\WINDOWS\System32\dllcache\msado27.tlb -> [2010/02/20 08:27:23 | 000,081,920 | ---- | C | MD5 = 568F8C952FDED8842E114F410177208A] (Microsoft Corporation)
 msado26.tlb -> C:\WINDOWS\System32\dllcache\msado26.tlb -> [2010/02/20 08:27:23 | 000,081,920 | ---- | C | MD5 = 1482903CD9039BB36854B17D6F3D0E22] (Microsoft Corporation)
 msador15.dll -> C:\WINDOWS\System32\dllcache\msador15.dll -> [2010/02/20 08:27:23 | 000,057,344 | ---- | C | MD5 = B341ACD9DB66897D34110A8A581EE929] (Microsoft Corporation)
 msadrh15.dll -> C:\WINDOWS\System32\dllcache\msadrh15.dll -> [2010/02/20 08:27:23 | 000,057,344 | ---- | C | MD5 = 31ACFC16CB9ED1CE1B4E7BD85C835281] (Microsoft Corporation)
 msxactps.dll -> C:\WINDOWS\System32\dllcache\msxactps.dll -> [2010/02/20 08:27:23 | 000,024,576 | ---- | C | MD5 = 816960FE20C4F01E70213BE5BF4F02AC] (Microsoft Corporation)
 msdatt.dll -> C:\WINDOWS\System32\dllcache\msdatt.dll -> [2010/02/20 08:27:23 | 000,020,480 | ---- | C | MD5 = B1A9F6066BF9314AE00AA03F1B733770] (Microsoft Corporation)
 msdaorar.dll -> C:\WINDOWS\System32\dllcache\msdaorar.dll -> [2010/02/20 08:27:23 | 000,016,384 | ---- | C | MD5 = A0FBC2CB3CB9B418B77260739049EFE8] (Microsoft Corporation)
 msdasqlr.dll -> C:\WINDOWS\System32\dllcache\msdasqlr.dll -> [2010/02/20 08:27:23 | 000,016,384 | ---- | C | MD5 = 8985FCECE06A74017E23DDD093E34D4E] (Microsoft Corporation)
 msdaer.dll -> C:\WINDOWS\System32\dllcache\msdaer.dll -> [2010/02/20 08:27:23 | 000,004,096 | ---- | C | MD5 = EE3012FD55CD57CBF5C0B75D6D22BBDD] (Microsoft Corporation)
 msdaenum.dll -> C:\WINDOWS\System32\dllcache\msdaenum.dll -> [2010/02/20 08:27:23 | 000,004,096 | ---- | C | MD5 = E3D1DAB43EDCB21D2E763A4C15572B3F] (Microsoft Corporation)
 msdasc.dll -> C:\WINDOWS\System32\dllcache\msdasc.dll -> [2010/02/20 08:27:23 | 000,004,096 | ---- | C | MD5 = 9BC8FA7430744404AC5234832BCD21BA] (Microsoft Corporation)
 msdaurl.dll -> C:\WINDOWS\System32\dllcache\msdaurl.dll -> [2010/02/20 08:27:23 | 000,004,096 | ---- | C | MD5 = 6759E216E144771DF99F3126A5DCE8C5] (Microsoft Corporation)
 msdadc.dll -> C:\WINDOWS\System32\dllcache\msdadc.dll -> [2010/02/20 08:27:23 | 000,004,096 | ---- | C | MD5 = 4E1EC00D83B5A6E992EF606A0B68E368] (Microsoft Corporation)
 msado15.dll -> C:\WINDOWS\System32\dllcache\msado15.dll -> [2010/02/20 08:27:22 | 000,536,576 | ---- | C | MD5 = 6942705E4DA38BD086CD75883A671DBD] (Microsoft Corporation)
 msdaprst.dll -> C:\WINDOWS\System32\dllcache\msdaprst.dll -> [2010/02/20 08:27:22 | 000,200,704 | ---- | C | MD5 = 729E04D0810CBF1EBD0C87F362DCB5E1] (Microsoft Corporation)
 msdarem.dll -> C:\WINDOWS\System32\dllcache\msdarem.dll -> [2010/02/20 08:27:22 | 000,118,784 | ---- | C | MD5 = 4CA9E510FD464F38BADC028130A80466] (Microsoft Corporation)
 msado25.tlb -> C:\WINDOWS\System32\dllcache\msado25.tlb -> [2010/02/20 08:27:22 | 000,081,920 | ---- | C | MD5 = 6D5F61E44C93BD0860D42BFC3F712FE1] (Microsoft Corporation)
 msado21.tlb -> C:\WINDOWS\System32\dllcache\msado21.tlb -> [2010/02/20 08:27:22 | 000,061,440 | ---- | C | MD5 = DA4BF173DA0762E25BD112E0C767A6A3] (Microsoft Corporation)
 msado20.tlb -> C:\WINDOWS\System32\dllcache\msado20.tlb -> [2010/02/20 08:27:22 | 000,061,440 | ---- | C | MD5 = B969831556B0990D575154557B590B32] (Microsoft Corporation)
 msdfmap.dll -> C:\WINDOWS\System32\dllcache\msdfmap.dll -> [2010/02/20 08:27:22 | 000,036,864 | ---- | C | MD5 = 77AAF0F1D0166DFD134FAD415959EE9C] (Microsoft Corporation)
 msader15.dll -> C:\WINDOWS\System32\dllcache\msader15.dll -> [2010/02/20 08:27:22 | 000,024,576 | ---- | C | MD5 = 270CA376EC40E7A7AAB16E827FCFCEA2] (Microsoft Corporation)
 msdaremr.dll -> C:\WINDOWS\System32\dllcache\msdaremr.dll -> [2010/02/20 08:27:22 | 000,016,384 | ---- | C | MD5 = E8A7CE141AB7AD66B1F6400374C5E2F1] (Microsoft Corporation)
 msdaprsr.dll -> C:\WINDOWS\System32\dllcache\msdaprsr.dll -> [2010/02/20 08:27:22 | 000,016,384 | ---- | C | MD5 = 3E4FC53DE3851FD04663B66DBBA991CD] (Microsoft Corporation)
 msadce.dll -> C:\WINDOWS\System32\dllcache\msadce.dll -> [2010/02/20 08:27:21 | 000,331,776 | ---- | C | MD5 = 142CEDECAE89E372EE347681C3FBB257] (Microsoft Corporation)
 msadds.dll -> C:\WINDOWS\System32\dllcache\msadds.dll -> [2010/02/20 08:27:21 | 000,155,648 | ---- | C | MD5 = 020251E6F9FE3C88B415F2855C1EA682] (Microsoft Corporation)
 msadco.dll -> C:\WINDOWS\System32\dllcache\msadco.dll -> [2010/02/20 08:27:21 | 000,143,360 | ---- | C | MD5 = E0E6648BD34E9BA999C7BD6FD9675398] (Microsoft Corporation)
 msadcf.dll -> C:\WINDOWS\System32\dllcache\msadcf.dll -> [2010/02/20 08:27:21 | 000,061,440 | ---- | C | MD5 = 2313601F98EAAF5E619C991BA10CD601] (Microsoft Corporation)
 msadcs.dll -> C:\WINDOWS\System32\dllcache\msadcs.dll -> [2010/02/20 08:27:21 | 000,053,248 | ---- | C | MD5 = 76A5754959F55764B381A5963F3D8CF2] (Microsoft Corporation)
 msaddsr.dll -> C:\WINDOWS\System32\dllcache\msaddsr.dll -> [2010/02/20 08:27:21 | 000,024,576 | ---- | C | MD5 = D682213C0DD7BF29B5FC5CE176372235] (Microsoft Corporation)
 msadcer.dll -> C:\WINDOWS\System32\dllcache\msadcer.dll -> [2010/02/20 08:27:21 | 000,020,480 | ---- | C | MD5 = 81E9041DAC0983AACE5C8920AF73D64E] (Microsoft Corporation)
 msadcfr.dll -> C:\WINDOWS\System32\dllcache\msadcfr.dll -> [2010/02/20 08:27:21 | 000,016,384 | ---- | C | MD5 = 78C37CC9AB08FEFD59264129A75C09AA] (Microsoft Corporation)
 msadcor.dll -> C:\WINDOWS\System32\dllcache\msadcor.dll -> [2010/02/20 08:27:21 | 000,016,384 | ---- | C | MD5 = 32801D0A8ADACB9740050175D376B02F] (Microsoft Corporation)
 System -> C:\Program Files\Common Files\System -> [2010/02/20 08:27:21 | 000,000,000 | ---D | C]
 iexplore.exe -> C:\WINDOWS\System32\dllcache\iexplore.exe -> [2010/02/20 08:27:20 | 000,638,816 | ---- | C | MD5 = B60DDDD2D63CE41CB8C487FCFBB6419E] (Microsoft Corporation)
 hmmapi.dll -> C:\WINDOWS\System32\dllcache\hmmapi.dll -> [2010/02/20 08:27:20 | 000,068,608 | ---- | C | MD5 = C44E7A5BEA311BD8F3DD973F107F24EC] (Microsoft Corporation)
 iedw.exe -> C:\WINDOWS\System32\dllcache\iedw.exe -> [2010/02/20 08:27:20 | 000,018,432 | ---- | C | MD5 = 04CE8D325E42F7011F937448DBB77971] (Microsoft Corporation)
 My Pictures -> C:\Documents and Settings\All Users\Documents\My Pictures -> [2010/02/20 08:27:19 | 000,000,000 | R--D | C]
 Internet Explorer -> C:\Program Files\Internet Explorer -> [2010/02/20 08:27:19 | 000,000,000 | ---D | C]
 ComPlus Applications -> C:\Program Files\ComPlus Applications -> [2010/02/20 08:26:55 | 000,000,000 | ---D | C]
 Registration -> C:\WINDOWS\Registration -> [2010/02/20 08:26:49 | 000,000,000 | ---D | C]
 My Music -> C:\Documents and Settings\All Users\Documents\My Music -> [2010/02/20 08:26:44 | 000,000,000 | R--D | C]
 Windows Media Player -> C:\Program Files\Windows Media Player -> [2010/02/20 08:26:44 | 000,000,000 | ---D | C]
 Online Services -> C:\Program Files\Online Services -> [2010/02/20 08:26:44 | 000,000,000 | ---D | C]
 bckgzm.exe -> C:\WINDOWS\System32\dllcache\bckgzm.exe -> [2010/02/20 08:26:38 | 000,042,577 | ---- | C | MD5 = 0F097E6EA2B20448AEE452A285A93EEC] (Microsoft Corporation)
 Messenger -> C:\Program Files\Messenger -> [2010/02/20 08:26:38 | 000,000,000 | ---D | C]