I also got this stupid intervalhehehe thing

[Stupid8000]

This will be the 1st virus I've got in years...and just after making the switch to Vista..whoops. Anyways, heres my logs. Hope O got these all right .

[Stupid8000]

Malwarebytes' Anti-Malware 1.30

Database version: 1430

Windows 6.0.6001 Service Pack 1

11/28/2008 10:28:21 PM

mbam-log-2008-11-28 (22-28-21).txt

Scan type: Quick Scan

Objects scanned: 36647

Time elapsed: 1 minute(s), 52 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

[Raid]

Important!

All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.

I need you to follow the instructions provided here

Pre- HJT Post Instructions

first.

I also need for you to download this program

OTListIt.exe

http://oldtimer.geekstogo.com/OTListIt.exe' rel="external nofollow">

to your desktop.

• Close all applications and windows so that you have nothing open and are at your Desktop
  
  
• Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.
  
  
• Place a checkmark in the
  "Scan All Users"
  checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)
  
  
• Click the Run Scan button
  
  
• NOTE:
  Please be patient and let the scan run without using the computer
  
  
• When the scan is complete, a text file (
  OTListIt.Txt
  ) will open in Notepad (if not, it can be found on your Desktop)
  
  
• In Notepad, click
  Edit
  ,
  Select all
  then
  Edit
  ,
  Copy
  
  
• Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.
  
  
• Submit your reply and close the Notepad window with
  OTList.txt
  
  
• Also OTListIt's
  Extras.txt
  log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window
  
  
• In Notepad, click
  Edit
  ,
  Select all
  then
  Edit
  ,
  Copy
  
  
• Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.
  
  
• NOTE:
  If the files (
  OTListIt.txt, Extras.txt
  ) do not appear in your taskbar, just open the files in notepad from your desktop.

  
  

Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.

[Stupid8000]

sorry..wasnt done posting yet...someone stopped over and I kinda forgot about this

Here the log from panda

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2008-11-28 23:15:44

PROTECTIONS: 1

MALWARE: 4

SUSPECTS: 0

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

avast! antivirus 4.8.1229 [VPS 081128-0] 4.8.1229 Yes Yes

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Big D\AppData\Roaming\Microsoft\Windows\Cookies\big_d@com[1].txt

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Big D\AppData\Roaming\Microsoft\Windows\Cookies\Low\big_d@atwola[2].txt

00431194 Adware/AdsRevenue Adware No 0 Yes No C:\Users\Big D\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IBE2DTX\mm[1].js

01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Users\Big D\AppData\Roaming\Microsoft\Windows\Cookies\Low\big_d@enhance[1].txt

;===============================================================================

================================================================================

=

===================

SUSPECTS

Sent Location S{<C5

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

VULNERABILITIES

Id Severity Description S{<C5

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

[Stupid8000]

OTListIt logfile created on: 11/28/2008 11:25:31 PM - Run 3

OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Users\Big D\Desktop

Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 48.93% Memory free

4.00 Gb Paging File | 2.93 Gb Available in Paging File | 73.26% Paging File free

Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 232.88 Gb Total Space | 205.13 Gb Free Space | 88.08% Space Free | Partition Type: NTFS

Drive D: | 232.88 Gb Total Space | 105.04 Gb Free Space | 45.10% Space Free | Partition Type: NTFS

Drive E: | 480.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive F: | 3.54 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Drive G: | 74.53 Gb Total Space | 33.15 Gb Free Space | 44.48% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: BIGD-PC

Current User Name: Big D

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

========== Processes ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe

[2008/07/19 10:25:06 | 00,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

[2008/07/19 10:38:28 | 00,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe

[2008/07/19 10:38:04 | 00,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

[2008/07/23 10:25:45 | 00,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

[2008/01/05 06:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

[2008/07/19 10:38:34 | 00,078,008 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe

[2008/11/28 00:07:09 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Users\Big D\Desktop\OTListIt.exe

========== (O23) Win32 Services ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])

[2008/07/19 10:25:06 | 00,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])

[2008/07/19 10:38:28 | 00,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])

[2008/07/19 10:38:04 | 00,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])

[2008/07/23 10:25:45 | 00,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])

[2008/01/05 06:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Running])

[2008/01/05 06:25:45 | 00,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Running])

[2008/01/19 03:00:14 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])

[2008/01/19 03:00:14 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])

[2008/01/05 06:23:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

[2006/11/02 04:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\keyiso.dll -- (KeyIso [On_Demand | Stopped])

[2006/11/02 08:34:14 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [unknown | Stopped])

[2008/01/19 02:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll -- (Netlogon [On_Demand | Stopped])

[2008/01/05 06:23:05 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

File not found -- -- (nvsvc [Auto | Running])

[2008/01/19 02:33:19 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost [On_Demand | Stopped])

[2006/11/02 01:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\System32\wbem\vds.mof -- (vds [On_Demand | Stopped])

[2006/11/02 01:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\System32\wbem\vss.mof -- (VSS [On_Demand | Stopped])

[2008/01/19 03:00:47 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])

[2008/01/19 02:33:28 | 00,302,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])

========== Driver Services ==========

[2008/01/19 03:12:01 | 00,486,456 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_adp94xx.inf_31bf3856ad364e35_6.0.6001.18000_none_5e0fcb9b69814f7b\adp94xx.sys -- (adp94xx [Disabled | Stopped])

[2008/01/19 03:11:40 | 00,342,584 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_adpahci.inf_31bf3856ad364e35_6.0.6001.18000_none_c05c13aa3dfbc961\adpahci.sys -- (adpahci [Disabled | Stopped])

[2008/01/19 03:10:01 | 00,126,520 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_adpu160m.inf_31bf3856ad364e35_6.0.6001.18000_none_f2feed0b63bf261d\adpu160m.sys -- (adpu160m [Disabled | Stopped])

[2008/01/19 03:11:12 | 00,185,912 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_adpu320.inf_31bf3856ad364e35_6.0.6001.18000_none_f4cbbad1148c6b4a\adpu320.sys -- (adpu320 [Disabled | Stopped])

[2008/11/27 15:09:22 | 00,018,488 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\aliide.sys -- (aliide [Disabled | Stopped])

[2008/01/19 03:09:34 | 00,090,680 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_arc.inf_31bf3856ad364e35_6.0.6001.18000_none_7bfed8c7803713cf\arc.sys -- (arc [Disabled | Stopped])

[2008/01/19 03:09:37 | 00,091,192 | ---- | M] (Adaptec, Inc.) -- C:\Windows\WinSxS\amd64_arcsas.inf_31bf3856ad364e35_6.0.6001.18000_none_771684264153c2d4\arcsas.sys -- (arcsas [Disabled | Stopped])

File not found -- -- (aswFsBlk [Auto | Running])

File not found -- -- (aswMonFlt [Auto | Running])

File not found -- -- (aswRdr [system | Running])

File not found -- -- (aswSP [system | Running])

File not found -- -- (aswTdi [system | Running])

[2006/09/18 16:30:15 | 00,018,432 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\WinSxS\amd64_brmfcsto.inf_31bf3856ad364e35_6.0.6001.18000_none_800ff95700142785\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])

[2006/09/18 16:30:15 | 00,008,704 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\WinSxS\amd64_brmfcsto.inf_31bf3856ad364e35_6.0.6001.18000_none_800ff95700142785\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])

[2008/11/27 15:09:22 | 00,020,536 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\cmdide.sys -- (cmdide [Disabled | Stopped])

[2008/11/27 15:54:00 00,000,000 | ---D | M] -- C:\Windows\CSC -- (CSC [system | Running])

[2008/01/05 06:22:47 | 00,146,176 | ---- | M] (Intel Corporation) -- C:\Windows\WinSxS\amd64_nete1g3e.inf_31bf3856ad364e35_6.0.6001.18000_none_04b0c96be9c034d3\E1G6032E.sys -- (E1G60 [On_Demand | Stopped])

[2008/01/19 03:11:53 | 00,397,368 | ---- | M] (Emulex) -- C:\Windows\WinSxS\amd64_elxstor.inf_31bf3856ad364e35_6.0.6001.18000_none_08ac13ff69b034ee\elxstor.sys -- (elxstor [Disabled | Stopped])

[2008/01/19 03:08:42 | 00,047,672 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\WinSxS\amd64_hpcisss.inf_31bf3856ad364e35_6.0.6001.18000_none_d59c6600292b9522\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])

[2008/01/19 03:11:31 | 00,290,872 | ---- | M] (Intel Corporation) -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys -- (iaStorV [Disabled | Stopped])

File not found -- -- (IntcAzAudAddService [On_Demand | Running])

[2008/01/19 03:09:57 | 00,113,720 | ---- | M] (LSI Logic) -- C:\Windows\WinSxS\amd64_lsi_fc.inf_31bf3856ad364e35_6.0.6001.18000_none_c59b4ac1fa719137\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])

[2008/01/19 03:09:48 | 00,105,016 | ---- | M] (LSI Logic) -- C:\Windows\WinSxS\amd64_lsi_sas.inf_31bf3856ad364e35_6.0.6001.18000_none_5b86b7f9e8ff0dc5\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])

[2008/01/19 03:09:56 | 00,113,720 | ---- | M] (LSI Logic) -- C:\Windows\WinSxS\amd64_lsi_scsi.inf_31bf3856ad364e35_6.0.6001.18000_none_f883c787da42af0c\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])

[2008/01/19 03:08:18 | 00,035,896 | ---- | M] (LSI Corporation) -- C:\Windows\WinSxS\amd64_megasas.inf_31bf3856ad364e35_6.0.6001.18000_none_8c5ef0c0070fb814\megasas.sys -- (megasas [Disabled | Stopped])

[2008/11/27 14:30:17 | 00,001,088 | ---- | M] () -- C:\Windows\System32\wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])

[2006/10/13 22:04:34 | 05,942,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\WinSxS\amd64_nv_lh.inf_31bf3856ad364e35_6.0.6001.18000_none_4a8627558332bbba\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])

[2008/01/19 03:10:12 | 00,128,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys -- (nvraid [Disabled | Stopped])

[2008/01/19 03:08:50 | 00,054,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys -- (nvstor [Disabled | Stopped])

[2008/01/19 03:12:10 | 01,221,176 | ---- | M] (QLogic Corporation) -- C:\Windows\WinSxS\amd64_ql2300.inf_31bf3856ad364e35_6.0.6001.18000_none_90b29e0f5eb4b0a1\ql2300.sys -- (ql2300 [Disabled | Stopped])

File not found -- -- (RTL8169 [On_Demand | Running])

[2006/09/29 18:51:44 | 00,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\WinSxS\amd64_macrovision-protection-safedisc_31bf3856ad364e35_6.0.6000.16386_none_b794b0d578b7ec2e\secdrv.sys -- (secdrv [Auto | Running])

[2008/01/19 03:09:28 | 00,078,392 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\WinSxS\amd64_sisraid4.inf_31bf3856ad364e35_6.0.6001.18000_none_8460e59f708bb476\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])

[2006/09/18 16:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\System32\wbem\tcpip.mof -- (Tcpip [boot | Running])

[2008/01/19 03:11:28 | 00,284,728 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\WinSxS\amd64_uliahci.inf_31bf3856ad364e35_6.0.6001.18000_none_a21b1cbb80e47096\uliahci.sys -- (uliahci [Disabled | Stopped])

[2006/11/02 06:51:19 | 00,174,696 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\WinSxS\amd64_ulsata2.inf_31bf3856ad364e35_6.0.6001.18000_none_9ce1027f4768b389\ulsata2.sys -- (ulsata2 [Disabled | Stopped])

[2008/11/27 15:09:22 | 00,020,536 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\viaide.sys -- (viaide [Disabled | Stopped])

[2008/01/19 03:10:22 | 00,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\WinSxS\amd64_vsmraid.inf_31bf3856ad364e35_6.0.6001.18000_none_508698a452d25e17\vsmraid.sys -- (vsmraid [Disabled | Stopped])

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =

URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

HKU\S-1-5-21-2796300703-1850896574-407000360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm

HKU\S-1-5-21-2796300703-1850896574-407000360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

HKU\S-1-5-21-2796300703-1850896574-407000360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

HKU\S-1-5-21-2796300703-1850896574-407000360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =

URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

HKU\S-1-5-21-2796300703-1850896574-407000360-1000\S-1-5-21-2796300703-1850896574-407000360-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (289934 bytes) - C:\Windows\System32\drivers\etc\Hosts

O1 - Hosts: 61.157.217.210 www.yahoo.com

O1 - Hosts: 61.157.217.210 www.google.com

O1 - Hosts: 61.157.217.210 www.google.co.uk

O1 - Hosts: 61.157.217.210 www.myspace.com

O1 - Hosts: 61.157.217.210 www.youtube.com

O1 - Hosts: 61.157.217.210 www.facebook.com

O1 - Hosts: 61.157.217.210 www.live.com

O1 - Hosts: 61.157.217.210 www.yahoo.com

O1 - Hosts: 61.157.217.210 www.yahoo.co.uk

O1 - Hosts: 61.157.217.210 www.antispyware.com

O1 - Hosts: 61.157.217.210 antispyware.com

O1 - Hosts: 61.157.217.210 antispy.com

O1 - Hosts: 61.157.217.210 www.msn.com

O1 - Hosts: 204.16.197.121 www.asfvb.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.3.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.657.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.34.com

O1 - Hosts: 10012 more lines...

O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKU\S-1-5-19..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17

O13 - gopher Prefix: missing

O15 - HKLM\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKCU\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\.DEFAULT\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\S-1-5-18\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\S-1-5-21-2796300703-1850896574-407000360-1000\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)

O18 - Protocol\Handler: - about - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler: - cdl - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler: - dvd - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler: - file - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler: - ftp - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler: - http - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler: - https - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler: - javascript - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler: - local - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler: - mailto - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler: - mk - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler: - res - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler: - tv - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler: - vbscript - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Filter: - deflate - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter: - gzip - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O20 - See sections below for AppInitDlls and Winlogon settings

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"Shell" = explorer.exe

>[2008/01/19 02:33:10 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\explorer.exe

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]

"SecurityProviders" = credssp.dll

>[2008/01/19 02:33:59 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

========== LSA *Security Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Security Packages" = kerberos,msv1_0,schannel,wdigest,tspkg,

>[2008/01/19 02:36:42 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

========== Autorun Files on Drives ==========

autoplay.exe [MZ

[Stupid8000]

<-->continuation<-->

[2008/11/28 21:25:40 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll

[2008/11/28 21:25:40 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll

[2008/11/28 21:25:40 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncobjapi.dll

[2008/11/28 21:25:39 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll

[2008/11/28 21:25:39 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extmgr.dll

[2008/11/28 21:25:39 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe

[2008/11/28 21:25:39 | 00,080,047 | ---- | C] () -- C:\Windows\System32\slmgr.vbs

[2008/11/28 21:25:39 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll

[2008/11/28 21:25:39 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe

[2008/11/28 21:25:39 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe

[2008/11/28 21:25:39 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll

[2008/11/28 21:25:38 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll

[2008/11/28 21:25:38 | 00,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe

[2008/11/28 21:25:38 | 00,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll

[2008/11/28 21:25:38 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll

[2008/11/28 21:25:38 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll

[2008/11/28 21:25:38 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll

[2008/11/28 21:25:38 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll

[2008/11/28 21:25:38 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll

[2008/11/28 21:25:38 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll

[2008/11/28 21:25:37 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe

[2008/11/28 21:25:37 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll

[2008/11/28 21:25:37 | 00,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll

[2008/11/28 21:25:37 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll

[2008/11/28 21:25:37 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe

[2008/11/28 21:25:37 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe

[2008/11/28 21:25:36 | 01,671,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll

[2008/11/28 21:25:36 | 01,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll

[2008/11/28 21:25:36 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll

[2008/11/28 21:25:36 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabview.dll

[2008/11/28 21:25:36 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe

[2008/11/28 21:25:35 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll

[2008/11/28 21:25:35 | 00,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll

[2008/11/28 21:25:35 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2008/11/28 21:25:35 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2008/11/28 21:25:35 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll

[2008/11/28 21:25:35 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll

[2008/11/28 21:25:34 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe

[2008/11/28 21:25:34 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL

[2008/11/28 21:25:33 | 00,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsquery.dll

[2008/11/28 21:25:32 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll

[2008/11/28 21:25:32 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll

[2008/11/28 21:25:32 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll

[2008/11/28 21:25:32 | 00,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll

[2008/11/28 21:25:32 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll

[2008/11/28 21:25:32 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll

[2008/11/28 21:25:31 | 01,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL

[2008/11/28 21:25:31 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll

[2008/11/28 21:25:31 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe

[2008/11/28 21:25:30 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll

[2008/11/28 21:25:30 | 02,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl

[2008/11/28 21:25:30 | 00,349,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll

[2008/11/28 21:25:30 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll

[2008/11/28 21:25:30 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll

[2008/11/28 21:25:30 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll

[2008/11/28 21:25:30 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll

[2008/11/28 21:25:30 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe

[2008/11/28 21:25:30 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL

[2008/11/28 21:25:30 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll

[2008/11/28 21:25:30 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe

[2008/11/28 21:25:29 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll

[2008/11/28 21:25:29 | 00,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll

[2008/11/28 21:25:29 | 00,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll

[2008/11/28 21:25:29 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

[2008/11/28 21:25:29 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2008/11/28 21:25:29 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll

[2008/11/28 21:25:28 | 00,925,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll

[2008/11/28 21:25:28 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll

[2008/11/28 21:25:28 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll

[2008/11/28 21:25:28 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll

[2008/11/28 21:25:28 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll

[2008/11/28 21:25:28 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll

[2008/11/28 21:25:27 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe

[2008/11/28 21:25:27 | 00,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll

[2008/11/28 21:25:27 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll

[2008/11/28 21:25:27 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll

[2008/11/28 21:25:27 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2008/11/28 21:25:27 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe

[2008/11/28 21:25:27 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe

[2008/11/28 21:25:27 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll

[2008/11/28 21:25:27 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll

[2008/11/28 21:25:26 | 00,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax

[2008/11/28 21:25:26 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll

[2008/11/28 21:25:26 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll

[2008/11/28 21:25:26 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE

[2008/11/28 21:25:26 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll

[2008/11/28 21:25:26 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe

[2008/11/28 21:25:26 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dssec.dll

[2008/11/28 21:25:25 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll

[2008/11/28 21:25:25 | 00,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll

[2008/11/28 21:25:25 | 00,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL

[2008/11/28 21:25:25 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll

[2008/11/28 21:25:25 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl

[2008/11/28 21:25:25 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\notepad.exe

[2008/11/28 21:25:25 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regedit.exe

[2008/11/28 21:25:25 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll

[2008/11/28 21:25:25 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll

[2008/11/28 21:25:24 | 00,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll

[2008/11/28 21:25:24 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll

[2008/11/28 21:25:23 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr

[2008/11/28 21:25:23 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2008/11/28 21:25:23 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll

[2008/11/28 21:25:23 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe

[2008/11/28 21:25:21 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll

[2008/11/28 21:25:20 | 01,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll

[2008/11/28 21:25:20 | 00,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll

[2008/11/28 21:25:20 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll

[2008/11/28 21:25:20 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msieftp.dll

[2008/11/28 21:25:20 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll

[2008/11/28 21:25:20 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll

[2008/11/28 21:25:20 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll

[2008/11/28 21:25:19 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll

[2008/11/28 21:25:19 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll

[2008/11/28 21:25:19 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syncui.dll

[2008/11/28 21:25:19 | 00,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgmts.dll

[2008/11/28 21:25:19 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll

[2008/11/28 21:25:19 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL

[2008/11/28 21:25:19 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll

[2008/11/28 21:25:19 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll

[2008/11/28 21:25:19 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll

[2008/11/28 21:25:19 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe

[2008/11/28 21:25:18 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll

[2008/11/28 21:25:18 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodev.dll

[2008/11/28 21:25:18 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL

[2008/11/28 21:25:18 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe

[2008/11/28 21:25:18 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll

[2008/11/28 21:25:18 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll

[2008/11/28 21:25:18 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe

[2008/11/28 21:25:17 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll

[2008/11/28 21:25:17 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskmgr.exe

[2008/11/28 21:25:17 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL

[2008/11/28 21:25:17 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe

[2008/11/28 21:25:17 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe

[2008/11/28 21:25:17 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll

[2008/11/28 21:25:16 | 00,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll

[2008/11/28 21:25:16 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll

[2008/11/28 21:25:16 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcshext.dll

[2008/11/28 21:25:16 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll

[2008/11/28 21:25:16 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe

[2008/11/28 21:25:16 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl.dll

[2008/11/28 21:25:16 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll

[2008/11/28 21:25:16 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe

[2008/11/28 21:25:15 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquoui.dll

[2008/11/28 21:25:15 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netplwiz.dll

[2008/11/28 21:25:15 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll

[2008/11/28 21:25:15 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe

[2008/11/28 21:25:15 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSEXT32.dll

[2008/11/28 21:25:15 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll

[2008/11/28 21:25:14 | 00,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL

[2008/11/28 21:25:14 | 00,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsuiext.dll

[2008/11/28 21:25:14 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpdxm.dll

[2008/11/28 21:25:14 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll

[2008/11/28 21:25:14 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll

[2008/11/28 21:25:14 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll

[2008/11/28 21:25:14 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe

[2008/11/28 21:25:14 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2008/11/28 21:25:14 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll

[2008/11/28 21:25:14 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll

[2008/11/28 21:25:14 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll

[2008/11/28 21:25:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE

[2008/11/28 21:25:13 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll

[2008/11/28 21:25:13 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll

[2008/11/28 21:25:13 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll

[2008/11/28 21:25:13 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe

[2008/11/28 21:25:13 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe

[2008/11/28 21:25:13 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe

[2008/11/28 21:25:12 | 00,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL

[2008/11/28 21:25:12 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll

[2008/11/28 21:25:12 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll

[2008/11/28 21:25:12 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll

[2008/11/28 21:25:12 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shimgvw.dll

[2008/11/28 21:25:12 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe

[2008/11/28 21:25:12 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

[2008/11/28 21:25:12 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe

[2008/11/28 21:25:12 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll

[2008/11/28 21:25:12 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll

[2008/11/28 21:25:12 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Sens.dll

[2008/11/28 21:25:12 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll

[2008/11/28 21:25:12 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll

[2008/11/28 21:25:11 | 00,443,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiashext.dll

[2008/11/28 21:25:11 | 00,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll

[2008/11/28 21:25:11 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2008/11/28 21:25:11 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll

[2008/11/28 21:25:11 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll

[2008/11/28 21:25:11 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll

[2008/11/28 21:25:11 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll

[2008/11/28 21:25:11 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe

[2008/11/28 21:25:10 | 01,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL

[2008/11/28 21:25:10 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll

[2008/11/28 21:25:10 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll

[2008/11/28 21:25:10 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe

[2008/11/28 21:25:10 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll

[2008/11/28 21:25:10 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll

[2008/11/28 21:25:10 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe

[2008/11/28 21:25:10 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll

[2008/11/28 21:25:10 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe

[2008/11/28 21:25:10 | 00,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs

[2008/11/28 21:25:10 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll

[2008/11/28 21:25:10 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe

[2008/11/28 21:25:10 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe

[2008/11/28 21:25:10 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe

[2008/11/28 21:25:09 | 00,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll

[2008/11/28 21:25:09 | 00,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll

[2008/11/28 21:25:09 | 00,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL

[2008/11/28 21:25:09 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll

[2008/11/28 21:25:09 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\notepad.exe

[2008/11/28 21:25:09 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax

[2008/11/28 21:25:09 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe

[2008/11/28 21:25:09 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe

[2008/11/28 21:25:09 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll

[2008/11/28 21:25:09 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe

[2008/11/28 21:25:08 | 00,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll

[2008/11/28 21:25:08 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp

[2008/11/28 21:25:08 | 00,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm

[2008/11/28 21:25:08 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll

[2008/11/28 21:25:08 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll

[2008/11/28 21:25:08 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe

[2008/11/28 21:25:08 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2008/11/28 21:25:08 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll

[2008/11/28 21:25:08 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll

[2008/11/28 21:25:08 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll

[2008/11/28 21:25:08 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe

[2008/11/28 21:25:08 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll

[2008/11/28 21:25:08 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll

[2008/11/28 21:25:08 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll

[2008/11/28 21:25:08 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll

[2008/11/28 21:25:08 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll

[2008/11/28 21:25:07 | 00,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl

[2008/11/28 21:25:07 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe

[2008/11/28 21:25:07 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll

[2008/11/28 21:25:07 | 00,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL

[2008/11/28 21:25:07 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll

[2008/11/28 21:25:07 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll

[2008/11/28 21:25:07 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll

[2008/11/28 21:25:07 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sendmail.dll

[2008/11/28 21:25:07 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe

[2008/11/28 21:25:07 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll

[2008/11/28 21:25:07 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll

[2008/11/28 21:25:07 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe

[2008/11/28 21:25:07 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll

[2008/11/28 21:25:07 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll

[2008/11/28 21:25:06 | 01,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll

[2008/11/28 21:25:06 | 01,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL

[2008/11/28 21:25:06 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll

[2008/11/28 21:25:06 | 00,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll

[2008/11/28 21:25:06 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll

[2008/11/28 21:25:06 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe

[2008/11/28 21:25:06 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll

[2008/11/28 21:25:06 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll

[2008/11/28 21:25:06 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe

[2008/11/28 21:25:06 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2008/11/28 21:25:06 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll

[2008/11/28 21:25:06 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe

[2008/11/28 21:25:06 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rshx32.dll

[2008/11/28 21:25:06 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe

[2008/11/28 21:25:06 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll

[2008/11/28 21:25:06 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe

[2008/11/28 21:25:06 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll

[2008/11/28 21:25:06 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpscript.exe

[2008/11/28 21:25:06 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\version.dll

[2008/11/28 21:25:06 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll

[2008/11/28 21:25:05 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe

[2008/11/28 21:25:05 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL

[2008/11/28 21:25:05 | 00,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll

[2008/11/28 21:25:05 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll

[2008/11/28 21:25:05 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe

[2008/11/28 21:25:05 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe

[2008/11/28 21:25:05 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll

[2008/11/28 21:25:05 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpscript.dll

[2008/11/28 21:25:04 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL

[2008/11/28 21:25:04 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpshell.dll

[2008/11/28 21:25:04 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe

[2008/11/28 21:25:04 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx

[2008/11/28 21:25:04 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe

[2008/11/28 21:25:04 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2008/11/28 21:25:03 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll

[2008/11/28 21:25:03 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll

[2008/11/28 21:25:03 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll

[2008/11/28 21:25:03 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe

[2008/11/28 21:25:03 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll

[2008/11/28 21:25:03 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe

[2008/11/28 21:25:03 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll

[2008/11/28 21:25:03 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll

[2008/11/28 21:25:03 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe

[2008/11/28 21:25:03 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe

[2008/11/28 21:25:02 | 01,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr

[2008/11/28 21:25:02 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll

[2008/11/28 21:25:02 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll

[2008/11/28 21:25:02 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe

[2008/11/28 21:25:01 | 00,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll

[2008/11/28 21:25:01 | 00,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll

[2008/11/28 21:25:01 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe

[2008/11/28 21:25:01 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll

[2008/11/28 21:25:01 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colbact.dll

[2008/11/28 21:25:01 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\remotepg.dll

[2008/11/28 21:25:01 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll

[2008/11/28 21:25:01 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe

[2008/11/28 21:25:01 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll

[2008/11/28 21:25:01 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll

[2008/11/28 21:25:01 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll

[2008/11/28 21:25:01 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe

[2008/11/28 21:25:01 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll

[2008/11/28 21:25:01 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll

[2008/11/28 21:25:01 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx

[2008/11/28 21:25:01 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll

[2008/11/28 21:25:00 | 00,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr

[2008/11/28 21:25:00 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl

[2008/11/28 21:25:00 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll

[2008/11/28 21:25:00 | 00,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll

[2008/11/28 21:25:00 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll

[2008/11/28 21:25:00 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe

[2008/11/28 21:25:00 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll

[2008/11/28 21:25:00 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2008/11/28 21:25:00 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2008/11/28 21:24:59 | 00,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll

[2008/11/28 21:24:59 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll

[2008/11/28 21:24:59 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll

[2008/11/28 21:24:59 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe

[2008/11/28 21:24:59 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOM.dll

[2008/11/28 21:24:59 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2008/11/28 21:24:59 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe

[2008/11/28 21:24:59 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll

[2008/11/28 21:24:59 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll

[2008/11/28 21:24:59 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe

[2008/11/28 21:24:59 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll

[2008/11/28 21:24:59 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe

[2008/11/28 21:24:59 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll

[2008/11/28 21:24:58 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr

[2008/11/28 21:24:58 | 00,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr

[2008/11/28 21:24:58 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe

[2008/11/28 21:24:58 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll

[2008/11/28 21:24:58 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe

[2008/11/28 21:24:58 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe

[2008/11/28 21:24:58 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll

[2008/11/28 21:24:57 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll

[2008/11/28 21:24:57 | 00,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll

[2008/11/28 21:24:57 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl

[2008/11/28 21:24:57 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL

[2008/11/28 21:24:57 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll

[2008/11/28 21:24:57 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll

[2008/11/28 21:24:57 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll

[2008/11/28 21:24:57 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll

[2008/11/28 21:24:57 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll

[2008/11/28 21:24:57 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll

[2008/11/28 21:24:57 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll

[2008/11/28 21:24:57 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll

[2008/11/28 21:24:57 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll

[2008/11/28 21:24:57 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll

[2008/11/28 21:24:57 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll

[2008/11/28 21:24:57 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll

[2008/11/28 21:24:57 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe

[2008/11/28 21:24:57 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll

[2008/11/28 21:24:56 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll

[2008/11/28 21:24:56 | 00,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itss.dll

[2008/11/28 21:24:56 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe

[2008/11/28 21:24:56 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe

[2008/11/28 21:24:56 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll

[2008/11/28 21:24:56 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2008/11/28 21:24:56 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll

[2008/11/28 21:24:56 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll

[2008/11/28 21:24:56 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe

[2008/11/28 21:24:56 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe

[2008/11/28 21:24:56 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll

[2008/11/28 21:24:55 | 00,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll

[2008/11/28 21:24:55 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll

[2008/11/28 21:24:55 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll

[2008/11/28 21:24:55 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll

[2008/11/28 21:24:55 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe

[2008/11/28 21:24:55 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe

[2008/11/28 21:24:55 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll

[2008/11/28 21:24:55 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe

[2008/11/28 21:24:55 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll

[2008/11/28 21:24:55 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll

[2008/11/28 21:24:54 | 05,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr

[2008/11/28 21:24:54 | 00,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll

[2008/11/28 21:24:54 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll

[2008/11/28 21:24:54 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mydocs.dll

[2008/11/28 21:24:54 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll

[2008/11/28 21:24:54 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll

[2008/11/28 21:24:54 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll

[2008/11/28 21:24:54 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax

[2008/11/28 21:24:54 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll

[2008/11/28 21:24:54 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll

[2008/11/28 21:24:54 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll

[2008/11/28 21:24:54 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll

[2008/11/28 21:24:54 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3dlg.dll

[2008/11/28 21:24:54 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe

[2008/11/28 21:24:54 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe

[2008/11/28 21:24:54 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll

[2008/11/28 21:24:54 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll

[2008/11/28 21:24:54 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll

[2008/11/28 21:24:54 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll

[2008/11/28 21:24:53 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL

[2008/11/28 21:24:53 | 00,100,043 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2008/11/28 21:24:53 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll

[2008/11/28 21:24:53 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll

[2008/11/28 21:24:53 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll

[2008/11/28 21:24:53 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll

[2008/11/28 21:24:53 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll

[2008/11/28 21:24:53 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcsubs.dll

[2008/11/28 21:24:53 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll

[2008/11/28 21:24:53 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe

[2008/11/28 21:24:53 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll

[2008/11/28 21:24:53 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv

[2008/11/28 21:24:53 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe

[2008/11/28 21:24:53 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll

[2008/11/28 21:24:53 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL

[2008/11/28 21:24:53 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe

[2008/11/28 21:24:53 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe

[2008/11/28 21:24:53 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll

[2008/11/28 21:24:53 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll

[2008/11/28 21:24:53 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll

[2008/11/28 21:24:52 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll

[2008/11/28 21:24:52 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL

[2008/11/28 21:24:52 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll

[2008/11/28 21:24:52 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe

[2008/11/28 21:24:52 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax

[2008/11/28 21:24:52 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe

[2008/11/28 21:24:52 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll

[2008/11/28 21:24:52 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcbcp.dll

[2008/11/28 21:24:52 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe

[2008/11/28 21:24:52 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll

[2008/11/28 21:24:52 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE

[2008/11/28 21:24:52 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll

[2008/11/28 21:24:52 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll

[2008/11/28 21:24:51 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll

[2008/11/28 21:24:51 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll

[2008/11/28 21:24:51 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll

[2008/11/28 21:24:51 | 00,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll

[2008/11/28 21:24:51 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psbase.dll

[2008/11/28 21:24:50 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll

[2008/11/28 21:24:50 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll

[2008/11/28 21:24:50 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll

[2008/11/28 21:24:50 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll

[2008/11/28 21:24:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll

[2008/11/28 21:24:50 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll

[2008/11/28 21:24:50 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe

[2008/11/28 21:24:50 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll

[2008/11/28 21:24:50 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

[2008/11/28 21:24:50 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll

[2008/11/28 21:24:49 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll

[2008/11/28 21:24:49 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll

[2008/11/28 21:24:49 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe

[2008/11/28 21:24:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll

[2008/11/28 21:24:48 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll

[2008/11/28 21:24:46 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe

[2008/11/28 21:24:46 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvidc32.dll

[2008/11/28 21:24:46 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll

[2008/11/28 21:24:46 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL

[2008/11/28 21:24:45 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe

[2008/11/28 21:24:45 | 00,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini

[2008/11/28 21:24:45 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax

[2008/11/28 21:24:45 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe

[2008/11/28 21:24:45 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll

[2008/11/28 21:24:45 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe

[2008/11/28 21:24:45 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll

[2008/11/28 21:24:45 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe

[2008/11/28 21:24:45 | 00,009,987 | ---- | C] () -- C:\Windows\System32\RacUR.xml

[2008/11/28 21:24:44 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax

[2008/11/28 21:24:44 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll

[2008/11/28 21:24:44 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll

[2008/11/28 21:24:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll

[2008/11/28 21:24:44 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll

[2008/11/28 21:24:44 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll

[2008/11/28 21:24:43 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll

[2008/11/28 21:24:43 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFax.dll

[2008/11/28 21:24:42 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll

[2008/11/28 21:24:42 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll

[2008/11/28 21:24:42 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2008/11/28 21:24:41 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll

[2008/11/28 21:24:41 | 00,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm

[2008/11/28 21:24:41 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll

[2008/11/28 21:24:41 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll

[2008/11/28 21:24:41 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll

[2008/11/28 21:24:41 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll

[2008/11/28 21:24:41 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll

[2008/11/28 21:24:40 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2008/11/28 21:24:40 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll

[2008/11/28 21:24:40 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll

[2008/11/28 21:24:40 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll

[2008/11/28 21:24:40 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe

[2008/11/28 21:24:40 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LogonUI.exe

[2008/11/28 21:24:40 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll

[2008/11/28 21:24:38 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll

[2008/11/28 21:24:38 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll

[2008/11/28 21:24:37 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll

[2008/11/28 21:24:36 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll

[2008/11/28 21:24:36 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll

[2008/11/28 21:24:36 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll

[2008/11/28 21:24:34 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll

[2008/11/28 21:24:34 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll

[2008/11/28 21:24:33 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll

[2008/11/28 21:24:33 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidle.dll

[2008/11/28 21:24:33 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll

[2008/11/28 21:24:30 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL

[2008/11/28 21:24:30 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll

[2008/11/28 21:24:30 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL

[2008/11/28 21:24:30 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL

[2008/11/28 21:24:30 | 00,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmCl.dll

[2008/11/28 21:24:29 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll

[2008/11/28 21:24:28 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll

[2008/11/28 21:24:28 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl

[2008/11/28 21:24:25 | 00,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc

[2008/11/28 21:24:24 | 00,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml

[2008/11/28 21:24:20 | 00,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc

[2008/11/28 21:24:03 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll

[2008/11/28 21:24:02 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll

[2008/11/28 21:24:01 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll

[2008/11/28 21:23:57 | 00,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll

[2008/11/28 21:23:57 | 00,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll

[2008/11/28 21:23:57 | 00,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll

[2008/11/28 21:23:57 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspatcha.dll

[2008/11/28 21:23:56 | 00,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll

[2008/11/28 00:16:42 | 00,000,977 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk

[2008/11/28 00:16:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine

[2008/11/28 00:16:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DivX

[2008/11/28 00:07:07 | 00,418,304 | ---- | C] (OldTimer Tools) -- C:\Users\Big D\Desktop\OTListIt.exe

[2008/11/28 00:00:29 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Roaming\Malwarebytes

[2008/11/28 00:00:28 | 00,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2008/11/28 00:00:27 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2008/11/28 00:00:25 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2008/11/28 00:00:24 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2008/11/28 00:00:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2008/11/27 23:45:03 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll

[2008/11/27 23:45:02 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll

[2008/11/27 23:41:54 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\es.dll

[2008/11/27 20:36:13 | 00,000,000 | ---- | C] () -- C:\Windows\System32\config.nt

[2008/11/27 20:35:51 | 01,163,960 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe

[2008/11/27 20:35:51 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll

[2008/11/27 20:35:51 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVCP71.dll

[2008/11/27 20:35:51 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx

[2008/11/27 20:35:51 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVCR71.dll

[2008/11/27 20:30:37 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft

[2008/11/27 20:30:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft

[2008/11/27 20:30:04 | 00,000,000 | -HSD | C] -- C:\Windows\Installer

[2008/11/27 20:30:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard

[2008/11/27 20:25:12 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Roaming\WinRAR

[2008/11/27 20:24:18 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR

[2008/11/27 16:08:04 | 00,008,704 | ---- | C] () -- C:\Users\Big D\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/11/27 16:07:37 | 00,000,373 | ---- | C] () -- C:\Users\Big D\Desktop\Documents.lnk

[2008/11/27 16:06:38 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Roaming\Winamp

[2008/11/27 16:06:38 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp

[2008/11/27 16:03:36 | 00,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2008/11/27 16:03:34 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Roaming\Mozilla

[2008/11/27 16:03:34 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Local\Mozilla

[2008/11/27 16:03:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2008/11/27 15:54:00 | 00,000,000 | ---D | C] -- C:\Windows\CSC

[2008/11/27 15:50:28 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch

[2008/11/27 15:49:32 | 00,000,000 | ---D | C] -- C:\Windows\Panther

[2008/11/27 15:49:16 | 00,000,000 | ---D | C] -- C:\Windows\Debug

[2008/11/27 15:37:28 | 00,000,000 | -H-D | C] -- C:\$WINDOWS.~Q

[2008/11/27 15:37:07 | 00,000,000 | -H-D | C] -- C:\$INPLACE.~TR

[2008/11/27 15:14:30 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll

[2008/11/27 15:14:29 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll

[2008/11/27 15:14:29 | 01,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll

[2008/11/27 15:13:11 | 00,001,887 | ---- | C] () -- C:\Windows\diagwrn.xml

[2008/11/27 15:13:11 | 00,001,887 | ---- | C] () -- C:\Windows\diagerr.xml

[2008/11/27 15:11:46 | 00,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h

[2008/11/27 15:10:08 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll

[2008/11/27 15:10:08 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll

[2008/11/27 15:10:08 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax

[2008/11/27 15:10:08 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax

[2008/11/27 15:10:08 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax

[2008/11/27 15:10:08 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax

[2008/11/27 15:10:07 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax

[2008/11/27 15:01:29 | 00,000,402 | -HS- | C] () -- C:\Users\Big D\Documents\desktop.ini

[2008/11/27 15:01:29 | 00,000,282 | -HS- | C] () -- C:\Users\Big D\Desktop\desktop.ini

[2008/11/27 15:01:29 | 00,000,174 | -HS- | C] () -- C:\Users\Big D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

[2008/11/27 15:01:17 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Roaming\Identities

[2008/11/27 15:01:14 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Local\VirtualStore

[2008/11/27 14:55:40 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll

[2008/11/27 14:55:04 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll

[2008/11/27 14:55:04 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll

[2008/11/27 14:55:04 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll

[2008/11/27 14:52:55 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll

[2008/11/27 14:52:55 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll

[2008/11/27 14:52:54 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll

[2008/11/27 14:36:44 | 11,580,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll

[2008/11/27 14:33:31 | 01,191,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll

[2008/11/27 14:33:31 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll

[2008/11/27 14:31:03 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll

[2008/11/27 14:31:03 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll

[2008/11/27 14:27:55 | 01,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll

[2008/11/27 14:27:55 | 01,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll

[2008/11/27 14:27:55 | 01,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll

[2008/11/27 14:27:55 | 01,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll

[2008/11/27 14:27:55 | 01,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll

[2008/11/27 14:27:55 | 01,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll

[2008/11/27 14:27:54 | 07,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll

[2008/11/27 14:27:54 | 05,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll

[2008/11/27 14:27:54 | 02,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll

[2008/11/27 14:27:53 | 06,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll

[2008/11/27 14:27:53 | 05,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll

[2008/11/27 14:27:53 | 04,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll

[2008/11/27 14:27:53 | 02,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll

[2008/11/27 14:27:52 | 06,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll

[2008/11/27 14:27:52 | 04,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll

[2008/11/27 14:27:52 | 03,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll

[2008/11/27 14:27:51 | 11,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll

[2008/11/27 14:27:51 | 04,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll

[2008/11/27 14:27:51 | 01,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll

[2008/11/27 14:27:50 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll

[2008/11/27 14:27:50 | 04,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll

[2008/11/27 14:27:50 | 03,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll

[2008/11/27 14:27:50 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll

[2008/11/27 14:27:50 | 01,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll

[2008/11/27 14:27:49 | 04,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll

[2008/11/27 14:27:49 | 01,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll

[2008/11/27 14:27:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll

[2008/11/27 14:27:48 | 06,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll

[2008/11/27 14:27:48 | 06,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll

[2008/11/27 14:27:48 | 06,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll

[2008/11/27 14:27:47 | 09,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll

[2008/11/27 14:27:47 | 06,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll

[2008/11/27 14:27:47 | 05,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll

[2008/11/27 14:27:47 | 04,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll

[2008/11/27 14:27:47 | 01,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll

[2008/11/27 14:27:46 | 07,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll

[2008/11/27 14:27:46 | 05,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll

[2008/11/27 14:27:46 | 05,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll

[2008/11/27 14:27:46 | 05,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll

[2008/11/27 14:27:45 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll

[2008/11/27 14:27:45 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll

[2008/11/27 14:27:45 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll

[2008/11/27 14:27:45 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll

[2008/11/27 14:27:44 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll

[2008/11/27 14:27:44 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll

[2008/11/27 14:27:44 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll

[2008/11/27 14:27:44 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll

[2008/11/27 14:27:44 | 01,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll

[2008/11/27 14:27:44 | 01,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll

[2008/11/27 14:27:43 | 04,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll

[2008/11/27 14:27:43 | 03,466,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll

[2008/11/27 14:27:43 | 02,657,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll

[2008/11/27 14:27:43 | 01,966,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll

[2008/11/27 14:27:43 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll

[2008/11/27 14:27:42 | 04,497,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll

[2008/11/27 14:27:42 | 02,599,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll

[2008/11/27 14:27:42 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll

[2008/11/27 14:27:42 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll

[2008/11/27 14:27:42 | 01,523,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll

[2008/11/27 14:27:41 | 04,875,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll

[2008/11/27 14:27:41 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll

[2008/11/27 14:27:41 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll

[2008/11/27 14:27:41 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll

[2008/11/27 14:27:41 | 02,243,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll

[2008/11/27 14:27:40 | 03,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll

[2008/11/27 14:27:40 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll

[2008/11/27 14:27:40 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll

[2008/11/27 14:27:40 | 01,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll

[2008/11/27 14:27:40 | 01,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll

[2008/11/27 14:27:39 | 04,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll

[2008/11/27 14:27:38 | 09,847,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll

[2008/11/27 14:27:38 | 04,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll

[2008/11/27 14:27:38 | 02,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll

[2008/11/27 14:27:38 | 02,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll

[2008/11/27 14:27:38 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll

[2008/11/27 14:27:37 | 06,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll

[2008/11/27 14:27:37 | 04,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll

[2008/11/27 14:27:37 | 04,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll

[2008/11/27 14:27:37 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll

[2008/11/27 14:27:37 | 00,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll

[2008/11/27 14:27:36 | 01,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll

[2008/11/27 14:25:48 | 01,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll

[2008/11/27 14:25:48 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll

[2008/11/27 14:23:05 | 00,738,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll

[2008/11/27 14:23:05 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll

[2008/11/27 14:22:18 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2008/11/27 14:21:17 | 00,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll

[2008/11/27 14:21:17 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll

[2008/11/27 14:21:17 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll

[2008/11/27 14:19:27 | 00,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll

[2008/11/27 14:15:06 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll

[2008/11/27 14:12:51 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll

[2008/11/27 14:11:39 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2008/11/27 14:08:08 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2008/11/27 14:07:51 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll

[2008/11/27 14:07:51 | 00,056,483 | ---- | C] () -- C:\Windows\System32\ieuinit.inf

[2008/11/27 14:07:50 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2008/11/27 14:07:49 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll

[2008/11/27 14:07:49 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2008/11/27 14:07:44 | 03,578,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll

[2008/11/27 14:07:44 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2008/11/27 14:07:41 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll

[2008/11/27 14:07:41 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2008/11/27 14:07:40 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll

[2008/11/27 14:03:36 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll

[2008/11/27 14:03:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AMD

[2008/11/27 14:01:26 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Roaming\InstallShield

[2008/11/27 13:01:24 | 21,467,54560 | -HS- | C] () -- C:\hiberfil.sys

[2008/11/27 12:56:32 | 00,000,000 | --SD | C] -- C:\Users\Big D\AppData\Roaming\Microsoft

[2008/11/27 12:56:32 | 00,000,000 | -HSD | C] -- C:\Users\Big D\Documents\My Videos

[2008/11/27 12:56:32 | 00,000,000 | -HSD | C] -- C:\Users\Big D\Documents\My Pictures

[2008/11/27 12:56:32 | 00,000,000 | -HSD | C] -- C:\Users\Big D\Documents\My Music

[2008/11/27 12:56:32 | 00,000,000 | -HSD | C] -- C:\Users\Big D\AppData\Local\Temporary Internet Files

[2008/11/27 12:56:32 | 00,000,000 | -HSD | C] -- C:\Users\Big D\AppData\Local\History

[2008/11/27 12:56:32 | 00,000,000 | -HSD | C] -- C:\Users\Big D\AppData\Local\Application Data

[2008/11/27 12:56:32 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Roaming\Media Center Programs

[2008/11/27 12:56:32 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Local\Temp

[2008/11/27 12:56:32 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Local\Microsoft

[2008/11/27 11:51:48 | 00,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2008/11/27 01:52:03 | 00,000,553 | R--- | C] () -- C:\Windows\USetup.iss

[2008/11/27 01:50:02 | 00,000,000 | ---D | C] -- C:\Windows\System32\RTCOM

[2008/11/27 01:49:11 | 00,525,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll

[2008/11/27 01:49:08 | 06,430,208 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RAVCpl64.exe

[2008/11/27 01:49:08 | 00,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information

[2008/11/27 01:49:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek

[2008/11/27 01:49:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield

[2008/11/27 01:47:24 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2008/11/27 01:42:49 | 01,305,640 | -H-- | C] () -- C:\Users\Big D\AppData\Local\IconCache.db

[2008/11/27 01:23:48 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Roaming\Macromedia

[2008/11/27 01:23:48 | 00,000,000 | ---D | C] -- C:\Users\Big D\AppData\Roaming\Adobe

[2008/11/27 01:23:46 | 00,000,000 | ---D | C] -- C:\Windows\System32\Macromed

[2008/11/27 01:13:59 | 00,048,600 | ---- | C] () -- C:\Users\Big D\AppData\Local\GDIPFONTCACHEV1.DAT

[2008/11/27 01:11:19 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2008/11/27 01:11:19 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2008/11/27 01:11:18 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2008/11/27 01:09:40 | 00,162,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2008/11/27 01:09:40 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2008/11/27 00:24:41 | 00,004,721 | ---- | C] () -- C:\Users\Big D\Documents\ebay code.rtf

[2008/11/27 00:24:37 | 04,660,596 | ---- | C] () -- C:\Users\Big D\Documents\iyg7977vb7bg7.pspimage

[2008/11/27 00:24:37 | 03,249,735 | ---- | C] () -- C:\Users\Big D\Documents\Image5.pspimage

[2008/11/27 00:24:37 | 00,571,735 | ---- | C] () -- C:\Users\Big D\Documents\iyg7977vb7bg7.jpg

[2008/11/27 00:24:37 | 00,455,251 | ---- | C] () -- C:\Users\Big D\Documents\flames.jpg

[2008/11/27 00:24:37 | 00,351,179 | ---- | C] () -- C:\Users\Big D\Documents\Skull.gif

[2008/11/27 00:24:37 | 00,096,372 | ---- | C] () -- C:\Users\Big D\Documents\Flames___Black_Dual_Display_by_jbensch.jpg

[2008/11/27 00:24:37 | 00,036,607 | ---- | C] () -- C:\Users\Big D\Documents\STFU.jpg

[2008/11/27 00:24:37 | 00,031,860 | ---- | C] () -- C:\Users\Big D\Documents\Mohawk_skull.jpg

[2008/11/27 00:24:37 | 00,000,083 | ---- | C] () -- C:\Users\Big D\Documents\Pilot Iron Cross Shift Knob - Pilot Automotive PM-2215 - TruckCustomizers.com.URL

[2008/11/19 00:46:14 | 00,000,024 | ---- | C] () -- C:\url_history.xml

[2008/11/05 00:56:24 | 00,000,000 | ---D | C] -- C:\MGADiagToolOutput

========== Files - Modified Within 30 Days ==========

[2008/11/28 23:20:09 | 00,000,114 | ---- | M] () -- C:\Users\Big D\Desktop\I also got this stupid intervalhehehe thing - Malwarebytes Security Forums.URL

[2008/11/28 22:30:20 | 00,175,648 | ---- | M] () -- C:\Users\Big D\Desktop\activescan2_en.exe

[2008/11/28 22:25:26 | 00,000,007 | ---- | M] () -- C:\Users\Big D\Desktop\New Rich Text Document.rtf

[2008/11/28 22:21:36 | 00,000,085 | ---- | M] () -- C:\Users\Big D\Desktop\Pre- HJT Post Instructions - Malwarebytes Security Forums.URL

[2008/11/28 22:19:43 | 00,001,097 | ---- | M] () -- C:\Users\Big D\Desktop\Spybot - Search & Destroy.lnk

[2008/11/28 22:18:35 | 15,083,520 | ---- | M] (Safer Networking Limited ) -- C:\Users\Big D\Desktop\spybotsd160.exe

[2008/11/28 22:09:42 | 00,000,280 | -HS- | M] () -- C:\Users\Public\Documents\desktop.ini

[2008/11/28 22:09:42 | 00,000,174 | -HS- | M] () -- C:\Users\Public\Desktop\desktop.ini

[2008/11/28 22:09:42 | 00,000,174 | -HS- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

[2008/11/28 22:05:08 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2008/11/28 22:04:43 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2008/11/28 22:03:56 | 21,467,54560 | -HS- | M] () -- C:\hiberfil.sys

[2008/11/28 21:53:13 | 01,305,640 | -H-- | M] () -- C:\Users\Big D\AppData\Local\IconCache.db

[2008/11/28 21:46:24 | 00,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll

[2008/11/28 21:46:22 | 00,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll

[2008/11/28 00:24:42 | 00,008,704 | ---- | M] () -- C:\Users\Big D\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/11/28 00:16:42 | 00,000,977 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk

[2008/11/28 00:07:09 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Users\Big D\Desktop\OTListIt.exe

[2008/11/28 00:00:28 | 00,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2008/11/27 23:45:03 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll

[2008/11/27 23:45:02 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll

[2008/11/27 23:41:54 | 00,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll

[2008/11/27 20:36:17 | 00,000,000 | ---- | M] () -- C:\Windows\System32\config.nt

[2008/11/27 16:07:37 | 00,000,373 | ---- | M] () -- C:\Users\Big D\Desktop\Documents.lnk

[2008/11/27 16:03:36 | 00,000,000 | ---- | M] () -- C:\Windows\nsreg.dat

[2008/11/27 15:14:47 | 00,001,887 | ---- | M] () -- C:\Windows\diagwrn.xml

[2008/11/27 15:14:47 | 00,001,887 | ---- | M] () -- C:\Windows\diagerr.xml

[2008/11/27 15:14:30 | 04,240,384 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll

[2008/11/27 15:14:30 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll

[2008/11/27 15:14:29 | 01,695,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll

[2008/11/27 15:11:46 | 00,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h

[2008/11/27 15:10:08 | 00,428,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll

[2008/11/27 15:10:08 | 00,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll

[2008/11/27 15:10:08 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax

[2008/11/27 15:10:08 | 00,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax

[2008/11/27 15:10:08 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax

[2008/11/27 15:10:08 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax

[2008/11/27 15:10:08 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax

[2008/11/27 14:55:40 | 01,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll

[2008/11/27 14:55:04 | 00,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll

[2008/11/27 14:55:04 | 00,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll

[2008/11/27 14:55:04 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll

[2008/11/27 14:52:55 | 00,712,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll

[2008/11/27 14:52:55 | 00,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll

[2008/11/27 14:52:54 | 00,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll

[2008/11/27 14:36:44 | 11,580,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll

[2008/11/27 14:33:31 | 01,191,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll

[2008/11/27 14:33:31 | 00,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll

[2008/11/27 14:31:03 | 00,443,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll

[2008/11/27 14:31:03 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll

[2008/11/27 14:27:55 | 01,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll

[2008/11/27 14:27:55 | 01,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll

[2008/11/27 14:27:55 | 01,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll

[2008/11/27 14:27:55 | 01,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll

[2008/11/27 14:27:55 | 01,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll

[2008/11/27 14:27:55 | 01,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll

[2008/11/27 14:27:54 | 07,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll

[2008/11/27 14:27:54 | 05,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll

[2008/11/27 14:27:54 | 02,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll

[2008/11/27 14:27:53 | 06,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll

[2008/11/27 14:27:53 | 05,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll

[2008/11/27 14:27:53 | 04,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll

[2008/11/27 14:27:53 | 02,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll

[2008/11/27 14:27:52 | 11,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll

[2008/11/27 14:27:52 | 06,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll

[2008/11/27 14:27:52 | 04,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll

[2008/11/27 14:27:52 | 03,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll

[2008/11/27 14:27:51 | 12,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll

[2008/11/27 14:27:51 | 04,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll

[2008/11/27 14:27:51 | 01,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll

[2008/11/27 14:27:50 | 04,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll

[2008/11/27 14:27:50 | 03,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll

[2008/11/27 14:27:50 | 02,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll

[2008/11/27 14:27:50 | 01,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll

[2008/11/27 14:27:49 | 06,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll

[2008/11/27 14:27:49 | 04,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll

[2008/11/27 14:27:49 | 01,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll

[2008/11/27 14:27:49 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll

[2008/11/27 14:27:48 | 09,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll

[2008/11/27 14:27:48 | 06,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll

[2008/11/27 14:27:48 | 06,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll

[2008/11/27 14:27:47 | 06,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll

[2008/11/27 14:27:47 | 05,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll

[2008/11/27 14:27:47 | 04,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll

[2008/11/27 14:27:47 | 01,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll

[2008/11/27 14:27:46 | 07,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll

[2008/11/27 14:27:46 | 05,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll

[2008/11/27 14:27:46 | 05,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll

[2008/11/27 14:27:46 | 05,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll

[2008/11/27 14:27:45 | 03,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll

[2008/11/27 14:27:45 | 03,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll

[2008/11/27 14:27:45 | 03,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll

[2008/11/27 14:27:45 | 03,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll

[2008/11/27 14:27:44 | 03,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll

[2008/11/27 14:27:44 | 03,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll

[2008/11/27 14:27:44 | 01,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll

[2008/11/27 14:27:44 | 01,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll

[2008/11/27 14:27:44 | 01,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll

[2008/11/27 14:27:44 | 01,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll

[2008/11/27 14:27:43 | 04,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll

[2008/11/27 14:27:43 | 03,466,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll

[2008/11/27 14:27:43 | 02,657,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll

[2008/11/27 14:27:43 | 01,966,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll

[2008/11/27 14:27:43 | 01,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll

[2008/11/27 14:27:43 | 01,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll

[2008/11/27 14:27:42 | 04,497,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll

[2008/11/27 14:27:42 | 02,599,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll

[2008/11/27 14:27:42 | 02,243,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll

[2008/11/27 14:27:42 | 01,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll

[2008/11/27 14:27:42 | 01,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll

[2008/11/27 14:27:41 | 04,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll

[2008/11/27 14:27:41 | 03,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll

[2008/11/27 14:27:41 | 03,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll

[2008/11/27 14:27:41 | 03,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll

[2008/11/27 14:27:40 | 03,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll

[2008/11/27 14:27:40 | 01,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll

[2008/11/27 14:27:40 | 01,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll

[2008/11/27 14:27:40 | 01,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll

[2008/11/27 14:27:40 | 01,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll

[2008/11/27 14:27:39 | 09,847,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll

[2008/11/27 14:27:39 | 04,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll

[2008/11/27 14:27:38 | 04,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll

[2008/11/27 14:27:38 | 04,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll

[2008/11/27 14:27:38 | 02,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll

[2008/11/27 14:27:38 | 02,342,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll

[2008/11/27 14:27:38 | 01,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll

[2008/11/27 14:27:37 | 06,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll

[2008/11/27 14:27:37 | 04,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll

[2008/11/27 14:27:37 | 01,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll

[2008/11/27 14:27:37 | 00,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll

[2008/11/27 14:27:36 | 01,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll

[2008/11/27 14:25:48 | 01,334,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll

[2008/11/27 14:25:48 | 00,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll

[2008/11/27 14:23:05 | 00,738,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll

[2008/11/27 14:23:05 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll

[2008/11/27 14:22:18 | 00,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2008/11/27 14:21:17 | 00,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll

[2008/11/27 14:21:17 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll

[2008/11/27 14:21:17 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll

[2008/11/27 14:19:27 | 00,302,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll

[2008/11/27 14:15:06 | 00,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll

[2008/11/27 14:12:51 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll

[2008/11/27 14:11:40 | 01,314,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2008/11/27 14:08:08 | 02,455,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2008/11/27 14:07:51 | 00,827,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll

[2008/11/27 14:07:51 | 00,056,483 | ---- | M] () -- C:\Windows\System32\ieuinit.inf

[2008/11/27 14:07:51 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2008/11/27 14:07:49 | 06,068,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll

[2008/11/27 14:07:49 | 00,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2008/11/27 14:07:44 | 03,578,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll

[2008/11/27 14:07:44 | 01,383,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2008/11/27 14:07:41 | 01,166,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll

[2008/11/27 14:07:41 | 00,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2008/11/27 14:07:40 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll

[2008/11/27 14:03:36 | 00,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll

[2008/11/27 01:49:12 | 00,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll

[2008/11/27 01:13:59 | 00,048,600 | ---- | M] () -- C:\Users\Big D\AppData\Local\GDIPFONTCACHEV1.DAT

[2008/11/27 01:13:32 | 00,000,402 | -HS- | M] () -- C:\Users\Big D\Documents\desktop.ini

[2008/11/27 01:13:32 | 00,000,282 | -HS- | M] () -- C:\Users\Big D\Desktop\desktop.ini

[2008/11/27 01:13:32 | 00,000,174 | -HS- | M] () -- C:\Users\Big D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

[2008/11/27 01:11:19 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2008/11/27 01:11:19 | 00,034,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2008/11/27 01:11:18 | 00,561,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2008/11/27 01:09:40 | 00,162,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2008/11/27 01:09:40 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2008/11/20 02:10:58 | 00,000,024 | ---- | M] () -- C:\url_history.xml

[2008/11/14 17:49:54 | 00,000,083 | ---- | M] () -- C:\Users\Big D\Documents\Pilot Iron Cross Shift Knob - Pilot Automotive PM-2215 - TruckCustomizers.com.URL

[2008/11/10 17:09:28 | 00,031,860 | ---- | M] () -- C:\Users\Big D\Documents\Mohawk_skull.jpg

[2008/11/10 06:07:00 | 00,571,735 | ---- | M] () -- C:\Users\Big D\Documents\iyg7977vb7bg7.jpg

[2008/11/10 06:01:42 | 03,249,735 | ---- | M] () -- C:\Users\Big D\Documents\Image5.pspimage

[2008/11/10 06:00:12 | 04,660,596 | ---- | M] () -- C:\Users\Big D\Documents\iyg7977vb7bg7.pspimage

[2008/11/10 00:02:34 | 00,351,179 | ---- | M] () -- C:\Users\Big D\Documents\Skull.gif

[2008/10/30 20:26:40 | 00,004,721 | ---- | M] () -- C:\Users\Big D\Documents\ebay code.rtf

< End of report >

[Stupid8000]

and heres the log from HiJack This!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:41:56 PM, on 11/28/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Users\Big D\Desktop\OTListIt.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: 61.157.217.210 www.yahoo.com

O1 - Hosts: 61.157.217.210 www.google.com

O1 - Hosts: 61.157.217.210 www.google.co.uk

O1 - Hosts: 61.157.217.210 www.myspace.com

O1 - Hosts: 61.157.217.210 www.youtube.com

O1 - Hosts: 61.157.217.210 www.facebook.com

O1 - Hosts: 61.157.217.210 www.live.com

O1 - Hosts: 61.157.217.210 www.yahoo.com

O1 - Hosts: 61.157.217.210 www.yahoo.co.uk

O1 - Hosts: 61.157.217.210 www.antispyware.com

O1 - Hosts: 61.157.217.210 antispyware.com

O1 - Hosts: 61.157.217.210 antispy.com

O1 - Hosts: 61.157.217.210 www.msn.com

O1 - Hosts: 204.16.197.121 www.asfvb.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.3.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.657.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.34.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.45.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.asdv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvtrv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.g.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.bb.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.dfyu.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.bb.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.dfyu.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.bb.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.dfyu.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.bb.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.dfyu.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.xvv.com

O1 - Hosts: 204.16.197.121 www.msasern.com

O1 - Hosts: 61.157.217.210 www.antispy.com

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 7757 bytes

[Raid]

Alright, first, go find this file:

C:\Windows\System32\drivers\etc\Hosts

Open it with notepad. Delete everything in it.

Insert this line

127.0.0.1 localhost

save the file, quit notepad.

Open Hijackthis, Hit scan, post log...

How is your computer doing now?

You have some service entries showing as missing... Was this computer recently upgraded from Windows XP to Vista?

[Stupid8000]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 8:56:02 PM, on 11/29/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: 127.0.0.1 localhost

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 4826 bytes

computer seems to be running fine. the pop up stopped randomly some time last night...but still have the pages that I couldn't get to. And I'm not really sure about the missing files. I did JUST install this computer tho..did a full install with a vista upgrade CD. worked. might be something with that.

[Stupid8000]

just closed all windows and tried. everything seems to be working great. Thx alot man for your help with this