Sign In
Create Account
Log HijackThis
Last Updated: Apr 23 2014 12:53, Started by
Crywolff
, Apr 23 2014 11:30
·
0
0
#1
Posted 23 April 2014 - 11:30
|
Buna ziua,
Incerc de vreo 2 zile sa imi instalez un antivirus dar nu pot  )Cand incerc sa intru pe o pagina web a unui antivirus (oricare) imi apare ca si cand nu as avea conexiune la internet, task managerul nu il pot accesa. Am instalat pana la urma Malwarebytes, am facut un scan, mi`a gasit cateva fisiere infectat, le`am sters, rr la pc, dar am in continuare aceiasi problema. OS : Win XP sp3 Am facut un log HijackThis Logfile of Trend Micro HiJackThis v2.0.4 Scan saved at 12:20:48 PM, on 4/23/2014 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Documents and Settings\Cry Wolf\My Documents\Downloads\HiJackThis(1).exe O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 3736 bytes Astept raspunsul dumneavoastra, Multumesc anticipat. Edited by Crywolff, 23 April 2014 - 11:31. |
Back to top
#2
Posted 23 April 2014 - 11:39
|
Poti incerca cu re enable sa refaci accesul la ce ai dezactivat reg , task , etc -> http://www.softpedia...Re-Enable.shtml
Scaneaza cu RogueKiller -> http://www.softpedia...gueKiller.shtml Edited by tidicristi, 23 April 2014 - 11:39. |
#3
Posted 23 April 2014 - 11:43
|
Descarca si ruleaza OTL.
Pentru Windows Vista sau Windows 7, click dreapta, selecteaza Run as administrator. Bifezi ca in imagine. [ http://s11.postimg.org/jaand9soj/otl1.jpg - Pentru incarcare in pagina (embed) Click aici ] La terminare vor apare 2 ferestre de Notepad - OTL.txt si Extras.txt. Copiaza pe rand continutul acestor ferestre si posteazale aici. |
#4
Posted 23 April 2014 - 11:47
|
Parca am mai vazut logul asta, mai avea in plus niste exe prin temp
. Poate ma insel. In fine ca sa poti folosi taskmanagerul mergi in regedit si sterge key-a asta (cea marcata cu rosu, restu este calea: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 |
#5
Posted 23 April 2014 - 11:50
|
Extras.Txt :
OTL Extras logfile created on: 4/23/2014 12:47:33 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Cry Wolf\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.94 Gb Total Physical Memory | 1.15 Gb Available Physical Memory | 59.33% Memory free 3.79 Gb Paging File | 3.09 Gb Available in Paging File | 81.53% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58.59 Gb Total Space | 50.75 Gb Free Space | 86.63% Space Free | Partition Type: NTFS Drive D: | 174.29 Gb Total Space | 112.05 Gb Free Space | 64.29% Space Free | Partition Type: NTFS Drive F: | 466.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive G: | 615.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: CRYWOLF | User Name: Cry Wolf | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1708537768-1957994488-682003330-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 1 "FirewallOverride" = 1 "UacDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "FirewallOverride" = 1 "UpdatesDisableNotify" = 1 "UacDisableNotify" = 1 ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "13800:TCP" = 13800:TCP:*:Enabled:BitComet 13800 TCP "13800:UDP" = 13800:UDP:*:Enabled:BitComet 13800 UDP ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "D:\Drivers\motherboard_driver_chipset_nvidia_mcp68_xp.exe" = D:\Drivers\motherboard_driver_chipset_nvidia_mcp68_xp.exe:*:Enabled:ipsec -- () "D:\Drivers\mb_driver_audio_realtek_azalia.exe" = D:\Drivers\mb_driver_audio_realtek_azalia.exe:*:Enabled:ipsec -- (Igor Pavlov) "C:\WINDOWS\Explorer.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation) "C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:rundll32 -- (Microsoft Corporation) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Program Files\Garena Plus\Room\garena_room.exe" = C:\Program Files\Garena Plus\Room\garena_room.exe:*:Enabled:garena_room -- () "D:\Warcraft III\Frozen Throne.exe" = D:\Warcraft III\Frozen Throne.exe:*:Enabled:ipsec -- (Blizzard Entertainment) "C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com) "D:\Warcraft III\War3.exe" = D:\Warcraft III\War3.exe:*:Enabled:ipsec -- (Blizzard Entertainment) "C:\Program Files\Garena Plus\ggdllhost.exe" = C:\Program Files\Garena Plus\ggdllhost.exe:*:Enabled:ggdllhost -- () "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" = C:\Program Files\Mozilla Firefox\uninstall\helper.exe:*:Enabled:ipsec -- (Mozilla Corporation) "C:\Program Files\Java\jre7\bin\java.exe" = C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:ipsec -- (Oracle Corporation) "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec -- (Mozilla Corporation) "C:\Program Files\Common Files\Java\Java Update\jusched.exe" = C:\Program Files\Common Files\Java\Java Update\jusched.exe:*:Enabled:ipsec -- (Oracle Corporation) "C:\Program Files\Mozilla Firefox\plugin-container.exe" = C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:ipsec -- (Mozilla Corporation) "C:\WINDOWS\RTHDCPL.EXE" = C:\WINDOWS\RTHDCPL.EXE:*:Enabled:ipsec -- (Realtek Semiconductor Corp.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55 "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14 "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin "BitComet" = BitComet 1.37 "BSPlayerp" = BS.Player PRO "im" = Garena Plus "MagicDisc 2.7.106" = MagicDisc 2.7.106 "Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5 "Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "WinRAR archiver" = WinRAR 4.20 (32-bit) "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1708537768-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Warcraft III" = Warcraft III: All Products ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 4/20/2014 12:24:40 PM | Computer Name = CRYWOLF | Source = Application Error | ID = 1000 Description = Faulting application War3.exe, version 1.0.7.5535, faulting module unknown, version 0.0.0.0, fault address 0x7c7c9857. Error - 4/20/2014 12:42:05 PM | Computer Name = CRYWOLF | Source = Application Error | ID = 1000 Description = Faulting application War3.exe, version 1.0.7.5535, faulting module unknown, version 0.0.0.0, fault address 0x7c7c9857. Error - 4/20/2014 12:48:33 PM | Computer Name = CRYWOLF | Source = Application Hang | ID = 1002 Description = Hanging application setup.exe, version 9.0.21022.8, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 4/20/2014 12:41:50 PM | Computer Name = CRYWOLF | Source = SideBySide | ID = 16842784 Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. Error - 4/20/2014 12:41:50 PM | Computer Name = CRYWOLF | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . Error - 4/20/2014 12:41:50 PM | Computer Name = CRYWOLF | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for d:\warcraft iii\Storm.dll. Reference error message: The operation completed successfully. . Error - 4/20/2014 12:41:55 PM | Computer Name = CRYWOLF | Source = SideBySide | ID = 16842784 Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. Error - 4/20/2014 12:41:55 PM | Computer Name = CRYWOLF | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . Error - 4/20/2014 12:41:55 PM | Computer Name = CRYWOLF | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for D:\Warcraft III\Storm.dll. Reference error message: The operation completed successfully. . Error - 4/20/2014 12:44:04 PM | Computer Name = CRYWOLF | Source = SideBySide | ID = 16842784 Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. Error - 4/20/2014 12:44:04 PM | Computer Name = CRYWOLF | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . Error - 4/20/2014 12:44:04 PM | Computer Name = CRYWOLF | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for D:\Warcraft III\Storm.dll. Reference error message: The operation completed successfully. . Error - 4/23/2014 5:11:33 AM | Computer Name = CRYWOLF | Source = sr | ID = 1 Description = The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume. < End of report > OTL.Txt OTL logfile created on: 4/23/2014 12:47:33 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Cry Wolf\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.94 Gb Total Physical Memory | 1.15 Gb Available Physical Memory | 59.33% Memory free 3.79 Gb Paging File | 3.09 Gb Available in Paging File | 81.53% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 58.59 Gb Total Space | 50.75 Gb Free Space | 86.63% Space Free | Partition Type: NTFS Drive D: | 174.29 Gb Total Space | 112.05 Gb Free Space | 64.29% Space Free | Partition Type: NTFS Drive F: | 466.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive G: | 615.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: CRYWOLF | User Name: Cry Wolf | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014/04/23 12:47:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cry Wolf\My Documents\Downloads\OTL.exe PRC - [2014/04/23 12:42:05 | 003,972,608 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\My Documents\Downloads\RogueKiller.exe PRC - [2014/04/23 12:41:12 | 000,791,552 | ---- | M] (TangoSoft) -- C:\Documents and Settings\Cry Wolf\My Documents\Downloads\Re-Enable v2.exe PRC - [2014/04/22 16:45:48 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2014/04/20 20:02:08 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2014/04/03 11:33:22 | 000,049,456 | ---- | M] () -- C:\Program Files\Garena Plus\ggdllhost.exe PRC - [2014/04/03 11:33:14 | 009,899,312 | ---- | M] () -- C:\Program Files\Garena Plus\GarenaMessenger.exe PRC - [2008/04/14 15:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2014/04/20 20:02:07 | 003,642,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2014/04/20 20:00:35 | 001,740,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll MOD - [2014/04/20 19:55:28 | 013,193,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll MOD - [2014/04/20 19:55:18 | 001,667,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll MOD - [2014/04/20 19:54:08 | 008,265,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll MOD - [2014/04/20 19:53:58 | 011,722,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll MOD - [2014/04/20 19:52:10 | 000,299,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2014/04/20 18:25:59 | 016,351,920 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll MOD - [2014/04/03 11:34:14 | 000,460,592 | ---- | M] () -- C:\Program Files\Garena Plus\xim\plugin_xmpp.dll MOD - [2014/04/03 11:34:14 | 000,194,864 | ---- | M] () -- C:\Program Files\Garena Plus\xim\plugin_yahoo.dll MOD - [2014/04/03 11:34:12 | 000,590,128 | ---- | M] () -- C:\Program Files\Garena Plus\xim\plugin_msn.dll MOD - [2014/04/03 11:34:12 | 000,170,800 | ---- | M] () -- C:\Program Files\Garena Plus\lib\fs\YYFileSystem.dll MOD - [2014/04/03 11:34:10 | 000,516,912 | ---- | M] () -- C:\Program Files\Garena Plus\lib\delay_load\RSALib.dll MOD - [2014/04/03 11:34:10 | 000,068,400 | ---- | M] () -- C:\Program Files\Garena Plus\lib\delay_load\UdtLib.dll MOD - [2014/04/03 11:34:08 | 000,245,040 | ---- | M] () -- C:\Program Files\Garena Plus\lib\delay_load\MediaEngine.dll MOD - [2014/04/03 11:34:06 | 000,956,208 | ---- | M] () -- C:\Program Files\Garena Plus\lib\delay_load\GaFileTransfer.dll MOD - [2014/04/03 11:34:04 | 001,545,520 | ---- | M] () -- C:\Program Files\Garena Plus\lib\delay_load\FileSender.dll MOD - [2014/04/03 11:34:04 | 000,016,688 | ---- | M] () -- C:\Program Files\Garena Plus\lib\delay_load\ClientTcp.dll MOD - [2014/04/03 11:34:02 | 000,065,840 | ---- | M] () -- C:\Program Files\Garena Plus\lib\delay_load\AudioMixerLib.dll MOD - [2014/04/03 11:34:02 | 000,055,088 | ---- | M] () -- C:\Program Files\Garena Plus\lib\XmlUIModule.dll MOD - [2014/04/03 11:34:00 | 000,958,256 | ---- | M] () -- C:\Program Files\Garena Plus\lib\XLL.dll MOD - [2014/04/03 11:33:58 | 000,219,952 | ---- | M] () -- C:\Program Files\Garena Plus\lib\TaskManagerLib.dll MOD - [2014/04/03 11:33:58 | 000,106,288 | ---- | M] () -- C:\Program Files\Garena Plus\lib\UILayout.dll MOD - [2014/04/03 11:33:56 | 000,374,064 | ---- | M] () -- C:\Program Files\Garena Plus\lib\Http.dll MOD - [2014/04/03 11:33:56 | 000,184,624 | ---- | M] () -- C:\Program Files\Garena Plus\lib\MP3Module.dll MOD - [2014/04/03 11:33:54 | 000,224,560 | ---- | M] () -- C:\Program Files\Garena Plus\Plugins\StatsPlugin.dll MOD - [2014/04/03 11:33:54 | 000,215,856 | ---- | M] () -- C:\Program Files\Garena Plus\Plugins\GameSalePlugin.dll MOD - [2014/04/03 11:33:52 | 000,236,848 | ---- | M] () -- C:\Program Files\Garena Plus\Plugins\PluginNews.dll MOD - [2014/04/03 11:33:50 | 000,098,608 | ---- | M] () -- C:\Program Files\Garena Plus\Plugins\PlatformPlugin.dll MOD - [2014/04/03 11:33:48 | 000,916,272 | ---- | M] () -- C:\Program Files\Garena Plus\Plugins\ggplugin.dll MOD - [2014/04/03 11:33:48 | 000,397,104 | ---- | M] () -- C:\Program Files\Garena Plus\Plugins\GarenaTalkPlugin.dll MOD - [2014/04/03 11:33:46 | 000,287,024 | ---- | M] () -- C:\Program Files\Garena Plus\Plugins\DailyTaskPlugin.dll MOD - [2014/04/03 11:33:46 | 000,133,936 | ---- | M] () -- C:\Program Files\Garena Plus\Plugins\ClanBoxPlugin.dll MOD - [2014/04/03 11:33:42 | 000,147,248 | ---- | M] () -- C:\Program Files\Garena Plus\xIM.dll MOD - [2014/04/03 11:33:42 | 000,027,952 | ---- | M] () -- C:\Program Files\Garena Plus\VersionModule.dll MOD - [2014/04/03 11:33:40 | 000,026,416 | ---- | M] () -- C:\Program Files\Garena Plus\ServerMemAlloc.dll MOD - [2014/04/03 11:33:40 | 000,025,392 | ---- | M] () -- C:\Program Files\Garena Plus\PluginModule.dll MOD - [2014/04/03 11:33:38 | 000,155,440 | ---- | M] () -- C:\Program Files\Garena Plus\libmpg123.dll MOD - [2014/04/03 11:33:38 | 000,087,344 | ---- | M] () -- C:\Program Files\Garena Plus\PluginKernel.dll MOD - [2014/04/03 11:33:34 | 000,192,816 | ---- | M] () -- C:\Program Files\Garena Plus\ImageModule.dll MOD - [2014/04/03 11:33:30 | 002,941,232 | ---- | M] () -- C:\Program Files\Garena Plus\ggdownloader.dll MOD - [2014/04/03 11:33:30 | 000,553,776 | ---- | M] () -- C:\Program Files\Garena Plus\ggspawn.dll MOD - [2014/04/03 11:33:26 | 000,051,504 | ---- | M] () -- C:\Program Files\Garena Plus\FileLoader.dll MOD - [2014/04/03 11:33:26 | 000,033,584 | ---- | M] () -- C:\Program Files\Garena Plus\DibModule.dll MOD - [2014/04/03 11:33:24 | 000,487,216 | ---- | M] () -- C:\Program Files\Garena Plus\CxImage.dll MOD - [2014/04/03 11:33:24 | 000,104,752 | ---- | M] () -- C:\Program Files\Garena Plus\CommonLib.dll MOD - [2014/04/03 11:33:22 | 000,049,456 | ---- | M] () -- C:\Program Files\Garena Plus\ggdllhost.exe MOD - [2014/04/03 11:33:14 | 009,899,312 | ---- | M] () -- C:\Program Files\Garena Plus\GarenaMessenger.exe MOD - [2013/02/01 08:42:28 | 000,153,088 | ---- | M] () -- C:\Program Files\Garena Plus\libzmq.dll MOD - [2012/02/22 11:52:18 | 000,162,304 | ---- | M] () -- C:\Program Files\Garena Plus\lame_enc.dll MOD - [2012/02/22 11:52:16 | 000,573,100 | ---- | M] () -- C:\Program Files\Garena Plus\sqlite3.dll MOD - [2008/04/14 15:00:00 | 001,288,192 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll ========== Services (SafeList) ========== SRV - [2014/04/22 16:45:48 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2014/04/20 20:02:07 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014/04/20 18:27:25 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\femun.sys -- (abp470n5) DRV - [2014/04/23 12:42:45 | 000,026,624 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\TrueSight.sys -- (TrueSight) DRV - [2013/07/30 13:39:58 | 000,035,272 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswTap.sys -- (aswTap) DRV - [2012/05/22 13:21:04 | 006,118,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2010/04/08 21:30:10 | 000,168,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts) DRV - [2010/03/04 13:02:10 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2010/03/04 13:02:08 | 000,070,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2009/11/18 02:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009/11/18 02:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\S-1-5-21-1708537768-1957994488-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0 FF - prefs.js..network.proxy.http: "94.70.255.223" FF - prefs.js..network.proxy.http_port: 1080 FF - prefs.js..network.proxy.no_proxies_on: "" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/04/20 18:22:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cry Wolf\Application Data\Mozilla\Extensions [2014/04/20 19:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cry Wolf\Application Data\Mozilla\Firefox\Profiles\clf8tscm.default\extensions [2014/04/20 19:21:09 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Cry Wolf\Application Data\Mozilla\Firefox\Profiles\clf8tscm.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014/04/20 20:01:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014/04/20 20:02:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2014/04/23 12:45:09 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] nwiz.exe /installquiet File not found O4 - HKU\S-1-5-21-1708537768-1957994488-682003330-1003..\Run: [GarenaPlus] C:\Program Files\Garena Plus\GarenaMessenger.exe () O4 - Startup: C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1708537768-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1708537768-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0 O7 - HKU\S-1-5-21-1708537768-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKU\S-1-5-21-1708537768-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O7 - HKU\S-1-5-21-1708537768-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O7 - HKU\S-1-5-21-1708537768-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O7 - HKU\S-1-5-21-1708537768-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-21-1708537768-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D895BCD-22C3-41C9-A102-D139FCD61C01}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Cry Wolf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cry Wolf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014/04/20 18:09:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013/12/25 23:07:24 | 000,194,456 | ---- | M] () - D:\AUTO.pat -- [ NTFS ] O33 - MountPoints2\{21af7077-c8b3-11e3-8b0f-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{21af7077-c8b3-11e3-8b0f-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{21af7077-c8b3-11e3-8b0f-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2014/04/23 12:42:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Desktop\RK_Quarantine [2014/04/23 12:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\Malwarebytes [2014/04/23 12:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2014/04/23 11:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2014/04/22 16:50:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2014/04/22 16:50:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Local Settings\Application Data\Sun [2014/04/22 16:45:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun [2014/04/22 16:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2014/04/22 16:45:57 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2014/04/22 16:45:57 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2014/04/22 16:45:54 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2014/04/22 16:45:54 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2014/04/22 16:45:54 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2014/04/22 16:45:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java [2014/04/22 16:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2014/04/22 16:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\Sun [2014/04/22 16:39:48 | 000,035,272 | ---- | C] (The OpenVPN Project) -- C:\WINDOWS\System32\drivers\aswTap.sys [2014/04/22 16:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2014/04/21 20:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Webteh [2014/04/21 20:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\BSplayer PRO [2014/04/21 20:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh [2014/04/21 15:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\Garena [2014/04/21 15:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Garena [2014/04/21 09:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2014/04/21 09:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla [2014/04/20 21:03:22 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll [2014/04/20 21:02:35 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2014/04/20 21:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2014/04/20 21:02:34 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll [2014/04/20 21:02:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll [2014/04/20 21:02:33 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll [2014/04/20 21:02:32 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll [2014/04/20 21:02:32 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl [2014/04/20 21:02:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe [2014/04/20 21:02:32 | 000,000,000 | R--D | C] -- C:\Program Files [2014/04/20 21:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2014/04/20 21:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2014/04/20 21:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2014/04/20 21:02:31 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll [2014/04/20 21:02:31 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll [2014/04/20 21:02:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll [2014/04/20 21:02:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll [2014/04/20 21:02:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll [2014/04/20 21:02:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll [2014/04/20 21:02:30 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll [2014/04/20 21:02:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll [2014/04/20 21:02:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll [2014/04/20 21:02:29 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll [2014/04/20 21:02:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll [2014/04/20 21:02:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll [2014/04/20 21:02:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll [2014/04/20 21:02:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll [2014/04/20 21:02:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll [2014/04/20 21:02:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll [2014/04/20 21:02:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll [2014/04/20 21:02:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll [2014/04/20 21:02:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll [2014/04/20 21:02:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll [2014/04/20 21:02:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll [2014/04/20 21:02:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll [2014/04/20 21:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll [2014/04/20 21:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll [2014/04/20 21:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll [2014/04/20 21:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll [2014/04/20 21:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll [2014/04/20 21:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll [2014/04/20 21:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll [2014/04/20 21:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll [2014/04/20 21:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll [2014/04/20 21:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll [2014/04/20 21:02:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll [2014/04/20 21:02:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll [2014/04/20 21:02:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll [2014/04/20 21:02:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll [2014/04/20 21:02:26 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll [2014/04/20 21:02:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll [2014/04/20 21:02:26 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll [2014/04/20 21:02:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll [2014/04/20 21:02:26 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll [2014/04/20 21:02:26 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll [2014/04/20 21:02:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll [2014/04/20 21:02:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll [2014/04/20 21:02:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll [2014/04/20 21:02:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll [2014/04/20 21:02:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll [2014/04/20 21:02:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll [2014/04/20 21:02:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll [2014/04/20 21:02:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll [2014/04/20 21:02:25 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll [2014/04/20 21:02:25 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll [2014/04/20 21:02:25 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll [2014/04/20 21:02:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll [2014/04/20 21:02:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll [2014/04/20 21:02:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll [2014/04/20 21:02:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll [2014/04/20 21:02:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll [2014/04/20 21:02:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll [2014/04/20 21:02:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll [2014/04/20 21:02:24 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll [2014/04/20 21:02:24 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll [2014/04/20 21:02:24 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll [2014/04/20 21:02:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll [2014/04/20 21:02:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll [2014/04/20 21:02:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll [2014/04/20 21:02:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll [2014/04/20 21:02:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll [2014/04/20 21:02:23 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll [2014/04/20 21:02:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll [2014/04/20 21:02:23 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll [2014/04/20 21:02:23 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll [2014/04/20 21:02:23 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll [2014/04/20 21:02:23 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll [2014/04/20 21:02:23 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll [2014/04/20 21:02:23 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL [2014/04/20 21:02:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll [2014/04/20 21:02:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll [2014/04/20 21:02:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll [2014/04/20 21:02:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll [2014/04/20 21:02:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll [2014/04/20 21:02:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll [2014/04/20 21:02:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll [2014/04/20 21:02:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll [2014/04/20 21:02:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll [2014/04/20 21:02:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll [2014/04/20 21:02:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2014/04/20 21:02:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [2014/04/20 21:02:21 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll [2014/04/20 21:02:21 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll [2014/04/20 21:02:21 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll [2014/04/20 21:02:21 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll [2014/04/20 21:02:21 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll [2014/04/20 21:02:21 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll [2014/04/20 21:02:21 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2014/04/20 21:02:21 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll [2014/04/20 21:02:21 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL [2014/04/20 21:02:21 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV [2014/04/20 21:02:21 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL [2014/04/20 21:02:21 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV [2014/04/20 21:02:21 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV [2014/04/20 21:02:21 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV [2014/04/20 21:02:20 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL [2014/04/20 21:02:20 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL [2014/04/20 21:02:20 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV [2014/04/20 21:02:20 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV [2014/04/20 21:02:20 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV [2014/04/20 21:02:20 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL [2014/04/20 21:02:20 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL [2014/04/20 21:02:20 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL [2014/04/20 21:02:20 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV [2014/04/20 21:02:20 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV [2014/04/20 21:02:20 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV [2014/04/20 21:02:20 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK [2014/04/20 21:02:19 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV [2014/04/20 21:02:19 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL [2014/04/20 21:02:19 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL [2014/04/20 21:02:19 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL [2014/04/20 21:02:19 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL [2014/04/20 21:02:19 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE [2014/04/20 21:02:19 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe [2014/04/20 21:02:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys [2014/04/20 21:02:19 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll [2014/04/20 21:02:19 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll [2014/04/20 21:02:17 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll [2014/04/20 21:02:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup [2014/04/20 21:02:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu [2014/04/20 21:02:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents [2014/04/20 21:02:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates [2014/04/20 21:02:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites [2014/04/20 21:02:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop [2014/04/20 21:00:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2014/04/20 21:00:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2014/04/20 21:00:17 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2014/04/20 21:00:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data [2014/04/20 20:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings [2014/04/20 20:59:06 | 000,000,000 | --SD | C] -- C:\System Volume Information [2014/04/20 20:54:22 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2014/04/20 20:54:22 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache [2014/04/20 20:54:22 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web [2014/04/20 20:54:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\system [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\security [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\java [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2014/04/20 20:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2014/04/20 20:05:47 | 000,000,000 | --SD | C] -- C:\RECYCLER [2014/04/20 20:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Desktop\LWT [2014/04/20 20:01:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014/04/20 19:52:50 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2014/04/20 19:52:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2014/04/20 19:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2014/04/20 19:52:30 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll [2014/04/20 19:52:28 | 000,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe [2014/04/20 19:52:05 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2014/04/20 19:51:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2014/04/20 19:21:13 | 000,000,000 | ---D | C] -- C:\Downloads [2014/04/20 19:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\BitComet [2014/04/20 19:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitComet [2014/04/20 19:21:07 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet [2014/04/20 19:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\WinRAR [2014/04/20 19:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\WinRAR [2014/04/20 19:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR [2014/04/20 19:14:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2014/04/20 19:01:55 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe [2014/04/20 19:01:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Warcraft III [2014/04/20 18:56:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\MagicDisc [2014/04/20 18:56:16 | 000,116,736 | ---- | C] (MagicISO, Inc.) -- C:\WINDOWS\System32\drivers\mcdbus.sys [2014/04/20 18:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\MagicDisc [2014/04/20 18:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\Macromedia [2014/04/20 18:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\Adobe [2014/04/20 18:25:59 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2014/04/20 18:25:59 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2014/04/20 18:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Local Settings\Application Data\Skype [2014/04/20 18:25:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\Skype [2014/04/20 18:24:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2014/04/20 18:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype [2014/04/20 18:24:57 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2014/04/20 18:24:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype [2014/04/20 18:23:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\GarenaPlus [2014/04/20 18:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\sweetpacks bundle uninstaller [2014/04/20 18:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Garena [2014/04/20 18:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Garena Plus [2014/04/20 18:22:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger [2014/04/20 18:21:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Local Settings\Application Data\Mozilla [2014/04/20 18:21:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\Mozilla [2014/04/20 18:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\My Documents\Downloads [2014/04/20 18:19:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang [2014/04/20 18:18:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2014/04/20 18:17:59 | 000,755,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\cohelper.dll [2014/04/20 18:16:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation [2014/04/20 18:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2014/04/20 18:16:15 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys [2014/04/20 18:16:14 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys [2014/04/20 18:16:13 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys [2014/04/20 18:16:12 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys [2014/04/20 18:16:11 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys [2014/04/20 18:16:10 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys [2014/04/20 18:16:09 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys [2014/04/20 18:16:08 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys [2014/04/20 18:16:07 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys [2014/04/20 18:16:06 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys [2014/04/20 18:16:04 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys [2014/04/20 18:16:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM [2014/04/20 18:15:59 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys [2014/04/20 18:15:59 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys [2014/04/20 18:15:59 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax [2014/04/20 18:15:59 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax [2014/04/20 18:15:59 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys [2014/04/20 18:15:59 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys [2014/04/20 18:15:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll [2014/04/20 18:15:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll [2014/04/20 18:15:55 | 009,721,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE [2014/04/20 18:15:55 | 006,118,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys [2014/04/20 18:15:55 | 001,493,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe [2014/04/20 18:15:55 | 000,891,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.CPL [2014/04/20 18:15:55 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2014/04/20 18:15:55 | 000,084,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE [2014/04/20 18:15:54 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2014/04/20 18:15:54 | 000,065,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstIIXP.dll [2014/04/20 18:15:54 | 000,011,368 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoLDRXP.dll [2014/04/20 18:15:53 | 002,815,592 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE [2014/04/20 18:15:53 | 002,180,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe [2014/04/20 18:15:53 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys [2014/04/20 18:15:53 | 001,395,800 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys [2014/04/20 18:15:53 | 000,285,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL [2014/04/20 18:15:53 | 000,064,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE [2014/04/20 18:15:53 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2014/04/20 18:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2014/04/20 18:15:50 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll [2014/04/20 18:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2014/04/20 18:13:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Application Data\Identities [2014/04/20 18:13:07 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2014/04/20 18:13:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cry Wolf\My Documents\My Pictures [2014/04/20 18:13:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cry Wolf\My Documents\My Music [2014/04/20 18:12:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Cry Wolf\Application Data\Microsoft [2014/04/20 18:12:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Cry Wolf\Cookies [2014/04/20 18:12:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Cry Wolf\SendTo [2014/04/20 18:12:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Cry Wolf\Recent [2014/04/20 18:12:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Cry Wolf\Application Data [2014/04/20 18:12:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Startup [2014/04/20 18:12:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cry Wolf\Start Menu [2014/04/20 18:12:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cry Wolf\My Documents [2014/04/20 18:12:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cry Wolf\Favorites [2014/04/20 18:12:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Accessories [2014/04/20 18:12:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Cry Wolf\Templates [2014/04/20 18:12:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Cry Wolf\PrintHood [2014/04/20 18:12:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Cry Wolf\NetHood [2014/04/20 18:12:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Cry Wolf\Local Settings [2014/04/20 18:12:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Local Settings\Application Data\Microsoft [2014/04/20 18:12:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cry Wolf\Desktop [2014/04/20 18:12:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2014/04/20 18:12:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2014/04/20 18:12:22 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2014/04/20 18:12:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2014/04/20 18:12:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2014/04/20 18:12:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2014/04/20 18:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2014/04/20 18:11:16 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime [2014/04/20 18:11:16 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime [2014/04/20 18:11:16 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime [2014/04/20 18:11:16 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime [2014/04/20 18:11:15 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime [2014/04/20 18:11:15 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime [2014/04/20 18:11:15 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll [2014/04/20 18:11:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys [2014/04/20 18:11:14 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll [2014/04/20 18:11:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll [2014/04/20 18:11:14 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll [2014/04/20 18:11:14 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll [2014/04/20 18:11:14 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll [2014/04/20 18:11:14 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll [2014/04/20 18:11:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll [2014/04/20 18:11:14 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll [2014/04/20 18:11:13 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll [2014/04/20 18:11:13 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll [2014/04/20 18:11:13 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll [2014/04/20 18:11:12 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll [2014/04/20 18:11:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime [2014/04/20 18:11:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll [2014/04/20 18:11:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe [2014/04/20 18:11:11 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime [2014/04/20 18:11:11 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe [2014/04/20 18:11:11 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll [2014/04/20 18:11:11 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe [2014/04/20 18:11:11 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys [2014/04/20 18:11:11 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys [2014/04/20 18:11:11 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys [2014/04/20 18:11:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll [2014/04/20 18:11:10 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll [2014/04/20 18:11:10 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll [2014/04/20 18:11:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll [2014/04/20 18:11:09 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll [2014/04/20 18:11:09 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll [2014/04/20 18:11:09 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll [2014/04/20 18:11:08 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll [2014/04/20 18:11:08 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll [2014/04/20 18:11:08 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll [2014/04/20 18:11:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll [2014/04/20 18:11:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe [2014/04/20 18:11:08 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll [2014/04/20 18:11:08 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe [2014/04/20 18:11:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll [2014/04/20 18:11:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll [2014/04/20 18:11:07 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll [2014/04/20 18:11:07 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe [2014/04/20 18:11:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll [2014/04/20 18:11:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll [2014/04/20 18:11:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll [2014/04/20 18:11:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll [2014/04/20 18:11:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll [2014/04/20 18:11:07 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll [2014/04/20 18:11:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll [2014/04/20 18:11:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll [2014/04/20 18:11:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll [2014/04/20 18:11:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll [2014/04/20 18:11:06 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll [2014/04/20 18:11:06 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll [2014/04/20 18:11:06 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll [2014/04/20 18:11:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll [2014/04/20 18:11:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll [2014/04/20 18:11:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll [2014/04/20 18:11:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll [2014/04/20 18:11:06 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll [2014/04/20 18:11:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll [2014/04/20 18:11:04 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll [2014/04/20 18:11:04 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2014/04/20 18:11:04 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2014/04/20 18:11:04 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll [2014/04/20 18:11:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll [2014/04/20 18:11:04 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll [2014/04/20 18:11:03 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2014/04/20 18:11:03 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll [2014/04/20 18:11:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime [2014/04/20 18:11:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe [2014/04/20 18:11:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll [2014/04/20 18:11:02 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime [2014/04/20 18:11:02 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys [2014/04/20 18:11:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe [2014/04/20 18:11:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe [2014/04/20 18:11:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe [2014/04/20 18:11:01 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2014/04/20 18:11:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2014/04/20 18:11:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll [2014/04/20 18:11:00 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2014/04/20 18:11:00 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime [2014/04/20 18:11:00 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2014/04/20 18:11:00 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2014/04/20 18:11:00 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll [2014/04/20 18:11:00 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll [2014/04/20 18:11:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2014/04/20 18:10:59 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2014/04/20 18:10:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll [2014/04/20 18:10:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll [2014/04/20 18:10:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll [2014/04/20 18:10:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll [2014/04/20 18:10:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll [2014/04/20 18:10:58 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2014/04/20 18:10:57 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll [2014/04/20 18:10:56 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2014/04/20 18:10:56 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe [2014/04/20 18:10:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe [2014/04/20 18:10:54 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2014/04/20 18:10:54 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2014/04/20 18:10:52 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2014/04/20 18:10:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe [2014/04/20 18:10:51 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2014/04/20 18:10:51 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll [2014/04/20 18:10:51 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2014/04/20 18:10:51 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll [2014/04/20 18:10:51 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll [2014/04/20 18:10:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll [2014/04/20 18:10:50 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll [2014/04/20 18:10:50 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll [2014/04/20 18:10:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll [2014/04/20 18:10:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll [2014/04/20 18:10:49 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2014/04/20 18:10:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2014/04/20 18:10:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2014/04/20 18:10:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2014/04/20 18:10:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2014/04/20 18:10:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2014/04/20 18:10:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2014/04/20 18:10:48 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2014/04/20 18:10:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2014/04/20 18:10:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2014/04/20 18:10:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll [2014/04/20 18:10:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll [2014/04/20 18:10:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2014/04/20 18:10:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2014/04/20 18:10:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2014/04/20 18:10:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2014/04/20 18:10:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2014/04/20 18:10:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2014/04/20 18:10:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2014/04/20 18:10:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2014/04/20 18:10:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2014/04/20 18:10:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2014/04/20 18:10:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2014/04/20 18:10:47 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2014/04/20 18:10:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll [2014/04/20 18:10:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll [2014/04/20 18:10:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll [2014/04/20 18:10:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll [2014/04/20 18:10:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll [2014/04/20 18:10:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2014/04/20 18:10:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2014/04/20 18:10:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2014/04/20 18:10:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2014/04/20 18:10:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2014/04/20 18:10:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2014/04/20 18:10:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2014/04/20 18:10:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2014/04/20 18:10:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2014/04/20 18:10:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2014/04/20 18:10:46 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll [2014/04/20 18:10:46 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll [2014/04/20 18:10:46 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll [2014/04/20 18:10:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll [2014/04/20 18:10:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll [2014/04/20 18:10:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll [2014/04/20 18:10:45 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2014/04/20 18:10:45 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2014/04/20 18:10:45 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2014/04/20 18:10:45 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2014/04/20 18:10:45 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2014/04/20 18:10:45 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe [2014/04/20 18:10:45 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2014/04/20 18:10:45 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe [2014/04/20 18:10:44 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2014/04/20 18:10:44 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2014/04/20 18:10:44 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2014/04/20 18:10:44 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2014/04/20 18:10:44 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2014/04/20 18:10:44 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2014/04/20 18:10:44 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2014/04/20 18:10:44 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2014/04/20 18:10:43 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2014/04/20 18:10:43 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2014/04/20 18:10:43 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2014/04/20 18:10:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll [2014/04/20 18:10:43 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2014/04/20 18:10:43 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime [2014/04/20 18:10:43 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll [2014/04/20 18:10:43 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll [2014/04/20 18:10:43 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe [2014/04/20 18:10:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll [2014/04/20 18:10:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll [2014/04/20 18:10:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe [2014/04/20 18:10:43 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll [2014/04/20 18:10:42 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll [2014/04/20 18:10:42 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll [2014/04/20 18:10:42 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll [2014/04/20 18:10:40 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll [2014/04/20 18:10:37 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2014/04/20 18:10:37 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll [2014/04/20 18:10:37 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll [2014/04/20 18:10:36 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll [2014/04/20 18:10:36 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll [2014/04/20 18:10:36 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll [2014/04/20 18:10:35 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll [2014/04/20 18:10:35 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll [2014/04/20 18:10:35 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll [2014/04/20 18:10:35 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe [2014/04/20 18:10:35 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll [2014/04/20 18:10:35 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll [2014/04/20 18:10:35 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll [2014/04/20 18:10:35 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll [2014/04/20 18:10:35 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2014/04/20 18:10:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2014/04/20 18:10:34 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll [2014/04/20 18:10:34 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll [2014/04/20 18:10:34 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe [2014/04/20 18:10:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe [2014/04/20 18:10:34 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2014/04/20 18:10:34 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll [2014/04/20 18:10:34 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2014/04/20 18:10:34 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll [2014/04/20 18:10:34 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll [2014/04/20 18:10:34 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll [2014/04/20 18:10:34 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll [2014/04/20 18:10:34 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll [2014/04/20 18:10:34 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll [2014/04/20 18:10:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll [2014/04/20 18:10:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll [2014/04/20 18:10:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll [2014/04/20 18:10:33 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll [2014/04/20 18:10:33 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe [2014/04/20 18:10:33 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll [2014/04/20 18:10:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2014/04/20 18:10:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2014/04/20 18:10:32 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll [2014/04/20 18:10:32 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe [2014/04/20 18:10:32 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2014/04/20 18:10:32 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2014/04/20 18:10:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2014/04/20 18:10:32 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2014/04/20 18:10:32 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2014/04/20 18:10:32 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe [2014/04/20 18:10:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll [2014/04/20 18:10:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll [2014/04/20 18:10:31 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll [2014/04/20 18:10:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime [2014/04/20 18:10:29 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe [2014/04/20 18:10:28 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe [2014/04/20 18:10:28 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe [2014/04/20 18:10:28 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll [2014/04/20 18:10:28 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll [2014/04/20 18:10:28 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2014/04/20 18:10:27 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2014/04/20 18:10:27 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2014/04/20 18:10:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll [2014/04/20 18:10:27 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2014/04/20 18:10:26 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2014/04/20 18:10:26 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2014/04/20 18:10:26 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2014/04/20 18:10:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2014/04/20 18:10:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2014/04/20 18:10:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2014/04/20 18:10:25 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime [2014/04/20 18:10:25 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2014/04/20 18:10:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2014/04/20 18:10:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2014/04/20 18:10:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2014/04/20 18:10:24 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll [2014/04/20 18:10:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll [2014/04/20 18:10:20 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll [2014/04/20 18:10:20 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll [2014/04/20 18:10:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll [2014/04/20 18:10:19 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll [2014/04/20 18:10:19 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll [2014/04/20 18:10:19 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll [2014/04/20 18:10:19 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2014/04/20 18:10:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll [2014/04/20 18:10:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll [2014/04/20 18:10:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll [2014/04/20 18:10:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll [2014/04/20 18:10:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll [2014/04/20 18:10:18 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll [2014/04/20 18:10:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll [2014/04/20 18:10:18 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll [2014/04/20 18:10:18 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll [2014/04/20 18:10:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll [2014/04/20 18:10:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2014/04/20 18:10:16 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe [2014/04/20 18:10:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll [2014/04/20 18:10:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll [2014/04/20 18:10:15 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll [2014/04/20 18:10:15 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll [2014/04/20 18:10:15 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll [2014/04/20 18:10:15 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe [2014/04/20 18:10:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll [2014/04/20 18:10:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx [2014/04/20 18:10:13 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll [2014/04/20 18:10:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll [2014/04/20 18:10:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll [2014/04/20 18:10:12 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll [2014/04/20 18:10:12 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll [2014/04/20 18:10:12 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll [2014/04/20 18:10:12 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll [2014/04/20 18:10:12 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll [2014/04/20 18:10:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe [2014/04/20 18:10:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe [2014/04/20 18:10:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe [2014/04/20 18:10:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll [2014/04/20 18:10:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll [2014/04/20 18:10:11 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll [2014/04/20 18:10:11 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll [2014/04/20 18:10:11 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe [2014/04/20 18:10:11 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe [2014/04/20 18:10:11 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll [2014/04/20 18:10:11 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe [2014/04/20 18:10:11 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe [2014/04/20 18:10:10 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll [2014/04/20 18:10:10 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll [2014/04/20 18:10:10 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll [2014/04/20 18:10:10 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll [2014/04/20 18:10:10 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll [2014/04/20 18:10:10 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll [2014/04/20 18:10:10 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll [2014/04/20 18:10:10 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll [2014/04/20 18:10:10 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll [2014/04/20 18:10:09 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll [2014/04/20 18:10:09 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx [2014/04/20 18:10:09 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe [2014/04/20 18:10:09 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx [2014/04/20 18:10:09 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx [2014/04/20 18:10:09 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll [2014/04/20 18:10:09 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll [2014/04/20 18:10:09 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe [2014/04/20 18:10:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll [2014/04/20 18:10:08 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll [2014/04/20 18:10:08 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe [2014/04/20 18:10:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2014/04/20 18:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2014/04/20 18:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2014/04/20 18:09:37 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll [2014/04/20 18:09:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2014/04/20 18:09:00 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2014/04/20 18:09:00 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2014/04/20 18:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\WindowsUpdate [2014/04/20 18:08:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2014/04/20 18:08:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll [2014/04/20 18:08:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll [2014/04/20 18:08:33 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe [2014/04/20 18:08:33 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe [2014/04/20 18:08:33 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll [2014/04/20 18:08:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll [2014/04/20 18:08:26 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe [2014/04/20 18:08:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll [2014/04/20 18:08:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll [2014/04/20 18:08:25 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll [2014/04/20 18:08:25 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll [2014/04/20 18:08:25 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe [2014/04/20 18:08:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe [2014/04/20 18:08:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe [2014/04/20 18:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2014/04/20 18:08:22 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe [2014/04/20 18:08:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll [2014/04/20 18:08:22 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll [2014/04/20 18:08:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll [2014/04/20 18:08:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll [2014/04/20 18:08:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe [2014/04/20 18:08:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll [2014/04/20 18:08:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll [2014/04/20 18:08:22 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2014/04/20 18:08:21 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll [2014/04/20 18:08:21 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx [2014/04/20 18:08:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2014/04/20 18:08:19 | 000,726,078 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll [2014/04/20 18:08:19 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll [2014/04/20 18:08:18 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll [2014/04/20 18:08:18 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll [2014/04/20 18:08:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2014/04/20 18:08:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2014/04/20 18:08:17 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2014/04/20 18:08:17 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll [2014/04/20 18:08:17 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2014/04/20 18:08:17 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2014/04/20 18:08:17 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll [2014/04/20 18:08:16 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe [2014/04/20 18:08:16 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll [2014/04/20 18:08:16 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll [2014/04/20 18:08:16 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2014/04/20 18:08:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll [2014/04/20 18:08:16 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2014/04/20 18:08:15 | 001,135,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll [2014/04/20 18:08:15 | 000,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll [2014/04/20 18:08:15 | 000,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll [2014/04/20 18:08:15 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll [2014/04/20 18:08:15 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll [2014/04/20 18:08:15 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe [2014/04/20 18:08:15 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe [2014/04/20 18:08:15 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl [2014/04/20 18:08:15 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll [2014/04/20 18:08:15 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll [2014/04/20 18:08:15 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll [2014/04/20 18:08:15 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe [2014/04/20 18:08:15 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll [2014/04/20 18:08:15 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll [2014/04/20 18:08:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll [2014/04/20 18:08:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll [2014/04/20 18:08:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll [2014/04/20 18:08:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll [2014/04/20 18:08:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll [2014/04/20 18:08:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2014/04/20 18:08:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll [2014/04/20 18:08:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll [2014/04/20 18:08:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll [2014/04/20 18:08:14 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll [2014/04/20 18:08:13 | 004,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll [2014/04/20 18:08:13 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll [2014/04/20 18:08:13 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll [2014/04/20 18:08:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll [2014/04/20 18:08:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll [2014/04/20 18:08:12 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2014/04/20 18:08:12 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll [2014/04/20 18:08:12 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll [2014/04/20 18:08:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll [2014/04/20 18:08:12 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2014/04/20 18:08:01 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll [2014/04/20 18:08:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll [2014/04/20 18:08:00 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll [2014/04/20 18:08:00 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe [2014/04/20 18:08:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll [2014/04/20 18:08:00 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe [2014/04/20 18:08:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll [2014/04/20 18:07:57 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe [2014/04/20 18:07:57 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll [2014/04/20 18:07:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll [2014/04/20 18:07:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll [2014/04/20 18:07:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll [2014/04/20 18:07:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll [2014/04/20 18:07:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll [2014/04/20 18:07:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll [2014/04/20 18:07:57 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll [2014/04/20 18:07:57 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll [2014/04/20 18:07:57 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll [2014/04/20 18:07:56 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe [2014/04/20 18:07:56 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe [2014/04/20 18:07:55 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe [2014/04/20 18:07:55 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2014/04/20 18:07:55 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe [2014/04/20 18:07:55 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys [2014/04/20 18:07:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe [2014/04/20 18:07:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe [2014/04/20 18:07:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll [2014/04/20 18:07:54 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll [2014/04/20 18:07:54 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll [2014/04/20 18:07:54 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll [2014/04/20 18:07:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll [2014/04/20 18:07:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll [2014/04/20 18:07:54 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys [2014/04/20 18:07:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll [2014/04/20 18:07:54 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll [2014/04/20 18:07:54 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll [2014/04/20 18:07:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2014/04/20 18:07:53 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll [2014/04/20 18:07:53 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll [2014/04/20 18:07:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll [2014/04/20 18:07:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll [2014/04/20 18:07:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll [2014/04/20 18:07:53 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll [2014/04/20 18:07:53 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll [2014/04/20 18:07:53 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe [2014/04/20 18:07:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll [2014/04/20 18:07:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll [2014/04/20 18:07:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll [2014/04/20 18:07:52 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll [2014/04/20 18:07:52 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll [2014/04/20 18:07:52 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll [2014/04/20 18:07:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll [2014/04/20 18:07:52 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll [2014/04/20 18:07:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll [2014/04/20 18:07:52 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll [2014/04/20 18:07:52 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll [2014/04/20 18:07:52 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll [2014/04/20 18:07:51 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe [2014/04/20 18:07:51 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll [2014/04/20 18:07:51 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll [2014/04/20 18:07:51 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll [2014/04/20 18:07:51 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll [2014/04/20 18:07:51 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll [2014/04/20 18:07:51 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll [2014/04/20 18:07:51 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll [2014/04/20 18:07:51 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2014/04/20 18:07:51 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll [2014/04/20 18:07:51 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe [2014/04/20 18:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2014/04/20 18:07:50 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2014/04/20 18:07:50 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll [2014/04/20 18:07:50 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll [2014/04/20 18:07:50 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll [2014/04/20 18:07:50 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll [2014/04/20 18:07:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe [2014/04/20 18:07:50 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll [2014/04/20 18:07:50 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll [2014/04/20 18:07:49 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll [2014/04/20 18:07:49 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll [2014/04/20 18:07:48 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll [2014/04/20 18:07:48 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll [2014/04/20 18:07:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll [2014/04/20 18:07:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll [2014/04/20 18:07:48 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll [2014/04/20 18:07:48 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll [2014/04/20 18:07:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe [2014/04/20 18:07:48 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll [2014/04/20 18:07:48 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll [2014/04/20 18:07:48 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe [2014/04/20 18:07:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe [2014/04/20 18:07:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe [2014/04/20 18:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2014/04/20 18:07:47 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll [2014/04/20 18:07:47 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll [2014/04/20 18:07:47 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll [2014/04/20 18:07:47 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe [2014/04/20 18:07:46 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll [2014/04/20 18:07:46 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll [2014/04/20 18:07:46 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe [2014/04/20 18:07:46 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll [2014/04/20 18:07:46 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe [2014/04/20 18:07:46 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll [2014/04/20 18:07:46 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll [2014/04/20 18:07:46 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe [2014/04/20 18:07:45 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll [2014/04/20 18:07:45 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll [2014/04/20 18:07:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll [2014/04/20 18:07:45 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll [2014/04/20 18:07:45 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll [2014/04/20 18:07:45 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll [2014/04/20 18:07:45 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll [2014/04/20 18:07:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll [2014/04/20 18:07:45 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll [2014/04/20 18:07:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll [2014/04/20 18:07:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll [2014/04/20 18:07:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll [2014/04/20 18:07:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll [2014/04/20 18:07:44 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll [2014/04/20 18:07:44 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll [2014/04/20 18:07:44 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll [2014/04/20 18:07:44 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll [2014/04/20 18:07:44 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll [2014/04/20 18:07:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb [2014/04/20 18:07:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb [2014/04/20 18:07:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb [2014/04/20 18:07:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb [2014/04/20 18:07:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb [2014/04/20 18:07:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll [2014/04/20 18:07:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll [2014/04/20 18:07:44 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll [2014/04/20 18:07:44 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll [2014/04/20 18:07:44 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll [2014/04/20 18:07:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll [2014/04/20 18:07:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll [2014/04/20 18:07:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll [2014/04/20 18:07:43 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2014/04/20 18:07:43 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll [2014/04/20 18:07:43 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll [2014/04/20 18:07:43 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll [2014/04/20 18:07:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll [2014/04/20 18:07:43 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll [2014/04/20 18:07:43 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll [2014/04/20 18:07:43 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll [2014/04/20 18:07:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll [2014/04/20 18:07:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll [2014/04/20 18:07:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll [2014/04/20 18:07:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2014/04/20 18:07:42 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe [2014/04/20 18:07:42 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll [2014/04/20 18:07:42 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe [2014/04/20 18:07:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures [2014/04/20 18:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2014/04/20 18:07:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games [2014/04/20 18:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2014/04/20 18:07:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools [2014/04/20 18:07:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration [2014/04/20 18:07:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music [2014/04/20 18:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2014/04/20 18:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services [2014/04/20 18:07:01 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger [2014/04/20 18:07:00 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll [2014/04/20 18:07:00 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll [2014/04/20 18:07:00 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll [2014/04/20 18:07:00 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll [2014/04/20 18:07:00 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll [2014/04/20 18:07:00 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll [2014/04/20 18:07:00 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll [2014/04/20 18:07:00 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe [2014/04/20 18:07:00 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe [2014/04/20 18:07:00 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe [2014/04/20 18:07:00 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe [2014/04/20 18:07:00 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll [2014/04/20 18:06:59 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll [2014/04/20 18:06:59 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll [2014/04/20 18:06:59 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll [2014/04/20 18:06:59 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll [2014/04/20 18:06:59 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe [2014/04/20 18:06:59 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll [2014/04/20 18:06:59 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll [2014/04/20 18:06:59 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll [2014/04/20 18:06:59 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll [2014/04/20 18:06:58 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll [2014/04/20 18:06:58 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe [2014/04/20 18:06:58 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll [2014/04/20 18:06:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe [2014/04/20 18:06:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe [2014/04/20 18:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2014/04/20 18:06:51 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll [2014/04/20 18:06:51 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll [2014/04/20 18:06:51 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe [2014/04/20 18:06:51 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe [2014/04/20 18:06:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll [2014/04/20 18:06:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll [2014/04/20 18:06:51 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll [2014/04/20 18:06:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll [2014/04/20 18:06:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll [2014/04/20 18:06:51 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll [2014/04/20 18:06:50 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe [2014/04/20 18:06:50 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe [2014/04/20 18:06:45 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll [2014/04/20 18:06:45 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll [2014/04/20 18:06:45 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe [2014/04/20 18:06:45 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe [2014/04/20 18:06:44 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe [2014/04/20 18:06:44 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe [2014/04/20 18:06:44 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe [2014/04/20 18:06:44 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe [2014/04/20 18:06:44 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe [2014/04/20 18:06:44 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe [2014/04/20 18:06:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe [2014/04/20 18:06:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe [2014/04/20 18:06:43 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe [2014/04/20 18:06:43 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe [2014/04/20 18:06:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe [2014/04/20 18:06:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe [2014/04/20 18:06:43 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe [2014/04/20 18:06:43 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe [2014/04/20 18:06:43 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe [2014/04/20 18:06:43 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe [2014/04/20 18:06:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe [2014/04/20 18:06:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe [2014/04/20 18:06:43 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe [2014/04/20 18:06:43 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe [2014/04/20 18:06:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe [2014/04/20 18:06:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe [2014/04/20 18:06:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe [2014/04/20 18:06:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe [2014/04/20 18:06:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe [2014/04/20 18:06:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe [2014/04/20 18:06:43 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe [2014/04/20 18:06:43 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe [2014/04/20 18:06:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll [2014/04/20 18:06:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll [2014/04/20 18:06:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe [2014/04/20 18:06:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe [2014/04/20 18:06:42 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb [2014/04/20 18:06:42 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe [2014/04/20 18:06:42 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe [2014/04/20 18:06:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll [2014/04/20 18:06:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll [2014/04/20 18:06:42 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe [2014/04/20 18:06:42 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe [2014/04/20 18:06:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll [2014/04/20 18:06:39 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll [2014/04/20 18:06:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll [2014/04/20 18:06:39 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb [2014/04/20 18:06:39 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll [2014/04/20 18:06:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb [2014/04/20 18:06:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll [2014/04/20 18:06:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe [2014/04/20 18:06:39 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll [2014/04/20 18:06:38 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll [2014/04/20 18:06:38 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll [2014/04/20 18:06:38 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll [2014/04/20 18:06:38 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll [2014/04/20 18:06:38 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll [2014/04/20 18:06:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll [2014/04/20 18:06:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll [2014/04/20 18:06:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe [2014/04/20 18:06:31 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2014/04/20 18:06:31 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe [2014/04/20 18:06:31 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe [2014/04/20 18:06:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe [2014/04/20 18:06:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe [2014/04/20 18:06:31 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe [2014/04/20 18:06:31 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2014/04/20 18:06:31 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl [2014/04/20 18:06:31 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl [2014/04/20 18:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSN [2014/04/20 18:06:30 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe [2014/04/20 18:06:30 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll [2014/04/20 18:06:30 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe [2014/04/20 18:06:30 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe [2014/04/20 18:06:30 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe [2014/04/20 18:06:30 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe [2014/04/20 18:06:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2014/04/20 18:06:29 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe [2014/04/20 18:06:29 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe [2014/04/20 18:06:29 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2014/04/20 18:06:29 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll [2014/04/20 18:06:29 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll [2014/04/20 18:06:29 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys [2014/04/20 18:06:29 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys [2014/04/20 18:06:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2014/04/20 18:06:28 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll [2014/04/20 18:06:28 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe [2014/04/20 18:06:28 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2014/04/20 18:06:28 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll [2014/04/20 18:06:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll [2014/04/20 18:06:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2014/04/20 18:06:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2014/04/20 18:06:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll [2014/04/20 18:06:27 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll [2014/04/20 18:06:27 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll [2014/04/20 18:06:27 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll [2014/04/20 18:06:27 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe [2014/04/20 18:06:27 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll [2014/04/20 18:06:27 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll [2014/04/20 18:06:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe [2014/04/20 18:06:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe [2014/04/20 18:06:27 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe [2014/04/20 18:06:27 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe [2014/04/20 18:06:27 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll [2014/04/20 18:06:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll [2014/04/20 18:06:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll [2014/04/20 18:06:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe [2014/04/20 18:06:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe [2014/04/20 18:06:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe [2014/04/20 18:06:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe [2014/04/20 18:06:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll [2014/04/20 18:06:26 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll [2014/04/20 18:06:26 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll [2014/04/20 18:06:26 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll [2014/04/20 18:06:26 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll [2014/04/20 18:06:26 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll [2014/04/20 18:06:26 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll [2014/04/20 18:06:26 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll [2014/04/20 18:06:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll [2014/04/20 18:06:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll [2014/04/20 18:06:26 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll [2014/04/20 18:06:26 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll [2014/04/20 18:06:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2014/04/20 18:06:25 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll [2014/04/20 18:06:25 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll [2014/04/20 18:06:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll [2014/04/20 18:06:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll [2014/04/20 18:06:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll [2014/04/20 18:06:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll [2014/04/20 18:06:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe [2014/04/20 18:06:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe [2014/04/20 18:06:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe [2014/04/20 18:06:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe [2014/04/20 18:06:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe [2014/04/20 18:06:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll [2014/04/20 18:06:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll [2014/04/20 18:06:24 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll [2014/04/20 18:06:24 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll [2014/04/20 18:06:24 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll [2014/04/20 18:06:24 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll [2014/04/20 18:06:24 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll [2014/04/20 18:06:24 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll [2014/04/20 18:06:24 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll [2014/04/20 18:06:24 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll [2014/04/20 18:06:24 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll [2014/04/20 18:06:24 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll [2014/04/20 18:06:24 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll [2014/04/20 18:06:24 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll [2014/04/20 18:06:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll [2014/04/20 18:06:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll [2014/04/20 18:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2014/04/20 18:06:23 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll [2014/04/20 18:06:23 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll [2014/04/20 18:06:23 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll [2014/04/20 18:06:23 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll [2014/04/20 18:06:23 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll [2014/04/20 18:06:23 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll [2014/04/20 18:06:22 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll [2014/04/20 18:06:22 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll [2014/04/20 18:06:22 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll [2014/04/20 18:06:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll [2014/04/20 18:06:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll [2014/04/20 18:06:22 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll [2014/04/20 18:06:21 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll [2014/04/20 18:06:21 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe [2014/04/20 18:06:21 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll [2014/04/20 18:06:21 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll [2014/04/20 18:06:21 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll [2014/04/20 18:06:21 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe [2014/04/20 18:06:21 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll [2014/04/20 18:06:21 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll [2014/04/20 18:06:21 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll [2014/04/20 18:06:21 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll [2014/04/20 18:06:21 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll [2014/04/20 18:06:21 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll [2014/04/20 18:06:21 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe [2014/04/20 18:06:21 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe [2014/04/20 18:06:21 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll [2014/04/20 18:06:21 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll [2014/04/20 18:06:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll [2014/04/20 18:06:21 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll [2014/04/20 18:06:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll [2014/04/20 18:06:21 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll [2014/04/20 18:06:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll [2014/04/20 18:06:20 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll [2014/04/20 18:06:20 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll [2014/04/20 18:06:20 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll [2014/04/20 18:06:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll [2014/04/20 18:06:20 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll [2014/04/20 18:06:20 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll [2014/04/20 18:06:20 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe [2014/04/20 18:06:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll [2014/04/20 18:06:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe [2014/04/20 18:06:19 | 001,358,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll [2014/04/20 18:06:19 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll [2014/04/20 18:06:19 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll [2014/04/20 18:06:19 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll [2014/04/20 18:06:19 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll [2014/04/20 18:06:18 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll [2014/04/20 18:06:18 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll [2014/04/20 18:06:18 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll [2014/04/20 18:06:18 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll [2014/04/20 18:06:18 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll [2014/04/20 18:06:18 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll [2014/04/20 18:06:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos [2014/04/20 18:05:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014/04/23 12:45:09 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2014/04/23 12:14:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2014/04/23 12:12:31 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2014/04/23 12:11:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014/04/23 10:56:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2014/04/22 17:46:44 | 000,045,194 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Application Data\room_v3.dat [2014/04/22 16:46:08 | 000,308,717 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Desktop\Asiko_2014_04_22_at_16_44_57.jpg [2014/04/22 16:45:48 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2014/04/22 16:45:48 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2014/04/22 16:45:48 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2014/04/22 16:45:48 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2014/04/22 16:45:48 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2014/04/22 13:44:01 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014/04/21 20:18:21 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Application Data\Microsoft\Internet Explorer\Quick Launch\BS.Player PRO.lnk [2014/04/21 20:18:21 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Desktop\BS.Player PRO.lnk [2014/04/21 10:55:58 | 000,058,515 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Desktop\Game of Thrones S04E03 hdtv FUM.srt [2014/04/21 10:07:40 | 001,575,809 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\My Documents\IMG_21042014_100726.png [2014/04/21 09:14:10 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2014/04/20 21:04:53 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2014/04/20 19:53:08 | 000,432,856 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2014/04/20 19:53:08 | 000,067,560 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2014/04/20 19:21:28 | 000,042,911 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\My Documents\Warcraft III DOTA-Garena.torrent [2014/04/20 19:21:08 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk [2014/04/20 19:11:42 | 000,044,317 | ---- | M] () -- C:\WINDOWS\War3Unin.dat [2014/04/20 19:11:39 | 000,112,019 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Desktop\1293601.jpg [2014/04/20 19:11:28 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe [2014/04/20 19:11:28 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif [2014/04/20 18:56:18 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Startup\MagicDisc.lnk [2014/04/20 18:56:18 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Desktop\MagicDisc.lnk [2014/04/20 18:27:25 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2014/04/20 18:27:25 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2014/04/20 18:24:58 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2014/04/20 18:22:50 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Garena Plus.lnk [2014/04/20 18:21:57 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2014/04/20 18:19:56 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav [2014/04/20 18:19:56 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav [2014/04/20 18:15:27 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Desktop\My Computer.lnk [2014/04/20 18:13:15 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2014/04/20 18:13:14 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Cry Wolf\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf [2014/04/20 18:12:13 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2014/04/20 18:11:28 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2014/04/20 18:09:47 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2014/04/20 18:09:47 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS [2014/04/20 18:09:47 | 000,000,000 | R-S- | M] () -- C:\IO.SYS [2014/04/20 18:09:47 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2014/04/20 18:09:47 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2014/04/20 18:09:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2014/04/20 18:09:44 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2014/04/20 18:09:44 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2014/04/20 18:09:37 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2014/04/20 18:07:24 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2014/04/22 17:46:44 | 000,045,194 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Application Data\room_v3.dat [2014/04/22 16:45:14 | 000,308,717 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Desktop\Asiko_2014_04_22_at_16_44_57.jpg [2014/04/21 20:18:21 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Application Data\Microsoft\Internet Explorer\Quick Launch\BS.Player PRO.lnk [2014/04/21 20:18:21 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Desktop\BS.Player PRO.lnk [2014/04/21 12:47:01 | 000,058,515 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Desktop\Game of Thrones S04E03 hdtv FUM.srt [2014/04/21 10:07:34 | 001,575,809 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\My Documents\IMG_21042014_100726.png [2014/04/21 09:37:54 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014/04/20 21:04:53 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF [2014/04/20 21:02:35 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2014/04/20 21:02:33 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2014/04/20 21:02:33 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2014/04/20 21:02:33 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2014/04/20 21:02:33 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2014/04/20 21:02:19 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2014/04/20 21:00:32 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT [2014/04/20 21:00:32 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2014/04/20 21:00:32 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2014/04/20 21:00:32 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2014/04/20 21:00:32 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2014/04/20 21:00:32 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2014/04/20 21:00:32 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2014/04/20 21:00:32 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2014/04/20 21:00:32 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat [2014/04/20 21:00:32 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2014/04/20 21:00:32 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat [2014/04/20 21:00:32 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2014/04/20 21:00:32 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2014/04/20 21:00:32 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2014/04/20 21:00:32 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2014/04/20 21:00:32 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2014/04/20 21:00:32 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2014/04/20 21:00:31 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2014/04/20 21:00:31 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2014/04/20 20:59:58 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2014/04/20 20:59:14 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2014/04/20 19:53:05 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2014/04/20 19:21:17 | 000,042,911 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\My Documents\Warcraft III DOTA-Garena.torrent [2014/04/20 19:21:08 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk [2014/04/20 19:11:38 | 000,112,019 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Desktop\1293601.jpg [2014/04/20 19:01:55 | 000,044,317 | ---- | C] () -- C:\WINDOWS\War3Unin.dat [2014/04/20 19:01:55 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif [2014/04/20 18:56:18 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Startup\MagicDisc.lnk [2014/04/20 18:56:18 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Desktop\MagicDisc.lnk [2014/04/20 18:27:26 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2014/04/20 18:24:58 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2014/04/20 18:22:50 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Garena Plus.lnk [2014/04/20 18:21:57 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk [2014/04/20 18:21:57 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2014/04/20 18:19:56 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav [2014/04/20 18:19:56 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav [2014/04/20 18:17:59 | 000,010,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2014/04/20 18:15:53 | 000,025,548 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2014/04/20 18:15:27 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Desktop\My Computer.lnk [2014/04/20 18:13:14 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf [2014/04/20 18:13:09 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Outlook Express.lnk [2014/04/20 18:13:07 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2014/04/20 18:13:07 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Internet Explorer.lnk [2014/04/20 18:12:51 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Remote Assistance.lnk [2014/04/20 18:12:51 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Cry Wolf\Start Menu\Programs\Windows Media Player.lnk [2014/04/20 18:12:13 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2014/04/20 18:11:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2014/04/20 18:11:00 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2014/04/20 18:10:49 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2014/04/20 18:10:45 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2014/04/20 18:10:44 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2014/04/20 18:10:43 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2014/04/20 18:10:38 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2014/04/20 18:10:36 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2014/04/20 18:10:33 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2014/04/20 18:10:26 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2014/04/20 18:09:47 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2014/04/20 18:09:47 | 000,000,000 | R-S- | C] () -- C:\MSDOS.SYS [2014/04/20 18:09:47 | 000,000,000 | R-S- | C] () -- C:\IO.SYS [2014/04/20 18:09:47 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2014/04/20 18:09:47 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2014/04/20 18:09:44 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2014/04/20 18:09:44 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2014/04/20 18:09:43 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2014/04/20 18:08:52 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk [2014/04/20 18:08:43 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2014/04/20 18:08:32 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2014/04/20 18:08:32 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2014/04/20 18:08:26 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2014/04/20 18:07:56 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2014/04/20 18:07:26 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk [2014/04/20 18:07:24 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2014/04/20 18:07:06 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk [2014/04/20 18:06:46 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp [2014/04/20 18:06:46 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp [2014/04/20 18:06:46 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp [2014/04/20 18:06:46 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp [2014/04/20 18:06:46 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp [2014/04/20 18:06:46 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp [2014/04/20 18:06:46 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp [2014/04/20 18:06:46 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp [2014/04/20 18:06:46 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp [2014/04/20 18:06:46 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp [2014/04/20 18:06:46 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp [2014/04/20 18:06:43 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2014/04/20 18:06:43 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2014/04/20 18:06:42 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2014/04/20 18:06:37 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [2012/09/27 11:22:57 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin ========== ZeroAccess Check ========== [2014/04/20 19:52:06 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 15:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 15:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 15:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2014/04/22 16:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2014/04/21 15:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Garena [2014/04/23 12:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger [2014/04/23 12:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cry Wolf\Application Data\BitComet [2014/04/21 22:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cry Wolf\Application Data\BSplayer PRO [2014/04/21 15:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cry Wolf\Application Data\Garena [2014/04/23 12:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cry Wolf\Application Data\GarenaPlus ========== Purity Check ========== < End of report > Garena : O platforma de game`ing Avast Software - e doar un proxy, nu e antivirusul Edited by Crywolff, 23 April 2014 - 11:52. |
#6
Posted 23 April 2014 - 12:11
|
Ruleaza din nou OTL.
Copiaza ce e citat mai jos si "Paste"(Lipeste) textul in OTL. Quote
:PROCESSES killallprocesses :OTL DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\femun.sys -- (abp470n5) FF - user.js - File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] nwiz.exe /installquiet File not found [2014/04/20 18:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\sweetpacks bundle uninstaller [2014/04/20 18:22:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger [2014/04/23 12:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger :Files ipconfig /flushdns /c :Commands [purity] [CLEARALLRESTOREPOINTS] [emptytemp] [emptyjava] [emptyflash] [Reboot] Vezi pe imagine cum. Apasa Run Fix. Posteaza logul aici. [ http://s23.postimg.org/6ui8tyrrv/OTLsc.jpg - Pentru incarcare in pagina (embed) Click aici ] |
#7
Posted 23 April 2014 - 12:21
|
All processes killed
========== PROCESSES ========== ========== OTL ========== Service WDICA stopped successfully! Service WDICA deleted successfully! Service PDRFRAME stopped successfully! Service PDRFRAME deleted successfully! Service PDRELI stopped successfully! Service PDRELI deleted successfully! Service PDFRAME stopped successfully! Service PDFRAME deleted successfully! Service PDCOMP stopped successfully! Service PDCOMP deleted successfully! Service PCIDump stopped successfully! Service PCIDump deleted successfully! Service lbrtfdc stopped successfully! Service lbrtfdc deleted successfully! Service i2omgmt stopped successfully! Service i2omgmt deleted successfully! Service GGSAFERDriver stopped successfully! Service GGSAFERDriver deleted successfully! File C:\Program Files\Garena Plus\Room\safedrv.sys not found. Service Changer stopped successfully! Service Changer deleted successfully! Error: Unable to stop service abp470n5! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\abp470n5 deleted successfully. File C:\WINDOWS\system32\drivers\femun.sys not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NvCplDaemon deleted successfully. C:\WINDOWS\system32\nvcpl.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NvMediaCenter deleted successfully. C:\WINDOWS\system32\nvmctray.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nwiz deleted successfully. C:\Program Files\sweetpacks bundle uninstaller folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\user\26827519\OfflineFileDownload folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\user\26827519 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\user\154536570 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\user folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\UpdateManager folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\update\12412 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\update folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\theme\cache\preview folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\theme\cache folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\theme folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\update folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\emotion\yahoo folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\emotion\sys folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\emotion\redman folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\emotion\msn folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\emotion\lol2 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\emotion\lol1 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\emotion\ezgirl folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\emotion folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\avatar\xim folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\avatar\system folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\avatar\group folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata\avatar folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\resdata folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\poe folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\pbth folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\pb folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\mstartw folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\mstar folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\lolvn folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\loltw folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\lolth folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\lolph folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\lolid folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\lol folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\honcis folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\hon folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\fo3vn folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\fo3th folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\fo3id folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\fo3 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\fctw folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\elsph folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\dnf folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\blackshot folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins\avatw folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\plugins folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\garena.game.plugins folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\screencapture folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\emoticon folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\customAvatar\buddy folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\customAvatar folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\9092 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\86506 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\8556 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\774301 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\715289 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\677634 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\665544 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\633994 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\629039 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\5728 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\548690 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\4609 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\3981 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\397115 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\3908 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\3864 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\3834 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\3368 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\2824 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\2692 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\26425 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\261914 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\245595 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\24156 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\19720 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\134517 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\110528 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\10431 folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan\101522 folder moved successfully. Folder move failed. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan scheduled to be moved on reboot. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\background folder moved successfully. Folder move failed. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\All Users\Application Data\GarenaMessenger scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\All Users\Application Data\GarenaMessenger scheduled to be moved on reboot. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Documents and Settings\Cry Wolf\My Documents\Downloads\cmd.bat deleted successfully. C:\Documents and Settings\Cry Wolf\My Documents\Downloads\cmd.txt deleted successfully. ========== COMMANDS ========== Restore point Set: OTL Restore Point [EMPTYTEMP] User: All Users User: Cry Wolf ->Temp folder emptied: 68484406 bytes ->Temporary Internet Files folder emptied: 9910989 bytes ->FireFox cache emptied: 383223478 bytes ->Flash cache emptied: 3448 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2402044 bytes %systemroot%\System32 .tmp files removed: 2577 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 16384 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 443.00 mb [EMPTYJAVA] User: All Users User: Cry Wolf User: Default User User: LocalService User: NetworkService Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Cry Wolf ->Flash cache emptied: 0 bytes User: Default User User: LocalService User: NetworkService Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 04232014_131500 Files\Folders moved on Reboot... C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache\clan folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger\cache folder moved successfully. C:\Documents and Settings\All Users\Application Data\GarenaMessenger folder moved successfully. C:\WINDOWS\temp\Perflib_Perfdata_d78.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... Cand mi`a aparut logul ( dupa Reboot ) mi`a dat si eroarea asta : Error loading C:\WINDOWS\system32\NvCpl.dll The specified module could not be found |
#8
Posted 23 April 2014 - 12:26
|
Reinstaleaza driverul video(NVIDIA).
Reseteaza Mozilla Firefox. [ http://s11.postimage.org/7rjmblglv/image.jpg - Pentru incarcare in pagina (embed) Click aici ] Descarca Complete Internet Repair. Bifezi tot si apesi pe GO. [ http://i1-win.softpedia-static.com/screenshots/Complete-Internet-Repair_1.png - Pentru incarcare in pagina (embed) Click aici ] |
#9
Posted 23 April 2014 - 12:44
|
Merge perfect.
Iti multumesc frumos. O zi buna in continuare ! P.S. : imi poti recomanda un antivirus bun, care sa nu "manance" multe resurse? ( 2gb rami am ) |
#10
Posted 23 April 2014 - 12:53
|
Personal am folosit Avast.
Vezi daca te ajuta asta: http://forum.softped...osesti-in-2014/ Numai bine. |
|
Anunturi
Bun venit pe Forumul Softpedia!
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
-
- Change Theme
- English
- Mark Community Read
- Termene & conditii
- Confidentialitate
- Consimtamant
- Cookies
- Help
© 2001-2024 Softpedia. All rights reserved. Softpedia® and the Softpedia logo are registered trademarks of SoftNews Net SRL.
Ora implicita a Forumului Softpedia este ora standard a Romaniei (GMT+2). Mai multe informatii →
⚠ Postarile afisate pe Forumul Softpedia reprezinta o opinie subiectiva a membrilor care le-au publicat si nu a SoftNews Net SRL.