[code] OTS logfile created on: 10/24/2009 7:55:57 AM - Run 1 OTS by OldTimer - Version 3.0.23.1 Folder = C:\Users\Jayordan\Downloads Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16916) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.02% Memory free 4.00 Gb Paging File | 3.19 Gb Available in Paging File | 79.80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 229.83 Gb Total Space | 59.95 Gb Free Space | 26.08% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JAYORDAN-PC Current User Name: Jayordan Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] avp.exe -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -> [2009/10/20 20:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) avp.exe -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -> [2009/10/20 20:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) drgtodsc.exe -> C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe -> [2006/08/17 09:00:00 | 01,116,920 | ---- | M] (Roxio) explorer.exe -> C:\Windows\explorer.exe -> [2008/10/28 23:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2009/09/13 08:57:36 | 00,307,704 | ---- | M] (Mozilla Corporation) issch.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> [2006/10/03 11:37:04 | 00,081,920 | ---- | M] (Macrovision Corporation) issch.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> [2006/10/03 11:37:04 | 00,081,920 | ---- | M] (Macrovision Corporation) jusched.exe -> C:\Program Files\Java\jre6\bin\jusched.exe -> [2009/03/09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) mdnsresponder.exe -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) msascui.exe -> C:\Program Files\Windows Defender\MSASCui.exe -> [2008/08/17 03:20:03 | 01,006,264 | ---- | M] (Microsoft Corporation) oem02mon.exe -> C:\Windows\OEM02Mon.exe -> [2007/05/09 17:01:00 | 00,036,864 | ---- | M] (Creative Technology Ltd.) ots.exe -> C:\Users\Jayordan\Downloads\OTS.exe -> [2009/10/23 23:53:07 | 00,521,728 | ---- | M] (OldTimer Tools) realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2008/08/17 18:11:26 | 00,185,896 | ---- | M] (RealNetworks, Inc.) stacsv.exe -> C:\Windows\System32\STacSV.exe -> [2007/03/06 12:38:28 | 00,090,112 | ---- | M] (SigmaTel, Inc.) sttray.exe -> C:\Windows\sttray.exe -> [2007/03/06 12:37:30 | 00,303,104 | ---- | M] (SigmaTel, Inc.) wmdsync.exe -> C:\Windows\WindowsMobile\wmdSync.exe -> [2006/11/02 02:45:59 | 00,215,552 | ---- | M] (Microsoft Corporation) wmiprvse.exe -> C:\Windows\System32\wbem\wmiprvse.exe -> [2009/03/02 18:59:26 | 00,247,296 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (Bonjour Service) ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## [Win32_Own | Auto | Running] -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/27 11:00:25 | 00,069,632 | ---- | M] (Microsoft Corporation) (ehRecvr) Windows Media Center Receiver Service [Win32_Own | On_Demand | Stopped] -> C:\Windows\ehome\ehRecvr.exe -> [2006/11/02 05:35:28 | 00,291,840 | ---- | M] (Microsoft Corporation) (ehSched) Windows Media Center Scheduler Service [Win32_Own | On_Demand | Stopped] -> C:\Windows\ehome\ehsched.exe -> [2006/11/02 05:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) (ehstart) Windows Media Center Service Launcher [Win32_Shared | Auto | Stopped] -> C:\Windows\ehome\ehstart.dll -> [2006/11/02 05:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) (Eventlog) Windows Event Log [Win32_Shared | Auto | Running] -> C:\Windows\System32\wevtsvc.dll -> [2006/11/02 02:46:13 | 00,989,696 | ---- | M] (Microsoft Corporation) (FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2008/08/11 17:21:16 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) (FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/06/19 18:18:04 | 00,046,104 | ---- | M] (Microsoft Corporation) (gusvc) Google Software Updater [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/04/21 22:15:34 | 00,182,768 | ---- | M] (Google) (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/06/19 18:17:49 | 00,881,664 | ---- | M] (Microsoft Corporation) (Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Win32_Own | Auto | Stopped] -> -> File not found (NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/06/19 18:17:50 | 00,132,096 | ---- | M] (Microsoft Corporation) (RapiMgr) Windows Mobile-based device connectivity [Win32_Shared | Auto | Running] -> C:\Windows\WindowsMobile\rapimgr.dll -> [2006/11/02 02:46:12 | 00,167,424 | ---- | M] (Microsoft Corporation) (RoxMediaDB9) RoxMediaDB9 [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -> [2006/11/05 11:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) (RoxWatch9) Roxio Hard Drive Watcher 9 [Win32_Own | Auto | Stopped] -> C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -> [2006/11/05 11:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) (STacSV) SigmaTel Audio Service [Win32_Own | Auto | Running] -> C:\Windows\System32\STacSV.exe -> [2007/03/06 12:38:28 | 00,090,112 | ---- | M] (SigmaTel, Inc.) (stllssvr) stllssvr [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -> [2006/09/14 14:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) (usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) (WcesComm) Windows Mobile 2003-based device connectivity [Win32_Shared | Auto | Running] -> C:\Windows\WindowsMobile\wcescomm.dll -> [2006/11/02 02:46:13 | 00,365,568 | ---- | M] (Microsoft Corporation) (WinDefend) Windows Defender [Win32_Shared | Auto | Running] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2008/08/17 03:20:02 | 00,265,912 | ---- | M] (Microsoft Corporation) (WLSetupSvc) Windows Live Setup Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) (WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Windows Media Player\wmpnetwk.exe -> [2006/11/02 05:36:04 | 00,895,488 | ---- | M] (Microsoft Corporation) (AVP) Kaspersky Anti-Virus [Win32_Own | Auto | Running] -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -> [2009/10/20 20:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) [Driver Services - Safe List] (adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2006/11/02 02:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) (adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2006/11/02 02:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2006/11/02 02:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) (adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2006/11/02 02:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 02:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) (aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2007/02/21 12:49:47 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) (arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2006/11/02 02:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) (arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2006/11/02 02:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) (bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\bcm4sbxp.sys -> [2006/11/02 00:30:53 | 00,045,056 | ---- | M] (Broadcom Corporation) (BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 01:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) (BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 01:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) (Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 01:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) (BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 01:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) (BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 01:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) (BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 01:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) (cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2007/02/21 12:49:47 | 00,016,488 | ---- | M] (CMD Technology, Inc.) (DLABMFSM) DLABMFSM [File_System | Auto | Running] -> C:\Windows\System32\DLA\DLABMFSM.SYS -> [2006/08/18 13:17:46 | 00,035,096 | ---- | M] (Roxio) (DLABOIOM) DLABOIOM [File_System | Auto | Running] -> C:\Windows\System32\DLA\DLABOIOM.SYS -> [2006/08/18 13:17:40 | 00,032,472 | ---- | M] (Roxio) (DLACDBHM) DLACDBHM [File_System | System | Stopped] -> C:\Windows\System32\Drivers\DLACDBHM.SYS -> [2006/08/11 10:35:18 | 00,012,920 | ---- | M] (Roxio) (DLADResM) DLADResM [File_System | Auto | Running] -> C:\Windows\System32\DLA\DLADResM.SYS -> [2006/08/18 13:18:08 | 00,009,400 | ---- | M] (Roxio) (DLAIFS_M) DLAIFS_M [File_System | Auto | Running] -> C:\Windows\System32\DLA\DLAIFS_M.SYS -> [2006/08/18 13:17:38 | 00,104,472 | ---- | M] (Roxio) (DLAOPIOM) DLAOPIOM [File_System | Auto | Running] -> C:\Windows\System32\DLA\DLAOPIOM.SYS -> [2006/08/18 13:17:42 | 00,026,008 | ---- | M] (Roxio) (DLAPoolM) DLAPoolM [File_System | Auto | Running] -> C:\Windows\System32\DLA\DLAPoolM.SYS -> [2006/08/18 13:17:38 | 00,014,520 | ---- | M] (Roxio) (DLARTL_M) DLARTL_M [File_System | System | Running] -> C:\Windows\System32\Drivers\DLARTL_M.SYS -> [2006/08/11 10:35:16 | 00,028,184 | ---- | M] (Roxio) (DLAUDFAM) DLAUDFAM [File_System | Auto | Running] -> C:\Windows\System32\DLA\DLAUDFAM.SYS -> [2006/08/18 13:17:44 | 00,094,648 | ---- | M] (Roxio) (DLAUDF_M) DLAUDF_M [File_System | Auto | Running] -> C:\Windows\System32\DLA\DLAUDF_M.SYS -> [2006/08/18 13:17:44 | 00,097,848 | ---- | M] (Roxio) (DRVMCDB) DRVMCDB [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\DRVMCDB.SYS -> [2006/07/21 11:21:26 | 00,099,176 | ---- | M] (Sonic Solutions) (DRVNDDM) DRVNDDM [File_System | Auto | Running] -> C:\Windows\System32\Drivers\DRVNDDM.SYS -> [2006/08/11 11:05:58 | 00,051,768 | ---- | M] (Roxio) (E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\E1G60I32.sys -> [2006/11/02 00:30:54 | 00,117,760 | ---- | M] (Intel Corporation) (elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2006/11/02 02:51:34 | 00,316,520 | ---- | M] (Emulex) (HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2006/11/02 02:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) (HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\VSTAZL3.SYS -> [2006/11/02 00:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) (HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\VSTDPV3.SYS -> [2006/11/02 00:41:50 | 00,987,648 | ---- | M] (Conexant Systems, Inc.) (iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2006/11/02 02:51:25 | 00,232,040 | ---- | M] (Intel Corporation) (iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 02:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) (iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 02:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) (iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 02:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) (LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2006/11/02 02:50:04 | 00,065,640 | ---- | M] (LSI Logic) (LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2006/11/02 02:50:05 | 00,065,640 | ---- | M] (LSI Logic) (LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2006/11/02 02:50:10 | 00,065,640 | ---- | M] (LSI Logic) (megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2006/11/02 02:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) (Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 02:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) (NETw4v32) Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\NETw4v32.sys -> [2007/09/26 08:12:00 | 02,251,776 | ---- | M] (Intel Corporation) (nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 02:50:19 | 00,045,160 | ---- | M] (IBM Corporation) (ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 00:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) (nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\nvlddmkm.sys -> [2007/10/04 21:24:00 | 07,628,608 | ---- | M] (NVIDIA Corporation) (nvraid) NVIDIA nForce(tm) RAID Class Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2007/01/05 22:59:34 | 00,086,096 | ---- | M] (NVIDIA Corporation) (nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2007/01/05 22:59:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) (OEM02Dev) Creative Camera OEM002 Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\OEM02Dev.sys -> [2007/10/10 17:03:00 | 00,235,648 | ---- | M] (Creative Technology Ltd.) (OEM02Vfx) Creative Camera OEM002 Video VFX Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\OEM02Vfx.sys -> [2007/03/05 10:45:04 | 00,007,424 | ---- | M] (EyePower Games Pte. Ltd.) (Pcouffin) VSO Software pcouffin [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\Pcouffin.sys -> [2009/07/01 19:01:22 | 00,047,360 | ---- | M] (VSO Software) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\PxHelp20.sys -> [2006/07/24 03:00:00 | 00,036,528 | ---- | M] (Sonic Solutions) (ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2006/11/02 02:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) (ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 02:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) (rimmptsk) rimmptsk [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\rimmptsk.sys -> [2005/11/16 20:28:32 | 00,028,928 | ---- | M] (REDC) (rimsptsk) rimsptsk [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\rimsptsk.sys -> [2005/12/22 17:02:22 | 00,051,840 | ---- | M] (REDC) (rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\rixdptsk.sys -> [2006/11/14 17:35:20 | 00,037,376 | ---- | M] (REDC) (secdrv) Security Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\secdrv.sys -> [2006/11/01 23:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid2.sys -> [2006/11/02 02:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) (SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2006/11/02 02:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) (STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\stwrt.sys -> [2007/03/06 12:38:52 | 00,323,584 | ---- | M] (SigmaTel, Inc.) (Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 02:50:05 | 00,035,944 | ---- | M] (LSI Logic) (Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 02:49:56 | 00,031,848 | ---- | M] (LSI Logic) (Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 02:50:03 | 00,034,920 | ---- | M] (LSI Logic) (uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2006/11/02 02:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) (UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 02:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) (ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2006/11/02 02:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) (usb_rndisx) USB RNDIS Adapter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\usb8023x.sys -> [2006/11/02 01:57:48 | 00,014,848 | ---- | M] (Microsoft Corporation) (viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2007/02/21 12:49:47 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) (vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2006/11/02 02:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) (winachsf) winachsf [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\VSTCNXT3.SYS -> [2006/11/02 00:41:48 | 00,654,336 | ---- | M] (Conexant Systems, Inc.) (KLIF) Kaspersky Lab Driver [File_System | System | Running] -> C:\Windows\System32\DRIVERS\klif.sys -> [2009/10/23 22:07:24 | 00,311,312 | ---- | M] (Kaspersky Lab) (kl1) kl1 [Kernel | System | Running] -> C:\Windows\System32\DRIVERS\kl1.sys -> [2009/09/01 15:29:50 | 00,128,016 | ---- | M] (Kaspersky Lab) (klbg) Kaspersky Lab Boot Guard Driver [Kernel | Boot | Running] -> C:\Windows\system32\drivers\klbg.sys -> [2009/10/14 21:18:34 | 00,036,880 | ---- | M] (Kaspersky Lab) (klmouflt) Kaspersky Lab KLMOUFLT [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\klmouflt.sys -> [2009/10/02 19:39:36 | 00,019,472 | ---- | M] (Kaspersky Lab) (KLIM6) Kaspersky Anti-Virus NDIS 6 Filter [Kernel | System | Running] -> C:\Windows\System32\DRIVERS\klim6.sys -> [2009/09/14 14:46:36 | 00,021,520 | ---- | M] (Kaspersky Lab) [Modules - Safe List] comctl32.dll -> C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll -> [2006/11/02 02:38:57 | 01,648,128 | ---- | M] (Microsoft Corporation) ots.exe -> C:\Users\Jayordan\Downloads\OTS.exe -> [2009/10/23 23:53:07 | 00,521,728 | ---- | M] (OldTimer Tools) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 1 -> HKEY_USERS\.DEFAULT\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 1 -> HKEY_USERS\S-1-5-18\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\] > -> -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\: Main\\"Local Page" -> C:\Windows\system32\blank.htm -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\: Main\\"StartPageCache" -> 1 -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\: "ProxyEnable" -> 1 -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\Jayordan\AppData\Roaming\Mozilla\FireFox\Profiles\277hvvuu.default\prefs.js -> browser.startup.homepage -> "http://www.nebrwesleyan.edu/" -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 -> extensions.enabledItems -> {20a82645-c095-46ed-80e3-08825760534b}:1.1 -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14 -> network.proxy.no_proxies_on -> "*.local" -> network.proxy.type -> 1 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} -> C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD] -> [2008/08/17 18:11:32 | 00,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/09/02 03:01:28 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components -> C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/09/13 08:57:37 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/10/23 21:47:10 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\Jayordan\AppData\Roaming\mozilla\Extensions -> [2008/08/17 10:28:50 | 00,000,000 | ---D | M] -> C:\Users\Jayordan\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2008/08/17 10:28:50 | 00,000,000 | ---D | M] -> C:\Users\Jayordan\AppData\Roaming\mozilla\Firefox\Profiles\277hvvuu.default\extensions -> [2009/10/23 21:51:37 | 00,097,495 | ---- | M] () -> C:\Users\Jayordan\AppData\Roaming\mozilla\Firefox\Profiles\277hvvuu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/10/23 21:51:37 | 00,097,495 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions -> [2009/09/13 08:57:37 | 09,767,928 | ---- | M] (Mozilla Foundation) -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2009/09/13 08:57:37 | 09,767,928 | ---- | M] (Mozilla Foundation) -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} -> [2009/09/13 08:57:37 | 09,767,928 | ---- | M] (Mozilla Foundation) -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -> [2009/09/13 08:57:37 | 09,767,928 | ---- | M] (Mozilla Foundation) -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\divx@partners.mozilla.com -> [2009/09/13 08:57:37 | 09,767,928 | ---- | M] (Mozilla Foundation) -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\linkfilter@kaspersky.ru -> [2009/09/13 08:57:37 | 09,767,928 | ---- | M] (Mozilla Foundation) < FireFox Components [Program Folders] > -> C:\PROGRAM FILES\MOZILLA FIREFOX\components\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\components -> [2009/09/13 08:57:37 | 00,000,000 | ---D | M] browserdirprovider.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\components\browserdirprovider.dll -> [2009/09/13 08:57:36 | 00,023,032 | ---- | M] (Mozilla Foundation) brwsrcmp.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\components\brwsrcmp.dll -> [2009/09/13 08:57:36 | 00,134,648 | ---- | M] (Mozilla Foundation) < FireFox Plugins [Program Folders] > -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins -> [2009/10/23 21:47:10 | 00,000,000 | ---D | M] libdivx.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\libdivx.dll -> [2009/05/01 14:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) np-mswmp.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\np-mswmp.dll -> [2007/04/10 18:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) np32dsw.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\np32dsw.dll -> [2008/11/04 11:15:38 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) npdeploytk.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npdeploytk.dll -> [2009/03/09 05:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) npdivx32.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npdivx32.dll -> [2009/05/12 11:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) npdivx32.xpt -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npdivx32.xpt -> [2009/05/01 14:02:24 | 00,001,691 | ---- | M] () npLegitCheckPlugin.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npLegitCheckPlugin.dll -> [2009/02/06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) npnul32.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npnul32.dll -> [2009/09/13 08:57:36 | 00,065,528 | ---- | M] (mozilla.org) nppdf32.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nppdf32.dll -> [2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) nppl3260.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nppl3260.dll -> [2008/08/17 18:11:30 | 00,144,984 | ---- | M] (RealNetworks, Inc.) npqtplugin.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin.dll -> [2008/10/05 23:58:49 | 00,143,360 | ---- | M] (Apple Inc.) npqtplugin2.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin2.dll -> [2008/10/05 23:58:49 | 00,143,360 | ---- | M] (Apple Inc.) npqtplugin3.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin3.dll -> [2008/10/05 23:58:49 | 00,143,360 | ---- | M] (Apple Inc.) npqtplugin4.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin4.dll -> [2008/10/05 23:58:49 | 00,143,360 | ---- | M] (Apple Inc.) npqtplugin5.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin5.dll -> [2008/10/05 23:58:49 | 00,143,360 | ---- | M] (Apple Inc.) npqtplugin6.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin6.dll -> [2008/10/05 23:58:49 | 00,143,360 | ---- | M] (Apple Inc.) npqtplugin7.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin7.dll -> [2008/10/05 23:58:49 | 00,143,360 | ---- | M] (Apple Inc.) nprjplug.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nprjplug.dll -> [2008/08/17 18:11:36 | 00,008,192 | ---- | M] (RealNetworks, Inc.) nprpjplug.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nprpjplug.dll -> [2008/08/17 18:11:28 | 00,094,208 | ---- | M] (RealNetworks, Inc.) npUpload.xpt -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npUpload.xpt -> [2008/02/20 19:03:46 | 00,000,535 | ---- | M] () nsIDivxPlayerPlugin.xpt -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nsIDivxPlayerPlugin.xpt -> [2008/02/20 19:04:30 | 00,000,297 | ---- | M] () nsIQTScriptablePlugin.xpt -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nsIQTScriptablePlugin.xpt -> [2007/09/28 13:26:22 | 00,002,394 | ---- | M] () QuickTimePlugin.class -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\QuickTimePlugin.cla -> [2008/10/05 23:58:49 | 00,004,208 | ---- | M] () ssldivx.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\ssldivx.dll -> [2009/05/01 14:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) WMP Firefox Plugin License.rtf -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\WMP Firefox Plugin License.rtf -> [2007/03/30 11:43:58 | 00,149,569 | ---- | M] () WMP Firefox Plugin RelNotes.txt -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\WMP Firefox Plugin RelNotes.txt -> [2007/03/30 11:43:58 | 00,003,352 | ---- | M] () < FireFox SearchPlugins [Program Folders] > -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins -> [2009/03/05 21:47:59 | 00,000,000 | ---D | M] amazondotcom.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\amazondotcom.xml -> [2009/03/05 21:47:57 | 00,001,394 | ---- | M] () answers.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\answers.xml -> [2009/03/05 21:47:57 | 00,002,193 | ---- | M] () creativecommons.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\creativecommons.xml -> [2009/03/05 21:47:57 | 00,001,534 | ---- | M] () eBay.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\eBay.xml -> [2009/03/05 21:47:57 | 00,002,343 | ---- | M] () google.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\google.xml -> [2009/03/05 21:47:57 | 00,001,706 | ---- | M] () wikipedia.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\wikipedia.xml -> [2009/03/05 21:47:57 | 00,001,178 | ---- | M] () yahoo.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\yahoo.xml -> [2009/03/05 21:47:57 | 00,000,792 | ---- | M] () < HOSTS File > (761 bytes and 20 lines) -> C:\Windows\System32\drivers\etc\Hosts -> Reset Hosts 127.0.0.1 localhost ::1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 12:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated) {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2008/08/17 18:11:32 | 00,308,856 | ---- | M] (RealPlayer) {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} [HKLM] -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll [IEVkbdBHO Class] -> [2009/10/20 20:34:50 | 00,068,112 | ---- | M] (Kaspersky Lab) {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/02/17 17:11:04 | 00,408,440 | ---- | M] (Microsoft Corporation) {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2009/09/10 11:48:27 | 00,256,112 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [Google Toolbar Notifier BHO] -> [2009/09/21 16:24:01 | 00,762,864 | ---- | M] (Google Inc.) {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [Google Dictionary Compression sdch] -> [2009/09/10 11:48:20 | 00,458,736 | ---- | M] (Google Inc.) {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/03/09 05:18:50 | 00,035,840 | ---- | M] (Sun Microsystems, Inc.) {E33CF602-D945-461A-83F0-819F76A199F8} [HKLM] -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll [FilterBHO Class] -> [2009/10/20 20:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/09/10 11:48:27 | 00,256,112 | ---- | M] (Google Inc.) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\] > -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/09/10 11:48:27 | 00,256,112 | ---- | M] (Google Inc.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "" -> [] -> File not found "Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/02/27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) "AVP" -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe ["C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"] -> [2009/10/20 20:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) "ISUSPM Startup" -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup] -> [2006/10/03 11:35:42 | 00,221,184 | ---- | M] (Macrovision Corporation) "ISUSScheduler" -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> [2006/10/03 11:37:04 | 00,081,920 | ---- | M] (Macrovision Corporation) "NvCplDaemon" -> C:\Windows\System32\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2007/10/04 21:24:00 | 08,497,696 | ---- | M] (NVIDIA Corporation) "NVHotkey" -> C:\Windows\System32\nvHotkey.DLL [rundll32.exe C:\Windows\system32\nvHotkey.dll,Start] -> [2007/10/04 21:24:00 | 00,086,016 | ---- | M] (NVIDIA Corporation) "NvMediaCenter" -> C:\Windows\System32\NvMcTray.DLL [RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> [2007/10/04 21:24:00 | 00,081,920 | ---- | M] (NVIDIA Corporation) "NvSvc" -> C:\Windows\System32\nvsvc.DLL [RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart] -> [2007/10/04 21:24:00 | 00,086,016 | ---- | M] (NVIDIA Corporation) "NWEReboot" -> [] -> File not found "OEM02Mon.exe" -> C:\Windows\OEM02Mon.exe [C:\Windows\OEM02Mon.exe] -> [2007/05/09 17:01:00 | 00,036,864 | ---- | M] (Creative Technology Ltd.) "QuickTime Task" -> C:\Program Files\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2008/09/06 15:09:14 | 00,413,696 | ---- | M] (Apple Inc.) "RoxioDragToDisc" -> C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe ["C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"] -> [2006/08/17 09:00:00 | 01,116,920 | ---- | M] (Roxio) "RoxWatchTray" -> C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe ["C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"] -> [2006/11/05 11:22:16 | 00,221,184 | ---- | M] (Sonic Solutions) "SigmatelSysTrayApp" -> C:\Windows\sttray.exe [sttray.exe] -> [2007/03/06 12:37:30 | 00,303,104 | ---- | M] (SigmaTel, Inc.) "SunJavaUpdateSched" -> C:\Program Files\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/03/09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) "TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2008/08/17 18:11:26 | 00,185,896 | ---- | M] (RealNetworks, Inc.) "Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/08/17 03:20:03 | 01,006,264 | ---- | M] (Microsoft Corporation) "Windows Mobile-based device management" -> C:\Windows\WindowsMobile\wmdSync.exe [%windir%\WindowsMobile\wmdSync.exe] -> [2006/11/02 02:45:59 | 00,215,552 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "DelayShred" -> c:\PROGRA~1\mcafee\mshr\ShrCL.EXE [c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P10 /q C:\Users\Jayordan\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\CEYK2DO6\ADS_4_~1.SH! C:\Users\Jayordan\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\DIO5FLXZ\924947~1.SH! C:\Users\Jayordan\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\DKJ4C4DV\PNGBEH~1.SH!] -> File not found < Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "DelayShred" -> c:\PROGRA~1\mcafee\mshr\ShrCL.EXE [c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P10 /q C:\Users\Jayordan\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\CEYK2DO6\ADS_4_~1.SH! C:\Users\Jayordan\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\DIO5FLXZ\924947~1.SH! C:\Users\Jayordan\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\DKJ4C4DV\PNGBEH~1.SH!] -> File not found < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2008/08/17 03:04:53 | 01,232,896 | ---- | M] (Microsoft Corporation) "WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2006/11/02 05:34:50 | 02,159,104 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2008/08/17 03:04:53 | 01,232,896 | ---- | M] (Microsoft Corporation) "WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2006/11/02 05:34:50 | 02,159,104 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\] > -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "MsnMsgr" -> C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe ["C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background] -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) "SUPERAntiSpyware" -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> [2009/10/12 21:24:50 | 02,000,112 | ---- | M] () "swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2008/12/10 15:30:41 | 00,039,408 | ---- | M] (Google Inc.) "WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2006/11/02 05:34:50 | 02,159,104 | ---- | M] (Microsoft Corporation) < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [2] -> File not found \\"ConsentPromptBehaviorUser" -> [1] -> File not found \\"EnableInstallerDetection" -> [1] -> File not found \\"EnableLUA" -> [1] -> File not found \\"EnableSecureUIAPaths" -> [1] -> File not found \\"EnableVirtualization" -> [1] -> File not found \\"PromptOnSecureDesktop" -> [1] -> File not found \\"ValidateAdminCodeSignatures" -> [0] -> File not found \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"scforceoption" -> [0] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found \\"FilterAdministratorToken" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats \UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" -> [1] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" -> [2] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" -> [7] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_DIB" -> [8] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" -> [9] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" -> [13] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" -> [17] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {4248FE82-7FCB-46AC-B270-339F08212110}:{4248FE82-7FCB-46AC-B270-339F08212110} [HKLM] -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll [Button: &Virtual keyboard] -> [2009/10/20 20:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab) {CCF151D8-D089-449F-A5A4-D9909053F20F}:{CCF151D8-D089-449F-A5A4-D9909053F20F} [HKLM] -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll [Button: URLs c&heck] -> [2009/10/20 20:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\] > -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\] > -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2358385092-91818312-181952020-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab [Reg Error: Key error.] -> {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 10.1.1.67 10.1.1.5 10.1.1.54 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {487CD270-21C3-484D-8C4D-08342845FC8F}\\DhcpNameServer -> 10.1.1.67 10.1.1.5 10.1.1.54 (Broadcom 440x 10/100 Integrated Controller) -> {BB0A4C0D-FDD1-44D4-A05E-EBF70E63280C}\\DhcpNameServer -> 192.168.1.1 (Intel(R) Wireless WiFi Link 4965AGN) -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll -> [2009/10/20 20:35:06 | 00,109,072 | ---- | M] (Kaspersky Lab) *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2008/10/28 23:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> klogon -> C:\Windows\System32\klogon.dll -> [2009/10/20 20:34:56 | 00,219,664 | ---- | M] (Kaspersky Lab) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006/09/18 14:43:36 | 00,000,024 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> File not found exefile [open] -> "%1" %* -> File not found [Registry - Additional Scans - Safe List] < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> FastUserSwitchingCompatibility -> [] -> Ias -> [] -> Irmon -> [] -> Nla -> [] -> Ntmssvc -> [] -> NWCWorkstation -> [] -> Nwsapagent -> [] -> SRService -> [] -> Wmi -> [] -> WmdmPmSp -> [] -> LogonHours -> [] -> PCAudit -> [] -> helpsvc -> [] -> uploadmgr -> [] -> *MultiFile Done* -> -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> File not found chm.file [open] -> "%SystemRoot%\hh.exe" %1 -> [2006/11/02 02:45:13 | 00,014,848 | ---- | M] (Microsoft Corporation) cmdfile [open] -> "%1" %* -> File not found comfile [open] -> "%1" %* -> File not found cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2006/11/02 02:44:59 | 00,211,968 | ---- | M] (Microsoft Corporation) exefile [open] -> "%1" %* -> File not found helpfile [open] -> Reg Error: Key error. hlpfile [open] -> %SystemRoot%\winhlp32.exe %1 -> [2006/11/02 02:45:57 | 00,009,216 | ---- | M] (Microsoft Corporation) htmlfile [edit] -> Reg Error: Key error. htmlfile [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" -nohome -> [2009/08/27 07:04:53 | 00,634,632 | ---- | M] (Microsoft Corporation) htmlfile [opennew] -> "C:\Program Files\Internet Explorer\iexplore.exe" %1 -> [2009/08/27 07:04:53 | 00,634,632 | ---- | M] (Microsoft Corporation) http [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" -nohome -> [2009/08/27 07:04:53 | 00,634,632 | ---- | M] (Microsoft Corporation) https [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" -nohome -> [2009/08/27 07:04:53 | 00,634,632 | ---- | M] (Microsoft Corporation) inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2006/11/02 02:45:14 | 00,011,776 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> File not found regfile [merge] -> Reg Error: Key error. scrfile [config] -> "%1" -> File not found scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2006/11/02 02:44:42 | 00,368,640 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> File not found txtfile [edit] -> Reg Error: Key error. Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2006/11/02 02:44:59 | 00,320,000 | ---- | M] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/10/28 23:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) Folder [open] -> %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L -> [2008/10/28 23:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L -> [2008/10/28 23:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/10/28 23:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) Applications\iexplore.exe [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" %1 -> [2009/08/27 07:04:53 | 00,634,632 | ---- | M] (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "C:\Program Files\Internet Explorer\iexplore.exe" -> [2009/08/27 07:04:53 | 00,634,632 | ---- | M] (Microsoft Corporation) < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {00203668-8170-44A0-BE44-B632FA4D780F} -> Adobe AIR {0046FA01-C5B9-4985-BACB-398DC480FC05} -> Adobe Photoshop CS3 {0394CDC8-FABD-4ed8-B104-03393876DFDF} -> Roxio Creator Tools {04AF207D-9A77-465A-8B76-991F6AB66245} -> Adobe Help Viewer CS3 {08B32819-6EEF-4057-AEDA-5AB681A36A23} -> Adobe Bridge Start Meeting {0D397393-9B50-4c52-84D5-77E344289F87} -> Roxio Creator Data {18455581-E099-4BA8-BC6B-F34B2F06600C} -> Google Toolbar for Internet Explorer {184CE391-7E0E-4C63-9935-D7A10EDFD3C6} -> Adobe WinSoft Linguistics Plugin {1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995} -> Live! Cam Avatar v1.0 {2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer {24D7346D-D4B4-45E8-98EA-75EC14B42DD8} -> Adobe ExtendScript Toolkit 2 {26A24AE4-039D-4CA4-87B4-2F83216011FF} -> Java(TM) 6 Update 13 {29E5EA97-5F74-4A57-B8B2-D4F169117183} -> Adobe Stock Photos CS3 {2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668} -> Roxio Drag-to-Disc {30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Roxio Update Manager {35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} -> Sonic Activation Module {42929F0F-CE14-47AF-9FC7-FF297A603021} -> Dell Resource CD {508CE775-4BA4-4748-82DF-FE28DA9F03B0} -> Windows Live Messenger {51846830-E7B2-4218-8968-B77F0FF475B8} -> Adobe Color EU Extra Settings {54793AA1-5001-42F4-ABB6-C364617C6078} -> Adobe Linguistics CS3 {619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} -> Roxio Creator Copy {64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1} -> Adobe Setup {65D0C510-D7B6-4438-9FC8-E6B91115AB0D} -> Live! Cam Avatar Creator {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Roxio Express Labeler {6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -> Windows Media Player Firefox Plugin {6ABE0BEE-D572-4FE8-B434-9E72A289431B} -> Adobe Fonts All {6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF} -> Adobe Color Common Settings {6D52C408-B09A-4520-9B18-475B81D393F1} -> Microsoft Works {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} -> Adobe Asset Services CS3 {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {767CC44C-9BBC-438D-BAD3-FD4595DD148B} -> VC80CRTRedist - 8.0.50727.762 {770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 {77DCDCE3-2DED-62F3-8154-05E745472D07} -> Acrobat.com {802771A9-A856-4A41-ACF7-1450E523C923} -> Adobe XMP Panels CS3 {83FFCFC7-88C6-41c6-8752-958A45325C82} -> Roxio Creator Audio {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight {8D2BA474-F406-4710-9AE4-D4F22D21F0DD} -> Adobe Device Central CS3 {8DC42D05-680B-41B0-8878-6C14D24602DB} -> QuickTime {8E6808E2-613D-4FCD-81A2-6C8FA8E03312} -> Adobe Type Support {90176341-0A8B-4CCC-A78D-F862228A6B95} -> Adobe Anchor Service CS3 {9422C8EA-B0C6-4197-B8FC-DC797658CA00} -> Windows Live Sign-in Assistant {943B6738-4801-4982-90EC-0442EF7AEB16} -> Kaspersky Anti-Virus 2010 {95655ED4-7CA5-46DF-907F-7144877A32E5} -> Adobe Color NA Recommended Settings {9C9824D9-9000-4373-A6A5-D0E5D4831394} -> Adobe Bridge CS3 {A2B242BD-FF8D-4840-9DAA-9170EABEC59C} -> Adobe CMaps {A2D81E70-2A98-4A08-A628-94388B063C5E} -> Adobe Color - Photoshop Specific {A462213D-EED4-42C2-9A60-7BDD4D4B0B17} -> SigmaTel Audio {A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320} -> Windows Live installer {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} -> PDF Settings {AC76BA86-7AD7-1033-7B44-A91000000001} -> Adobe Reader 9.1.3 {AC76BA86-7AD7-5464-3428-900000000004} -> Spelling Dictionaries Support For Adobe Reader 9 {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} -> Adobe Camera Raw 4.0 {B3C02EC1-A7B0-4987-9A43-8789426AAA7D} -> Adobe Setup {B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Web Player {B9B35331-B7E4-4E5C-BF4C-7BC87856124D} -> Adobe Default Language CS3 {C8B0680B-CDAE-4809-9F91-387B6DE00F7C} -> Roxio Creator DE {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1 {D0DFF92A-492E-4C40-B862-A74A173C25C5} -> Adobe Version Cue CS3 Client {D1BB4446-AE9C-4256-9A7F-4D46604D2462} -> Adobe Setup {D2559B88-CC9D-4B48-81BB-F492BAA9C48C} -> Adobe PDF Library Files {D639085F-4B6E-4105-9F37-A0DBB023E2FB} -> Roxio MyDVD DE {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} -> Adobe Color JA Extra Settings {E69AE897-9E0B-485C-8552-7841F48D42D8} -> Adobe Update Manager CS3 {F333A33D-125C-32A2-8DCE-5C5D14231E27} -> Visual C++ 2008 x86 Runtime - (v9.0.30729) {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 -> Visual C++ 2008 x86 Runtime - v9.0.30729.01 {F9FD80CE-0448-4D4F-8BCD-77FC514C3F99} -> Vista Codec Package Adobe AIR -> Adobe AIR Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Adobe Shockwave Player -> Adobe Shockwave Player Adobe_2ac78060bc5856b0c1cf873bb919b58 -> Adobe Photoshop CS3 Adobe_3e054d2218e7aa282c2369d939e58ff -> Adobe ExtendScript Toolkit 2 Adobe_6c8e2cb4fd241c55406016127a6ab2e -> Adobe Color Common Settings Advanced Audio FX Engine -> Advanced Audio FX Engine Advanced Video FX Engine -> Advanced Video FX Engine com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Acrobat.com Creative OEM002 -> Laptop Integrated Webcam Driver (1.04.01.1011) DELL Webcam Center -> DELL Webcam Center DELL Webcam Manager -> DELL Webcam Manager DVD Shrink_is1 -> DVD Shrink 3.2 DVDFab 6_is1 -> DVDFab 6.1.1.8 Beta (20/10/2009) ffdshow_is1 -> ffdshow [rev 2527] [2008-12-19] InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16} -> Kaspersky Anti-Virus 2010 LimeWire -> LimeWire 4.18.8 Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1 Mozilla Firefox (3.0.14) -> Mozilla Firefox (3.0.14) NVIDIA Drivers -> NVIDIA Drivers OmegaPlay -> OmegaPlay Perfect Alarm Clock -> Perfect Alarm Clock Photo Viewer -> Photo Viewer 2.3 PlayFLV -> PlayFLV RealPlayer 6.0 -> RealPlayer RollerCoaster Tycoon Setup -> RolllayN WinRAR archiver -> WinRAR archiver Yahoo! Messenger -> Yahoo! Messenger < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 10/20/2009 1:13:46 PM Computer Name = Jayordan-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 -> Description = Application [ Error ] 10/20/2009 1:13:46 PM Computer Name = Jayordan-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 -> Description = Application [ Error ] 10/20/2009 11:32:29 PM Computer Name = Jayordan-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 -> Description = Application [ Error ] 10/20/2009 11:32:29 PM Computer Name = Jayordan-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 -> Description = Application [ Error ] 10/21/2009 4:49:58 PM Computer Name = Jayordan-PC | Source = Lavasoft Ad-Aware Service | ID = 0 -> Description = Application [ Error ] 10/22/2009 1:51:16 AM Computer Name = Jayordan-PC | Source = Application Error | ID = 1000 -> Description = Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module USER32.dll, version 6.0.6000.16386, time stamp 0x4549bdc9, exception code 0xc0000142, fault offset 0x00008fc7, process id 0xae0, application start time 0x01ca52dbab1c0ac3. Application [ Error ] 10/22/2009 1:58:05 AM Computer Name = Jayordan-PC | Source = McLogEvent | ID = 5051 -> Description = Application [ Error ] 10/22/2009 10:00:48 PM Computer Name = Jayordan-PC | Source = VSS | ID = 8194 -> Description = Application [ Error ] 10/22/2009 11:24:39 PM Computer Name = Jayordan-PC | Source = MsiInstaller | ID = 11704 -> Description = Application [ Error ] 10/22/2009 11:27:10 PM Computer Name = Jayordan-PC | Source = pctsSvc.exe | ID = 0 -> Description = System [ Error ] 10/23/2009 10:26:19 PM Computer Name = Jayordan-PC | Source = Service Control Manager | ID = 7026 -> Description = System [ Error ] 10/24/2009 12:24:41 AM Computer Name = Jayordan-PC | Source = Application Popup | ID = 876 -> Description = Driver DLACDBHM.SYS has been blocked from loading. System [ Error ] 10/24/2009 12:26:34 AM Computer Name = Jayordan-PC | Source = Service Control Manager | ID = 7000 -> Description = System [ Error ] 10/24/2009 12:26:34 AM Computer Name = Jayordan-PC | Source = Service Control Manager | ID = 7000 -> Description = System [ Error ] 10/24/2009 12:26:34 AM Computer Name = Jayordan-PC | Source = Service Control Manager | ID = 7000 -> Description = System [ Error ] 10/24/2009 12:26:34 AM Computer Name = Jayordan-PC | Source = Service Control Manager | ID = 7026 -> Description = System [ Error ] 10/24/2009 12:47:54 AM Computer Name = Jayordan-PC | Source = Application Popup | ID = 876 -> Description = Driver DLACDBHM.SYS has been blocked from loading. System [ Error ] 10/24/2009 12:49:56 AM Computer Name = Jayordan-PC | Source = Service Control Manager | ID = 7000 -> Description = System [ Error ] 10/24/2009 12:49:56 AM Computer Name = Jayordan-PC | Source = Service Control Manager | ID = 7000 -> Description = System [ Error ] 10/24/2009 12:49:56 AM Computer Name = Jayordan-PC | Source = Service Control Manager | ID = 7026 -> Description = [Files/Folders - Created Within 30 Days] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ProgramData -> C:\ProgramData -> [2009/10/23 13:59:06 | 00,000,000 | -H-D | M] DVD Shrink -> C:\ProgramData\DVD Shrink -> [2009/10/20 11:19:56 | 00,000,000 | ---D | M] Kaspersky Lab -> C:\ProgramData\Kaspersky Lab -> [2009/10/23 14:02:50 | 00,000,000 | ---D | M] Kaspersky Lab Setup Files -> C:\ProgramData\Kaspersky Lab Setup Files -> [2009/10/23 13:46:54 | 00,000,000 | ---D | M] Lavasoft -> C:\ProgramData\Lavasoft -> [2009/10/21 21:07:21 | 00,000,000 | ---D | M] Malwarebytes -> C:\ProgramData\Malwarebytes -> [2009/10/21 22:18:12 | 00,000,000 | ---D | M] McAfee -> C:\ProgramData\McAfee -> [2009/10/23 13:32:27 | 00,000,000 | ---D | M] Roxio -> C:\ProgramData\Roxio -> [2009/10/20 12:24:15 | 00,000,000 | ---D | M] SiteAdvisor -> C:\ProgramData\SiteAdvisor -> [2009/10/20 20:32:11 | 00,000,000 | ---D | M] Sophos -> C:\ProgramData\Sophos -> [2009/10/22 20:25:02 | 00,000,000 | ---D | M] SUPERAntiSpyware.com -> C:\ProgramData\SUPERAntiSpyware.com -> [2009/10/21 21:30:05 | 00,000,000 | ---D | M] TEMP -> C:\ProgramData\TEMP -> [2009/10/22 20:27:17 | 00,000,000 | ---D | M] Roaming -> C:\Users\Jayordan\AppData\Roaming -> [2009/10/22 20:27:20 | 00,000,000 | ---D | M] DVDFab -> C:\Users\Jayordan\AppData\Roaming\DVDFab -> [2009/10/20 10:50:02 | 00,000,000 | ---D | M] GetRightToGo -> C:\Users\Jayordan\AppData\Roaming\GetRightToGo -> [2009/10/21 22:49:56 | 00,000,000 | ---D | M] LimeWire -> C:\Users\Jayordan\AppData\Roaming\LimeWire -> [2009/10/20 10:07:20 | 00,000,000 | ---D | M] Malwarebytes -> C:\Users\Jayordan\AppData\Roaming\Malwarebytes -> [2009/10/21 22:18:19 | 00,000,000 | ---D | M] MalwareRemovalBot -> C:\Users\Jayordan\AppData\Roaming\MalwareRemovalBot -> [2009/10/20 19:47:18 | 00,000,000 | ---D | M] SUPERAntiSpyware.com -> C:\Users\Jayordan\AppData\Roaming\SUPERAntiSpyware.com -> [2009/10/21 21:29:09 | 00,000,000 | ---D | M] Vso -> C:\Users\Jayordan\AppData\Roaming\Vso -> [2009/10/20 12:55:37 | 00,000,000 | ---D | M] Local -> C:\Users\Jayordan\AppData\Local -> [2009/10/22 11:51:22 | 00,000,000 | ---D | M] Sophos -> C:\Users\Jayordan\AppData\Local\Sophos -> [2009/10/22 11:51:22 | 00,000,000 | ---D | M] Temp -> C:\Users\Jayordan\AppData\Local\Temp -> [2009/10/24 07:48:22 | 00,000,000 | ---D | M] Common Files -> C:\Program Files\Common Files -> [2009/10/23 13:32:27 | 00,000,000 | ---D | M] DivX Shared -> C:\Program Files\Common Files\DivX Shared -> [2009/10/11 14:00:47 | 00,000,000 | ---D | M] PC Tools -> C:\Program Files\Common Files\PC Tools -> [2009/10/22 20:28:35 | 00,000,000 | ---D | M] Symantec Shared -> C:\Program Files\Common Files\Symantec Shared -> [2009/10/21 22:26:48 | 00,000,000 | ---D | M] Program Files -> C:\Program Files -> [2009/10/23 13:59:06 | 00,000,000 | R--D | M] Common Files -> C:\Program Files\Common Files -> [2009/10/23 13:32:27 | 00,000,000 | ---D | M] DivX -> C:\Program Files\DivX -> [2009/10/12 15:48:34 | 00,000,000 | ---D | M] DVDFab 6 -> C:\Program Files\DVDFab 6 -> [2009/10/20 10:45:41 | 00,000,000 | ---D | M] Hasbro Interactive -> C:\Program Files\Hasbro Interactive -> [2009/10/20 13:27:06 | 00,000,000 | ---D | M] Internet Explorer -> C:\Program Files\Internet Explorer -> [2009/10/14 03:53:55 | 00,000,000 | ---D | M] Kaspersky Lab -> C:\Program Files\Kaspersky Lab -> [2009/10/23 13:59:06 | 00,000,000 | ---D | M] Microsoft Works -> C:\Program Files\Microsoft Works -> [2009/10/14 03:33:16 | 00,000,000 | ---D | M] Mozilla Firefox -> C:\Program Files\Mozilla Firefox -> [2009/10/23 19:19:44 | 00,000,000 | ---D | M] OmegaPlay -> C:\Program Files\OmegaPlay -> [2009/10/21 22:06:18 | 00,000,000 | ---D | M] Perfect Alarm Clock -> C:\Program Files\Perfect Alarm Clock -> [2009/10/16 00:43:29 | 00,000,000 | ---D | M] SlySoft -> C:\Program Files\SlySoft -> [2009/10/20 10:14:02 | 00,000,000 | ---D | M] SUPERAntiSpyware -> C:\Program Files\SUPERAntiSpyware -> [2009/10/21 22:43:19 | 00,000,000 | ---D | M] Windows Mail -> C:\Program Files\Windows Mail -> [2009/10/14 03:53:54 | 00,000,000 | ---D | M] LastGood -> C:\Windows\LastGood -> [2009/10/23 22:08:49 | 00,000,000 | ---D | C] klif.sys -> C:\Windows\System32\drivers\klif.sys -> [2009/10/23 22:07:24 | 00,311,312 | ---- | C] (Kaspersky Lab) Kaspersky Lab -> C:\ProgramData\Kaspersky Lab -> [2009/10/23 13:59:06 | 00,000,000 | ---D | C] Kaspersky Lab Setup Files -> C:\ProgramData\Kaspersky Lab Setup Files -> [2009/10/23 13:46:54 | 00,000,000 | ---D | C] kav9.0.0.463en.exe -> C:\Users\Jayordan\Desktop\kav9.0.0.463en.exe -> [2009/10/23 13:42:06 | 58,139,344 | ---- | C] (Kaspersky Lab) MpSigStub.exe -> C:\Windows\System32\MpSigStub.exe -> [2009/10/22 18:33:40 | 00,195,440 | ---- | C] (Microsoft Corporation) GooredFix(2).exe -> C:\Users\Jayordan\Desktop\GooredFix(2).exe -> [2009/10/22 12:39:11 | 00,069,192 | ---- | C] (jpshortstuff) GooredFix Backups -> C:\Users\Jayordan\Desktop\GooredFix Backups -> [2009/10/22 12:21:58 | 00,000,000 | ---D | C] Sophos -> C:\ProgramData\Sophos -> [2009/10/22 07:52:38 | 00,000,000 | ---D | C] Malwarebytes -> C:\ProgramData\Malwarebytes -> [2009/10/21 22:18:12 | 00,000,000 | ---D | C] SUPERAntiSpyware.com -> C:\ProgramData\SUPERAntiSpyware.com -> [2009/10/21 21:30:05 | 00,000,000 | ---D | C] Sun -> C:\Windows\Sun -> [2009/10/21 20:27:50 | 00,000,000 | ---D | C] DRVSTORE -> C:\Windows\System32\DRVSTORE -> [2009/10/21 13:50:16 | 00,000,000 | ---D | C] Lavasoft -> C:\ProgramData\Lavasoft -> [2009/10/21 13:48:57 | 00,000,000 | ---D | C] klogon.dll -> C:\Windows\System32\klogon.dll -> [2009/10/20 20:34:56 | 00,219,664 | ---- | C] (Kaspersky Lab) SiteAdvisor -> C:\ProgramData\SiteAdvisor -> [2009/10/20 20:32:11 | 00,000,000 | ---D | C] TEMP -> C:\ProgramData\TEMP -> [2009/10/20 19:53:52 | 00,000,000 | ---D | C] klbg.sys -> C:\Windows\System32\drivers\klbg.sys -> [2009/10/14 21:18:34 | 00,036,880 | ---- | C] (Kaspersky Lab) msv1_0.dll -> C:\Windows\System32\msv1_0.dll -> [2009/10/13 14:50:41 | 00,216,576 | ---- | C] (Microsoft Corporation) mshtml.dll -> C:\Windows\System32\mshtml.dll -> [2009/10/13 14:50:33 | 03,598,336 | ---- | C] (Microsoft Corporation) urlmon.dll -> C:\Windows\System32\urlmon.dll -> [2009/10/13 14:50:31 | 01,168,384 | ---- | C] (Microsoft Corporation) wininet.dll -> C:\Windows\System32\wininet.dll -> [2009/10/13 14:50:31 | 00,832,512 | ---- | C] (Microsoft Corporation) html.iec -> C:\Windows\System32\html.iec -> [2009/10/13 14:50:31 | 00,389,120 | ---- | C] (Microsoft Corporation) ieframe.dll -> C:\Windows\System32\ieframe.dll -> [2009/10/13 14:50:30 | 06,067,200 | ---- | C] (Microsoft Corporation) mstime.dll -> C:\Windows\System32\mstime.dll -> [2009/10/13 14:50:30 | 00,671,232 | ---- | C] (Microsoft Corporation) msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2009/10/13 14:50:29 | 00,459,264 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2009/10/13 14:50:29 | 00,385,024 | ---- | C] (Microsoft Corporation) ieapfltr.dll -> C:\Windows\System32\ieapfltr.dll -> [2009/10/13 14:50:29 | 00,380,928 | ---- | C] (Microsoft Corporation) dxtmsft.dll -> C:\Windows\System32\dxtmsft.dll -> [2009/10/13 14:50:29 | 00,347,136 | ---- | C] (Microsoft Corporation) iertutil.dll -> C:\Windows\System32\iertutil.dll -> [2009/10/13 14:50:29 | 00,268,288 | ---- | C] (Microsoft Corporation) ieaksie.dll -> C:\Windows\System32\ieaksie.dll -> [2009/10/13 14:50:29 | 00,230,400 | ---- | C] (Microsoft Corporation) occache.dll -> C:\Windows\System32\occache.dll -> [2009/10/13 14:50:29 | 00,102,912 | ---- | C] (Microsoft Corporation) inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2009/10/13 14:50:28 | 01,830,912 | ---- | C] (Microsoft Corporation) mshtmled.dll -> C:\Windows\System32\mshtmled.dll -> [2009/10/13 14:50:28 | 00,477,696 | ---- | C] (Microsoft Corporation) dxtrans.dll -> C:\Windows\System32\dxtrans.dll -> [2009/10/13 14:50:28 | 00,214,528 | ---- | C] (Microsoft Corporation) ieui.dll -> C:\Windows\System32\ieui.dll -> [2009/10/13 14:50:28 | 00,180,736 | ---- | C] (Microsoft Corporation) advpack.dll -> C:\Windows\System32\advpack.dll -> [2009/10/13 14:50:28 | 00,124,928 | ---- | C] (Microsoft Corporation) ieencode.dll -> C:\Windows\System32\ieencode.dll -> [2009/10/13 14:50:28 | 00,078,336 | ---- | C] (Microsoft Corporation) admparse.dll -> C:\Windows\System32\admparse.dll -> [2009/10/13 14:50:28 | 00,072,704 | ---- | C] (Microsoft Corporation) icardie.dll -> C:\Windows\System32\icardie.dll -> [2009/10/13 14:50:28 | 00,063,488 | ---- | C] (Microsoft Corporation) iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2009/10/13 14:50:28 | 00,056,320 | ---- | C] (Microsoft Corporation) iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2009/10/13 14:50:28 | 00,044,544 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2009/10/13 14:50:28 | 00,027,648 | ---- | C] (Microsoft Corporation) mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2009/10/13 14:50:27 | 01,383,424 | ---- | C] (Microsoft Corporation) ieakui.dll -> C:\Windows\System32\ieakui.dll -> [2009/10/13 14:50:27 | 00,161,792 | ---- | C] (Microsoft Corporation) ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2009/10/13 14:50:27 | 00,070,656 | ---- | C] (Microsoft Corporation) mshtmler.dll -> C:\Windows\System32\mshtmler.dll -> [2009/10/13 14:50:27 | 00,048,128 | ---- | C] (Microsoft Corporation) pngfilt.dll -> C:\Windows\System32\pngfilt.dll -> [2009/10/13 14:50:27 | 00,044,544 | ---- | C] (Microsoft Corporation) ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2009/10/13 14:50:27 | 00,026,624 | ---- | C] (Microsoft Corporation) ntoskrnl.exe -> C:\Windows\System32\ntoskrnl.exe -> [2009/10/13 14:50:10 | 03,467,864 | ---- | C] (Microsoft Corporation) ntkrnlpa.exe -> C:\Windows\System32\ntkrnlpa.exe -> [2009/10/13 14:50:09 | 03,502,152 | ---- | C] (Microsoft Corporation) EncDec.dll -> C:\Windows\System32\EncDec.dll -> [2009/10/13 14:49:45 | 00,428,032 | ---- | C] (Microsoft Corporation) psisdecd.dll -> C:\Windows\System32\psisdecd.dll -> [2009/10/13 14:49:45 | 00,292,352 | ---- | C] (Microsoft Corporation) psisrndr.ax -> C:\Windows\System32\psisrndr.ax -> [2009/10/13 14:49:45 | 00,217,088 | ---- | C] (Microsoft Corporation) mcmde.dll -> C:\Windows\System32\mcmde.dll -> [2009/10/13 14:49:42 | 01,244,672 | ---- | C] (Microsoft Corporation) MSNP.ax -> C:\Windows\System32\MSNP.ax -> [2009/10/13 14:49:42 | 00,080,896 | ---- | C] (Microsoft Corporation) MSDvbNP.ax -> C:\Windows\System32\MSDvbNP.ax -> [2009/10/13 14:49:42 | 00,057,856 | ---- | C] (Microsoft Corporation) mpg2splt.ax -> C:\Windows\System32\mpg2splt.ax -> [2009/10/13 14:49:41 | 00,177,152 | ---- | C] (Microsoft Corporation) Mpeg2Data.ax -> C:\Windows\System32\Mpeg2Data.ax -> [2009/10/13 14:49:40 | 00,068,608 | ---- | C] (Microsoft Corporation) msasn1.dll -> C:\Windows\System32\msasn1.dll -> [2009/10/13 14:48:38 | 00,060,928 | ---- | C] (Microsoft Corporation) srv2.sys -> C:\Windows\System32\drivers\srv2.sys -> [2009/10/13 14:48:34 | 00,130,048 | ---- | C] (Microsoft Corporation) WMSPDMOD.DLL -> C:\Windows\System32\WMSPDMOD.DLL -> [2009/10/13 14:48:30 | 00,604,672 | ---- | C] (Microsoft Corporation) Sociology of Work -> C:\Users\Jayordan\Documents\Sociology of Work -> [2009/10/11 13:52:16 | 00,000,000 | ---D | C] Research Methods -> C:\Users\Jayordan\Documents\Research Methods -> [2009/10/11 13:51:32 | 00,000,000 | ---D | C] klmouflt.sys -> C:\Windows\System32\drivers\klmouflt.sys -> [2009/10/02 19:39:36 | 00,019,472 | ---- | C] (Kaspersky Lab) wucltux.dll -> C:\Windows\System32\wucltux.dll -> [2009/10/02 10:55:08 | 02,421,760 | ---- | C] (Microsoft Corporation) wuaueng.dll -> C:\Windows\System32\wuaueng.dll -> [2009/10/02 10:55:08 | 01,929,952 | ---- | C] (Microsoft Corporation) wuauclt.exe -> C:\Windows\System32\wuauclt.exe -> [2009/10/02 10:55:08 | 00,053,472 | ---- | C] (Microsoft Corporation) wups2.dll -> C:\Windows\System32\wups2.dll -> [2009/10/02 10:55:08 | 00,044,768 | ---- | C] (Microsoft Corporation) wuapi.dll -> C:\Windows\System32\wuapi.dll -> [2009/10/02 10:54:37 | 00,575,704 | ---- | C] (Microsoft Corporation) wudriver.dll -> C:\Windows\System32\wudriver.dll -> [2009/10/02 10:54:37 | 00,087,552 | ---- | C] (Microsoft Corporation) wups.dll -> C:\Windows\System32\wups.dll -> [2009/10/02 10:54:37 | 00,035,552 | ---- | C] (Microsoft Corporation) wuwebv.dll -> C:\Windows\System32\wuwebv.dll -> [2009/10/02 10:54:23 | 00,171,608 | ---- | C] (Microsoft Corporation) wuapp.exe -> C:\Windows\System32\wuapp.exe -> [2009/10/02 10:54:23 | 00,033,792 | ---- | C] (Microsoft Corporation) pcouffin.sys -> C:\Users\Jayordan\AppData\Roaming\pcouffin.sys -> [2009/07/01 19:01:22 | 00,047,360 | ---- | C] (VSO Software) [Files/Folders - Modified Within 30 Days] 6 C:\Users\Jayordan\AppData\Local\Temp\*.tmp files -> C:\Users\Jayordan\AppData\Local\Temp\*.tmp -> ntuser.dat -> C:\Users\Jayordan\ntuser.dat -> [2009/10/24 07:55:48 | 03,670,016 | -HS- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/10/24 07:48:20 | 00,003,552 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/10/24 07:48:20 | 00,003,552 | -H-- | M] () PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2009/10/24 07:47:59 | 00,716,948 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2009/10/24 07:47:59 | 00,618,648 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2009/10/24 07:47:59 | 00,104,024 | ---- | M] () MalwareRemovalBot Scheduled Scan.job -> C:\Windows\tasks\MalwareRemovalBot Scheduled Scan.job -> [2009/10/24 03:00:00 | 00,000,550 | ---- | M] () klin.dat -> C:\Windows\System32\drivers\klin.dat -> [2009/10/23 22:09:03 | 00,108,059 | ---- | M] () klick.dat -> C:\Windows\System32\drivers\klick.dat -> [2009/10/23 22:09:03 | 00,095,259 | ---- | M] () klif.sys -> C:\Windows\System32\drivers\klif.sys -> [2009/10/23 22:07:24 | 00,311,312 | ---- | M] (Kaspersky Lab) nvModes.001 -> C:\Users\Jayordan\AppData\Roaming\nvModes.001 -> [2009/10/23 21:53:30 | 00,283,880 | ---- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2009/10/23 21:48:19 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009/10/23 21:48:11 | 00,067,584 | --S- | M] () win32k.sys -> C:\Windows\win32k.sys -> [2009/10/23 21:48:09 | 00,000,000 | ---- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2009/10/23 21:48:00 | 21,455,83104 | -HS- | M] () IconCache.db -> C:\Users\Jayordan\AppData\Local\IconCache.db -> [2009/10/23 21:45:05 | 03,430,359 | -H-- | M] () kav9.0.0.463en.exe -> C:\Users\Jayordan\Desktop\kav9.0.0.463en.exe -> [2009/10/23 13:46:32 | 58,139,344 | ---- | M] (Kaspersky Lab) nvModes.dat -> C:\Users\Jayordan\AppData\Roaming\nvModes.dat -> [2009/10/23 12:55:59 | 00,283,880 | ---- | M] () win.ini -> C:\Windows\win.ini -> [2009/10/22 20:36:03 | 00,000,176 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Jayordan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/10/22 12:40:37 | 00,140,800 | ---- | M] () GooredFix(2).exe -> C:\Users\Jayordan\Desktop\GooredFix(2).exe -> [2009/10/22 12:39:42 | 00,069,192 | ---- | M] (jpshortstuff) MEMORY.DMP -> C:\Windows\MEMORY.DMP -> [2009/10/21 22:54:24 | 27,542,6591 | ---- | M] () d3d9caps.dat -> C:\Users\Jayordan\AppData\Local\d3d9caps.dat -> [2009/10/21 22:53:01 | 00,000,680 | ---- | M] () wklnhst.dat -> C:\Users\Jayordan\AppData\Roaming\wklnhst.dat -> [2009/10/21 22:18:47 | 00,027,550 | ---- | M] () project proposal.rtf -> C:\Users\Jayordan\Documents\project proposal.rtf -> [2009/10/21 22:18:47 | 00,001,922 | ---- | M] () project proposal.wps -> C:\Users\Jayordan\Documents\project proposal.wps -> [2009/10/21 22:07:28 | 00,008,704 | ---- | M] () Tentative Spring 2010.xlr -> C:\Users\Jayordan\Documents\Tentative Spring 2010.xlr -> [2009/10/21 11:55:19 | 00,010,752 | ---- | M] () klogon.dll -> C:\Windows\System32\klogon.dll -> [2009/10/20 20:34:56 | 00,219,664 | ---- | M] (Kaspersky Lab) Soc.rtf -> C:\Users\Jayordan\Documents\Soc.rtf -> [2009/10/20 15:03:58 | 00,031,812 | ---- | M] () PowerReg.dat -> C:\Windows\PowerReg.dat -> [2009/10/20 13:29:06 | 00,000,377 | ---- | M] () inst.exe -> C:\Users\Jayordan\AppData\Roaming\inst.exe -> [2009/10/20 12:55:37 | 00,087,608 | ---- | M] () pcouffin.sys -> C:\Users\Jayordan\AppData\Roaming\pcouffin.sys -> [2009/10/20 12:55:37 | 00,047,360 | ---- | M] (VSO Software) pcouffin.cat -> C:\Users\Jayordan\AppData\Roaming\pcouffin.cat -> [2009/10/20 12:55:37 | 00,007,887 | ---- | M] () pcouffin.inf -> C:\Users\Jayordan\AppData\Roaming\pcouffin.inf -> [2009/10/20 12:55:37 | 00,001,144 | ---- | M] () movie list.xlr -> C:\Users\Jayordan\Documents\movie list.xlr -> [2009/10/20 12:32:02 | 00,020,992 | ---- | M] () DVDFab 6.lnk -> C:\Users\Jayordan\Desktop\DVDFab 6.lnk -> [2009/10/20 10:45:41 | 00,000,740 | ---- | M] () .zreglib -> C:\ProgramData\.zreglib -> [2009/10/20 10:22:09 | 00,000,040 | -HS- | M] () midterm backup.wps -> C:\Users\Jayordan\Documents\midterm backup.wps -> [2009/10/20 10:14:16 | 00,056,320 | ---- | M] () Soc. Theory Midterm.wps -> C:\Users\Jayordan\Documents\Soc. Theory Midterm.wps -> [2009/10/20 10:14:10 | 00,056,320 | ---- | M] () Perfect Alarm Clock.lnk -> C:\Users\Jayordan\Desktop\Perfect Alarm Clock.lnk -> [2009/10/16 00:43:29 | 00,000,862 | ---- | M] () klbg.sys -> C:\Windows\System32\drivers\klbg.sys -> [2009/10/14 21:18:34 | 00,036,880 | ---- | M] (Kaspersky Lab) DivX Movies.lnk -> C:\Users\Jayordan\Desktop\DivX Movies.lnk -> [2009/10/12 15:48:29 | 00,001,397 | ---- | M] () Fall 2009 Finals Schedule.xlr -> C:\Users\Jayordan\Documents\Fall 2009 Finals Schedule.xlr -> [2009/10/12 12:08:44 | 00,010,752 | ---- | M] () song.wps -> C:\Users\Jayordan\Documents\song.wps -> [2009/10/12 09:58:51 | 00,009,728 | ---- | M] () Durkheim Review.rtf -> C:\Users\Jayordan\Documents\Durkheim Review.rtf -> [2009/10/11 16:39:51 | 00,004,354 | ---- | M] () Durkheim Review.wps -> C:\Users\Jayordan\Documents\Durkheim Review.wps -> [2009/10/11 16:39:45 | 00,012,288 | ---- | M] () Political Anthropology Exam.rtf -> C:\Users\Jayordan\Documents\Political Anthropology Exam.rtf -> [2009/10/07 22:52:18 | 00,009,439 | ---- | M] () Political Anthropology Exam.wps -> C:\Users\Jayordan\Documents\Political Anthropology Exam.wps -> [2009/10/07 22:52:11 | 00,020,480 | ---- | M] () klmouflt.sys -> C:\Windows\System32\drivers\klmouflt.sys -> [2009/10/02 19:39:36 | 00,019,472 | ---- | M] (Kaspersky Lab) mrt.exe -> C:\Windows\System32\mrt.exe -> [2009/10/02 11:01:57 | 25,198,016 | ---- | M] (Microsoft Corporation) MpSigStub.exe -> C:\Windows\System32\MpSigStub.exe -> [2009/10/01 10:29:14 | 00,195,440 | ---- | M] (Microsoft Corporation) [Files - No Company Name] klin.dat -> C:\Windows\System32\drivers\klin.dat -> [2009/10/23 22:09:03 | 00,108,059 | ---- | C] () klick.dat -> C:\Windows\System32\drivers\klick.dat -> [2009/10/23 22:09:03 | 00,095,259 | ---- | C] () hiberfil.sys -> C:\hiberfil.sys -> [2009/10/21 23:05:59 | 21,455,83104 | -HS- | C] () project proposal.rtf -> C:\Users\Jayordan\Documents\project proposal.rtf -> [2009/10/21 22:18:47 | 00,001,922 | ---- | C] () project proposal.wps -> C:\Users\Jayordan\Documents\project proposal.wps -> [2009/10/21 22:06:38 | 00,008,704 | ---- | C] () MalwareRemovalBot Scheduled Scan.job -> C:\Windows\tasks\MalwareRemovalBot Scheduled Scan.job -> [2009/10/20 19:46:44 | 00,000,550 | ---- | C] () Soc.rtf -> C:\Users\Jayordan\Documents\Soc.rtf -> [2009/10/20 15:03:58 | 00,031,812 | ---- | C] () win32k.sys -> C:\Windows\win32k.sys -> [2009/10/20 11:03:27 | 00,000,000 | ---- | C] () midterm backup.wps -> C:\Users\Jayordan\Documents\midterm backup.wps -> [2009/10/20 10:14:16 | 00,056,320 | ---- | C] () Soc. Theory Midterm.wps -> C:\Users\Jayordan\Documents\Soc. Theory Midterm.wps -> [2009/10/18 16:14:55 | 00,056,320 | ---- | C] () Perfect Alarm Clock.lnk -> C:\Users\Jayordan\Desktop\Perfect Alarm Clock.lnk -> [2009/10/16 00:43:29 | 00,000,862 | ---- | C] () Fall 2009 Finals Schedule.xlr -> C:\Users\Jayordan\Documents\Fall 2009 Finals Schedule.xlr -> [2009/10/12 11:59:19 | 00,010,752 | ---- | C] () song.wps -> C:\Users\Jayordan\Documents\song.wps -> [2009/10/12 09:58:51 | 00,009,728 | ---- | C] () Tentative Spring 2010.xlr -> C:\Users\Jayordan\Documents\Tentative Spring 2010.xlr -> [2009/10/11 22:38:00 | 00,010,752 | ---- | C] () Durkheim Review.rtf -> C:\Users\Jayordan\Documents\Durkheim Review.rtf -> [2009/10/11 16:38:49 | 00,004,354 | ---- | C] () Durkheim Review.wps -> C:\Users\Jayordan\Documents\Durkheim Review.wps -> [2009/10/11 15:47:18 | 00,012,288 | ---- | C] () DivX Movies.lnk -> C:\Users\Jayordan\Desktop\DivX Movies.lnk -> [2009/10/11 14:00:46 | 00,001,397 | ---- | C] () Political Anthropology Exam.rtf -> C:\Users\Jayordan\Documents\Political Anthropology Exam.rtf -> [2009/10/07 22:52:18 | 00,009,439 | ---- | C] () Political Anthropology Exam.wps -> C:\Users\Jayordan\Documents\Political Anthropology Exam.wps -> [2009/10/07 20:49:49 | 00,020,480 | ---- | C] () movie list.xlr -> C:\Users\Jayordan\Documents\movie list.xlr -> [2009/09/28 12:25:34 | 00,020,992 | ---- | C] () MRT.INI -> C:\Windows\System32\MRT.INI -> [2009/08/11 20:16:35 | 00,000,118 | ---- | C] () IconCache.db -> C:\Users\Jayordan\AppData\Local\IconCache.db -> [2009/07/26 21:20:00 | 03,430,359 | -H-- | C] () .zreglib -> C:\ProgramData\.zreglib -> [2009/07/16 17:33:41 | 00,000,040 | -HS- | C] () systeminfo3.dll -> C:\Windows\System32\systeminfo3.dll -> [2009/07/02 16:46:53 | 00,000,014 | ---- | C] () DLAAPI_W.DLL -> C:\Windows\System32\DLAAPI_W.DLL -> [2009/07/01 19:56:56 | 00,056,056 | ---- | C] () wininit.ini -> C:\Windows\wininit.ini -> [2009/07/01 19:56:55 | 00,000,120 | ---- | C] () pcouffin.log -> C:\Users\Jayordan\AppData\Roaming\pcouffin.log -> [2009/07/01 19:01:54 | 00,000,033 | ---- | C] () inst.exe -> C:\Users\Jayordan\AppData\Roaming\inst.exe -> [2009/07/01 19:01:22 | 00,087,608 | ---- | C] () pcouffin.cat -> C:\Users\Jayordan\AppData\Roaming\pcouffin.cat -> [2009/07/01 19:01:22 | 00,007,887 | ---- | C] () pcouffin.inf -> C:\Users\Jayordan\AppData\Roaming\pcouffin.inf -> [2009/07/01 19:01:22 | 00,001,144 | ---- | C] () ff_vfw.dll.manifest -> C:\Windows\System32\ff_vfw.dll.manifest -> [2009/05/16 23:56:32 | 00,000,547 | ---- | C] () hpzinstall.log -> C:\ProgramData\hpzinstall.log -> [2008/09/23 20:23:26 | 00,000,702 | ---- | C] () wklnhst.dat -> C:\Users\Jayordan\AppData\Roaming\wklnhst.dat -> [2008/07/20 16:19:53 | 00,027,550 | ---- | C] () nvModes.dat -> C:\Users\Jayordan\AppData\Roaming\nvModes.dat -> [2008/07/19 18:59:14 | 00,283,880 | ---- | C] () nvModes.001 -> C:\Users\Jayordan\AppData\Roaming\nvModes.001 -> [2008/07/19 18:59:14 | 00,283,880 | ---- | C] () stacutil.dll -> C:\Windows\System32\stacutil.dll -> [2008/07/19 18:41:09 | 00,006,656 | ---- | C] () d3d8caps.dat -> C:\Users\Jayordan\AppData\Local\d3d8caps.dat -> [2008/07/13 02:23:31 | 00,000,552 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Jayordan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/07/10 23:50:16 | 00,140,800 | ---- | C] () GDIPFONTCACHEV1.DAT -> C:\Users\Jayordan\AppData\Local\GDIPFONTCACHEV1.DAT -> [2008/07/10 22:51:41 | 00,081,248 | ---- | C] () d3d9caps.dat -> C:\Users\Jayordan\AppData\Local\d3d9caps.dat -> [2008/07/10 22:51:21 | 00,000,680 | ---- | C] () ff_vfw.dll -> C:\Windows\System32\ff_vfw.dll -> [2008/06/12 20:36:38 | 00,057,344 | ---- | C] () xvidvfw.dll -> C:\Windows\System32\xvidvfw.dll -> [2008/04/12 07:41:20 | 00,180,224 | ---- | C] () xvidcore.dll -> C:\Windows\System32\xvidcore.dll -> [2008/04/12 07:30:20 | 00,765,952 | ---- | C] () MFT_anet.dll -> C:\Windows\System32\MFT_anet.dll -> [2007/04/24 13:22:02 | 00,274,432 | ---- | C] () AviSplitter.INI -> C:\Windows\AviSplitter.INI -> [2007/02/05 20:05:26 | 00,000,038 | ---- | C] () px.ini -> C:\Windows\System32\px.ini -> [2006/11/29 12:08:27 | 00,000,000 | ---- | C] () desktop.ini -> C:\Program Files\desktop.ini -> [2006/11/02 05:50:50 | 00,000,174 | -HS- | C] () sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 05:35:32 | 00,005,632 | ---- | C] () system.ini -> C:\Windows\system.ini -> [2006/11/02 03:23:31 | 00,000,219 | ---- | C] () win.ini -> C:\Windows\win.ini -> [2006/11/02 03:23:31 | 00,000,176 | ---- | C] () cngaudit.dll -> C:\Windows\System32\cngaudit.dll -> [2006/11/02 01:43:04 | 00,061,952 | ---- | C] () pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 00:40:29 | 00,013,750 | ---- | C] () CddbPlaylist2Roxio.dll -> C:\Windows\System32\CddbPlaylist2Roxio.dll -> [2006/09/20 23:02:32 | 00,520,192 | ---- | C] () CddbFileTaggerRoxio.dll -> C:\Windows\System32\CddbFileTaggerRoxio.dll -> [2006/09/20 23:02:32 | 00,204,800 | ---- | C] () rixdicon.dll -> C:\Windows\System32\rixdicon.dll -> [2005/05/06 19:06:00 | 00,016,480 | ---- | C] () [File - Lop Check] [File - Purity Scan] [HardLinks - Junction Points - Mount Points - Symbolic Links] capilock.dat -> C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\capilock.dat -> HardLink [Alternate Data Streams] @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:D1B5B4F1 @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 24 bytes -> C:\Windows:2A216DA54AEA4B27 < End of report > [/code]