[code] OTS logfile created on: 09/12/2009 16:22:01 - Run 1 OTS by OldTimer - Version 3.1.8.8 Folder = C:\Users\mebsbobat\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18865) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.99 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 45.15% Memory free 4.00 Gb Paging File | 2.82 Gb Available in Paging File | 70.43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69.00 Gb Total Space | 35.92 Gb Free Space | 52.06% Space Free | Partition Type: NTFS Drive D: | 70.05 Gb Total Space | 66.28 Gb Free Space | 94.62% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MEBSBOBAT-PC Current User Name: mebsbobat Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\mebsbobat\Downloads\OTS.exe -> [2009/12/09 16:19:05 | 00,532,992 | ---- | M] (OldTimer Tools) mcshield.exe -> C:\Program Files\McAfee\VirusScan\Mcshield.exe -> [2009/11/04 16:53:34 | 00,144,704 | ---- | M] (McAfee, Inc.) mcsysmon.exe -> C:\Program Files\McAfee\VirusScan\mcsysmon.exe -> [2009/11/04 15:59:50 | 00,606,736 | ---- | M] (McAfee, Inc.) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2009/11/03 13:28:04 | 00,908,248 | ---- | M] (Mozilla Corporation) mcagent.exe -> c:\Program Files\McAfee.com\Agent\mcagent.exe -> [2009/10/29 06:54:44 | 01,218,008 | ---- | M] (McAfee, Inc.) mcmscsvc.exe -> C:\Program Files\McAfee\MSC\mcmscsvc.exe -> [2009/10/29 06:54:44 | 00,865,832 | ---- | M] (McAfee, Inc.) mpfsrv.exe -> C:\Program Files\McAfee\MPF\MpfSrv.exe -> [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) msksrver.exe -> C:\Program Files\McAfee\MSK\msksrver.exe -> [2009/10/02 13:02:56 | 00,026,640 | ---- | M] (McAfee, Inc.) ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> [2009/09/21 16:36:12 | 00,305,440 | ---- | M] (Apple Inc.) ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) jusched.exe -> C:\Program Files\Java\jre6\bin\jusched.exe -> [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) mcproxy.exe -> c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -> [2009/07/08 11:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) mcnasvc.exe -> c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -> [2009/07/07 19:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) apagent.exe -> C:\Program Files\AirPort\APAgent.exe -> [2009/05/27 12:00:24 | 00,753,664 | ---- | M] (Apple Inc.) explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 16:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) mcsacore.exe -> C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -> [2009/03/11 20:11:14 | 00,210,216 | ---- | M] () mdnsresponder.exe -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) sqlwriter.exe -> C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -> [2008/11/24 22:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation) sqlservr.exe -> C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -> [2008/11/24 22:31:10 | 29,263,712 | ---- | M] (Microsoft Corporation) sqlbrowser.exe -> C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -> [2008/11/24 22:31:08 | 00,239,968 | ---- | M] (Microsoft Corporation) igfxsrvc.exe -> C:\Windows\System32\igfxsrvc.exe -> [2008/02/11 20:13:10 | 00,256,536 | ---- | M] (Intel Corporation) igfxpers.exe -> C:\Windows\System32\igfxpers.exe -> [2008/02/11 20:13:08 | 00,133,656 | ---- | M] (Intel Corporation) igfxext.exe -> C:\Windows\System32\igfxext.exe -> [2008/02/11 20:13:06 | 00,170,520 | ---- | M] (Intel Corporation) hkcmd.exe -> C:\Windows\System32\hkcmd.exe -> [2008/02/11 20:13:02 | 00,166,424 | ---- | M] (Intel Corporation) msascui.exe -> C:\Program Files\Windows Defender\MSASCui.exe -> [2008/01/19 17:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) wmpnscfg.exe -> C:\Program Files\Windows Media Player\wmpnscfg.exe -> [2008/01/19 17:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) bcmsqlstartupsvc.exe -> C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -> [2008/01/11 17:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) easybatterymgr3.exe -> C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe -> [2007/04/12 13:01:36 | 00,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) dmhkcore.exe -> C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe -> [2007/04/09 16:51:44 | 00,712,704 | ---- | M] (SAMSUNG Electronics) magicdoctorkbdhk.exe -> C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe -> [2007/03/15 21:00:24 | 00,033,280 | ---- | M] (Samsung Electronics Co., Ltd.) rthdvcpl.exe -> C:\Windows\RtHDVCpl.exe -> [2007/03/15 09:50:24 | 04,399,104 | ---- | M] (Realtek Semiconductor) easyspeedupmanager.exe -> C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe -> [2007/03/14 20:07:40 | 00,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) viivmonitor.exe -> C:\Program Files\Intel\Intel Media Share Software\ViivMonitor.exe -> [2007/03/10 22:40:50 | 00,069,632 | ---- | M] (Intel(R) Corporation) imssync.exe -> C:\Program Files\Intel\Intel Media Share Software\IMSSync.exe -> [2007/03/10 22:40:42 | 00,368,640 | ---- | M] (Intel® Corporation) syntpenh.exe -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> [2007/02/07 12:17:10 | 00,839,680 | ---- | M] (Synaptics, Inc.) pdvdserv.exe -> C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe -> [2006/11/23 16:10:42 | 00,056,928 | ---- | M] (Cyberlink Corp.) agrsmsvc.exe -> C:\Windows\System32\agrsmsvc.exe -> [2006/10/06 06:10:12 | 00,009,216 | ---- | M] (Agere Systems) richvideo.exe -> C:\Program Files\CyberLink\Shared Files\RichVideo.exe -> [2005/08/08 15:54:00 | 00,167,936 | ---- | M] () [Modules - Safe List] ots.exe -> C:\Users\mebsbobat\Downloads\OTS.exe -> [2009/12/09 16:19:05 | 00,532,992 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll -> [2009/04/11 16:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) sahook.dll -> C:\Program Files\McAfee\SiteAdvisor\sahook.dll -> [2009/03/11 20:11:16 | 00,014,032 | ---- | M] () [Win32 Services - Safe List] (McShield) McAfee Real-time Scanner [Unknown | Running] -> C:\Program Files\McAfee\VirusScan\Mcshield.exe -> [2009/11/04 16:53:34 | 00,144,704 | ---- | M] (McAfee, Inc.) (McSysmon) McAfee SystemGuards [On_Demand | Running] -> C:\Program Files\McAfee\VirusScan\mcsysmon.exe -> [2009/11/04 15:59:50 | 00,606,736 | ---- | M] (McAfee, Inc.) (mcmscsvc) McAfee Services [Auto | Running] -> C:\Program Files\McAfee\MSC\mcmscsvc.exe -> [2009/10/29 06:54:44 | 00,865,832 | ---- | M] (McAfee, Inc.) (McODS) McAfee Scanner [On_Demand | Stopped] -> C:\Program Files\McAfee\VirusScan\mcods.exe -> [2009/10/28 11:50:32 | 00,365,072 | ---- | M] (McAfee, Inc.) (MpfService) McAfee Personal Firewall Service [Auto | Running] -> C:\Program Files\McAfee\MPF\MPFSrv.exe -> [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) (MSK80Service) McAfee Anti-Spam Service [Auto | Running] -> C:\Program Files\McAfee\MSK\MskSrver.exe -> [2009/10/02 13:02:56 | 00,026,640 | ---- | M] (McAfee, Inc.) (FontCache) Windows Font Cache Service [On_Demand | Stopped] -> C:\Windows\System32\FntCache.dll -> [2009/09/25 11:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) (iPod Service) iPod Service [On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) (Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) (McProxy) McAfee Proxy Service [Auto | Running] -> c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -> [2009/07/08 11:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) (McNASvc) McAfee Network Agent [Auto | Running] -> c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -> [2009/07/07 19:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) (McAfee SiteAdvisor Service) McAfee SiteAdvisor Service [Auto | Running] -> C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -> [2009/03/11 20:11:14 | 00,210,216 | ---- | M] () (Bonjour Service) Bonjour Service [Auto | Running] -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) (SQLWriter) SQL Server VSS Writer [Auto | Running] -> C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -> [2008/11/24 22:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation) (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) [On_Demand | Running] -> C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -> [2008/11/24 22:31:10 | 29,263,712 | ---- | M] (Microsoft Corporation) (SQLBrowser) SQL Server Browser [Auto | Running] -> C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -> [2008/11/24 22:31:08 | 00,239,968 | ---- | M] (Microsoft Corporation) (MSSQLServerADHelper) SQL Server Active Directory Helper [Disabled | Stopped] -> C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -> [2008/11/24 22:31:08 | 00,045,408 | ---- | M] (Microsoft Corporation) (WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/19 17:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) (BcmSqlStartupSvc) Business Contact Manager SQL Server Startup Service [Auto | Running] -> C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -> [2008/01/11 17:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) (odserv) Microsoft Office Diagnostics Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) (IMSSync) Intel(R) Media Share Synch Service [Auto | Running] -> C:\Program Files\Intel\Intel Media Share Software\IMSSync.exe -> [2007/03/10 22:40:42 | 00,368,640 | ---- | M] (Intel® Corporation) (ehstart) Windows Media Center Service Launcher [Auto | Stopped] -> C:\Windows\ehome\ehstart.dll -> [2006/11/02 22:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) (AgereModemAudio) Agere Modem Call Progress Audio [Auto | Running] -> C:\Windows\System32\agrsmsvc.exe -> [2006/10/06 06:10:12 | 00,009,216 | ---- | M] (Agere Systems) (RichVideo) Cyberlink RichVideo Service(CRVS) [Auto | Running] -> C:\Program Files\CyberLink\Shared Files\RichVideo.exe -> [2005/08/08 15:54:00 | 00,167,936 | ---- | M] () (IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 09:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [Driver Services - Safe List] (mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> C:\Windows\System32\drivers\mfehidk.sys -> [2009/11/04 16:54:12 | 00,214,664 | ---- | M] (McAfee, Inc.) (mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\mfeavfk.sys -> [2009/11/04 16:54:12 | 00,079,816 | ---- | M] (McAfee, Inc.) (mfesmfk) McAfee Inc. mfesmfk [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\mfesmfk.sys -> [2009/11/04 16:54:12 | 00,040,552 | ---- | M] (McAfee, Inc.) (mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\mfebopk.sys -> [2009/11/04 16:54:12 | 00,035,272 | ---- | M] (McAfee, Inc.) (mferkdk) McAfee Inc. mferkdk [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mferkdk.sys -> [2009/11/04 16:53:40 | 00,034,248 | ---- | M] (McAfee, Inc.) (USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\usbaapl.sys -> [2009/08/28 19:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) (MPFP) MPFP [Kernel | System | Running] -> C:\Windows\System32\drivers\Mpfp.sys -> [2009/07/16 12:32:26 | 00,130,424 | ---- | M] (McAfee, Inc.) (GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\GEARAspiWDM.sys -> [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) (igfx) igfx [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2008/02/11 19:36:10 | 02,302,976 | ---- | M] (Intel Corporation) (yukonwlh) NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\yk60x86.sys -> [2007/12/06 09:51:00 | 00,298,496 | ---- | M] (Marvell) (NETw4v32) Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\NETw4v32.sys -> [2007/10/31 18:36:32 | 02,252,800 | ---- | M] (Intel Corporation) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTKVHDA.sys -> [2007/03/15 10:54:06 | 01,749,152 | ---- | M] (Realtek Semiconductor Corp.) (SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SynTP.sys -> [2007/02/10 11:09:10 | 00,182,456 | ---- | M] (Synaptics, Inc.) (rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimmptsk.sys -> [2007/01/24 13:18:32 | 00,039,936 | ---- | M] (REDC) (rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rixdptsk.sys -> [2007/01/24 11:03:28 | 00,037,376 | ---- | M] (REDC) (rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimsptsk.sys -> [2007/01/24 10:40:20 | 00,042,496 | ---- | M] (REDC) (btwaudio) Bluetooth Audio Device Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\btwaudio.sys -> [2006/12/21 05:08:16 | 00,078,128 | ---- | M] (Broadcom Corporation.) (btwrchid) btwrchid [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\btwrchid.sys -> [2006/12/21 05:07:04 | 00,016,560 | ---- | M] (Broadcom Corporation.) (btwavdt) Bluetooth AVDT [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\btwavdt.sys -> [2006/12/21 05:04:16 | 00,080,688 | ---- | M] (Broadcom Corporation.) (AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AGRSM.sys -> [2006/11/28 20:11:00 | 01,161,888 | ---- | M] (Agere Systems) (KMDFMEMIO) SAMSUNG Kernel Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\KMDFMEMIO.sys -> [2006/11/14 10:11:54 | 00,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) (ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2006/11/02 19:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) (adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2006/11/02 19:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) (elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2006/11/02 19:51:34 | 00,316,520 | ---- | M] (Emulex) (adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2006/11/02 19:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) (uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2006/11/02 19:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) (iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2006/11/02 19:51:25 | 00,232,040 | ---- | M] (Intel Corporation) (adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2006/11/02 19:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) (ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2006/11/02 19:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) (vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2006/11/02 19:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) (ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 19:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) (UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 19:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2006/11/02 19:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) (nvraid) nvraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2006/11/02 19:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) (nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 19:50:19 | 00,045,160 | ---- | M] (IBM Corporation) (iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 19:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) (SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2006/11/02 19:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) (nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2006/11/02 19:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 19:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) (arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2006/11/02 19:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) (LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2006/11/02 19:50:10 | 00,065,640 | ---- | M] (LSI Logic) (SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid2.sys -> [2006/11/02 19:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) (HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2006/11/02 19:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) (arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2006/11/02 19:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) (iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 19:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) (iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 19:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) (LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2006/11/02 19:50:05 | 00,065,640 | ---- | M] (LSI Logic) (Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 19:50:05 | 00,035,944 | ---- | M] (LSI Logic) (LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2006/11/02 19:50:04 | 00,065,640 | ---- | M] (LSI Logic) (Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 19:50:03 | 00,034,920 | ---- | M] (LSI Logic) (Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 19:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) (Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 19:49:56 | 00,031,848 | ---- | M] (LSI Logic) (megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2006/11/02 19:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) (viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2006/11/02 19:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) (cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2006/11/02 19:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) (aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2006/11/02 19:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) (Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 18:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) (BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 18:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) (BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 18:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) (BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 18:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) (BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 18:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) (BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 18:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) (ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 17:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) (R300) R300 [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\atikmdag.sys -> [2006/11/02 17:36:43 | 02,028,032 | ---- | M] (ATI Technologies Inc.) (NETw2v32) Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows Vista [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\NETw2v32.sys -> [2006/11/02 17:30:56 | 02,589,184 | ---- | M] (Intel® Corporation) (RTL8023xp) Realtek 10/100 NIC Family NDIS x86 Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\Rtnicxp.sys -> [2006/11/02 17:30:56 | 00,047,104 | ---- | M] (Realtek Semiconductor Corporation ) (E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2006/11/02 17:30:54 | 00,117,760 | ---- | M] (Intel Corporation) (secdrv) Security Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\secdrv.sys -> [2006/11/02 16:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (RIOUNIV) Rio universal USB driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\RIOUNIV.SYS -> [2003/10/04 09:03:44 | 00,016,128 | ---- | M] (Digital Networks North America, Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://uk.yahoo.com -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://uk.yahoo.com -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> HKEY_USERS\.DEFAULT\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-18\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\] > -> -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\: Main\\"Start Page" -> http://www.google.com.au/ -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\: Main\\"StartPageCache" -> 1 -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\: URLSearchHooks\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> Reg Error: Key error. [Yahoo! Toolbar] -> File not found HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\mebsbobat\AppData\Roaming\Mozilla\FireFox\Profiles\up7ui61d.default\prefs.js -> browser.startup.homepage -> "http://www.google.com.au/firefox?client=firefox-a&rls=org.mozilla:en-GB:official" -> extensions.enabledItems -> {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45} -> C:\Program Files\McAfee\SiteAdvisor [C:\PROGRAM FILES\MCAFEE\SITEADVISOR] -> [2009/12/09 14:44:48 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/12/08 11:53:25 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/12/09 15:28:50 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\mebsbobat\AppData\Roaming\Mozilla\Extensions -> [2009/12/08 11:53:37 | 00,000,000 | ---D | M] -> C:\Users\mebsbobat\AppData\Roaming\Mozilla\Firefox\Profiles\up7ui61d.default\extensions -> [2009/12/09 15:16:58 | 00,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2009/12/08 11:53:24 | 00,000,000 | ---D | M] < HOSTS File > (761 bytes and 20 lines) -> C:\Windows\System32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost ::1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 06:16:42 | 00,059,032 | ---- | M] (Adobe Systems Incorporated) {27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> c:\Program Files\McAfee\MSK\mskapbho.dll [McAfee Phishing Filter] -> [2009/10/02 13:02:56 | 00,246,800 | ---- | M] () {6860A44B-5D3E-433D-A7B5-D517F810D0E7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> C:\Program Files\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> [2009/11/04 16:53:42 | 00,062,784 | ---- | M] (McAfee, Inc.) {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor BHO] -> [2009/02/13 12:44:56 | 00,150,032 | ---- | M] () {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/07/25 05:23:03 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor Toolbar] -> [2009/02/13 12:44:56 | 00,150,032 | ---- | M] () "{DB9FBA9D-AB1B-4CC6-9745-F3B549D64E40}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\] > -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{DB9FBA9D-AB1B-4CC6-9745-F3B549D64E40}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "AirPort Base Station Agent" -> C:\Program Files\AirPort\APAgent.exe ["C:\Program Files\AirPort\APAgent.exe"] -> [2009/05/27 12:00:24 | 00,753,664 | ---- | M] (Apple Inc.) "AppleSyncNotifier" -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe] -> [2009/08/13 15:51:42 | 00,177,440 | ---- | M] (Apple Inc.) "HotKeysCmds" -> C:\Windows\System32\hkcmd.exe [C:\Windows\system32\hkcmd.exe] -> [2008/02/11 20:13:02 | 00,166,424 | ---- | M] (Intel Corporation) "IgfxTray" -> C:\Windows\System32\igfxtray.exe [C:\Windows\system32\igfxtray.exe] -> [2008/02/11 20:13:12 | 00,141,848 | ---- | M] (Intel Corporation) "iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2009/09/21 16:36:12 | 00,305,440 | ---- | M] (Apple Inc.) "LanguageShortcut" -> C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ["C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"] -> [2006/12/05 23:55:32 | 00,054,832 | ---- | M] () "mcagent_exe" -> C:\Program Files\McAfee.com\Agent\mcagent.exe ["C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey] -> [2009/10/29 06:54:44 | 01,218,008 | ---- | M] (McAfee, Inc.) "Persistence" -> C:\Windows\System32\igfxpers.exe [C:\Windows\system32\igfxpers.exe] -> [2008/02/11 20:13:08 | 00,133,656 | ---- | M] (Intel Corporation) "Play AVStation TV Scheduler" -> C:\Program Files\Samsung\Play AVStation\TvScheduler.exe [C:\Program Files\Samsung\Play AVStation\TvScheduler.exe] -> [2007/01/09 12:09:42 | 00,073,728 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) "QuickTime Task" -> C:\Program Files\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2009/09/05 01:54:42 | 00,417,792 | ---- | M] (Apple Inc.) "RemoteControl" -> C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe ["C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"] -> [2006/11/23 16:10:42 | 00,056,928 | ---- | M] (Cyberlink Corp.) "RtHDVCpl" -> C:\Windows\RtHDVCpl.exe [RtHDVCpl.exe] -> [2007/03/15 09:50:24 | 04,399,104 | ---- | M] (Realtek Semiconductor) "SunJavaUpdateSched" -> C:\Program Files\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) "SynTPEnh" -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2007/02/07 12:17:10 | 00,839,680 | ---- | M] (Synaptics, Inc.) "ViivMonitor" -> C:\Program Files\Intel\Intel Media Share Software\ViivMonitor.exe [C:\Program Files\Intel\Intel Media Share Software\ViivMonitor.exe] -> [2007/03/10 22:40:50 | 00,069,632 | ---- | M] (Intel(R) Corporation) "Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/19 17:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 16:28:23 | 02,153,472 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 16:28:23 | 02,153,472 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\] > -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "calc" -> C:\Users\MEBSBO~1\ntuser.DLL [rundll32.exe C:\Users\MEBSBO~1\ntuser.dll,_IWMPEvents@0] -> File not found "WMPNSCFG" -> C:\Program Files\Windows Media Player\wmpnscfg.exe [C:\Program Files\Windows Media Player\WMPNSCFG.exe] -> [2008/01/19 17:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"NoHotStart" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\] > -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\Software\Microsoft\Internet Explorer\MenuExt\ -> Send image to &Bluetooth Device... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2006/08/29 16:12:28 | 00,002,773 | ---- | M] () Send page to &Bluetooth Device... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2006/10/26 20:28:50 | 00,005,601 | ---- | M] () < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {9034A523-D068-4BE8-A284-9DF278BE776E}:Exec [HKLM] -> [Menu: IE Anti-Spyware] -> File not found {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: @btrez.dll,-4015] -> [2006/10/26 20:28:50 | 00,005,601 | ---- | M] () {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @btrez.dll,-12650] -> [2006/10/26 20:28:50 | 00,005,601 | ---- | M] () < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 23 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 23 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 23 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 23 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\] > -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 76 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\] > -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 23 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab [Java Plug-in 1.6.0_15] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] -> {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab [Java Plug-in 1.6.0_15] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab [Java Plug-in 1.6.0_15] -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 10.78.8.33 10.76.8.11 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {8DF3635E-944B-4548-AD02-831CEE31A664}\\DhcpNameServer -> 10.78.8.33 10.76.8.11 (Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 16:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) rundll32.exe -> -> File not found xbwg.oko -> C:\Windows\System32\xbwg.oko -> [2009/12/06 15:56:18 | 00,026,113 | ---- | M] () xugptq -> -> File not found *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\sdra64.exe -> C:\Windows\System32\sdra64.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003] > -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_USERS\S-1-5-21-882264185-3285385689-782063539-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 16:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> C:\Windows\System32\igfxdev.dll -> [2008/02/11 18:46:44 | 00,204,800 | ---- | M] (Intel Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Program Files\BitTorrent\bittorrent.exe" -> C:\Program Files\BitTorrent\bittorrent.exe [C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006/09/19 07:43:36 | 00,000,024 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> [Registry - Additional Scans - Safe List] < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> FastUserSwitchingCompatibility -> [] -> Ias -> [] -> Irmon -> [] -> Nla -> [] -> Ntmssvc -> [] -> NWCWorkstation -> [] -> Nwsapagent -> [] -> SRService -> [] -> Wmi -> [] -> WmdmPmSp -> [] -> LogonHours -> [] -> PCAudit -> [] -> helpsvc -> [] -> uploadmgr -> [] -> *MultiFile Done* -> -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> chm.file [open] -> "%SystemRoot%\hh.exe" %1 -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2006/11/02 19:44:59 | 00,211,968 | ---- | M] (Microsoft Corporation) exefile [open] -> "%1" %* -> helpfile [open] -> Reg Error: Key error. hlpfile [open] -> %SystemRoot%\winhlp32.exe %1 -> [2006/11/02 19:45:57 | 00,009,216 | ---- | M] (Microsoft Corporation) htmlfile [edit] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 -> [2006/10/26 21:12:34 | 00,067,896 | ---- | M] (Microsoft Corporation) htmlfile [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" -nohome -> [2009/11/21 16:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) htmlfile [opennew] -> "C:\Program Files\Internet Explorer\iexplore.exe" %1 -> [2009/11/21 16:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) htmlfile [print] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2006/10/26 21:12:34 | 00,067,896 | ---- | M] (Microsoft Corporation) http [open] -> Reg Error: Value error. https [open] -> Reg Error: Value error. inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2008/01/19 17:33:12 | 00,011,776 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> regfile [merge] -> Reg Error: Key error. scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2008/01/19 17:32:56 | 00,368,640 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> txtfile [edit] -> Reg Error: Key error. Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2008/01/19 17:33:04 | 00,318,976 | ---- | M] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 16:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) Folder [open] -> %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L -> [2009/04/11 16:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L -> [2009/04/11 16:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 16:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) Applications\iexplore.exe [open] -> "C:\Program Files\Internet Explorer\iexplore.exe" %1 -> [2009/11/21 16:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "C:\Program Files\Internet Explorer\iexplore.exe" -> [2009/11/21 16:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 06/12/2009 01:34:32 Computer Name = mebsbobat-PC | Source = Windows Search Service | ID = 3013 -> Description = Application [ Error ] 06/12/2009 01:56:03 Computer Name = mebsbobat-PC | Source = Application Error | ID = 1000 -> Description = Faulting application iexplore.exe, version 8.0.6001.18828, time stamp 0x4a9600c9, faulting module Flash10b.ocx, version 10.0.22.87, time stamp 0x4987a6c3, exception code 0xc0000005, fault offset 0x001f6004, process id 0x15bc, application start time 0x01ca7638a6e2f20d. Application [ Error ] 06/12/2009 01:56:19 Computer Name = mebsbobat-PC | Source = Application Error | ID = 1000 -> Description = Faulting application AcroRd32.exe, version 7.0.8.218, time stamp 0x446abf60, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x2031fe16, process id 0x338, application start time 0x01ca7638c629898d. Application [ Error ] 06/12/2009 01:57:27 Computer Name = mebsbobat-PC | Source = VSS | ID = 8194 -> Description = Application [ Error ] 06/12/2009 02:07:32 Computer Name = mebsbobat-PC | Source = Application Error | ID = 1000 -> Description = Faulting application DllHost.exe, version 6.0.6000.16386, time stamp 0x4549b14e, faulting module ole32.dll, version 6.0.6002.18005, time stamp 0x49e037d7, exception code 0xc0000005, fault offset 0x000472da, process id 0xbbc, application start time 0x01ca7639103f24dd. Application [ Error ] 07/12/2009 06:34:16 Computer Name = mebsbobat-PC | Source = Application Error | ID = 1000 -> Description = Faulting application iexplore.exe, version 8.0.6001.18828, time stamp 0x4a9600c9, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821, exception code 0xc0000005, fault offset 0x00067409, process id 0x460, application start time 0x01ca77287b414438. Application [ Error ] 07/12/2009 06:38:52 Computer Name = mebsbobat-PC | Source = MpfService | ID = 2 -> Description = Application [ Error ] 07/12/2009 06:42:43 Computer Name = mebsbobat-PC | Source = MpfService | ID = 2 -> Description = Application [ Error ] 07/12/2009 07:13:56 Computer Name = mebsbobat-PC | Source = MpfService | ID = 2 -> Description = Application [ Error ] 07/12/2009 18:36:00 Computer Name = mebsbobat-PC | Source = MpfService | ID = 2 -> Description = System [ Error ] 09/12/2009 01:36:44 Computer Name = mebsbobat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 09/12/2009 01:37:07 Computer Name = mebsbobat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 09/12/2009 01:37:34 Computer Name = mebsbobat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 09/12/2009 01:37:45 Computer Name = mebsbobat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 09/12/2009 01:38:58 Computer Name = mebsbobat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 09/12/2009 01:39:12 Computer Name = mebsbobat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 09/12/2009 01:41:06 Computer Name = mebsbobat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 09/12/2009 01:41:14 Computer Name = mebsbobat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 09/12/2009 01:41:51 Computer Name = mebsbobat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 09/12/2009 01:43:51 Computer Name = mebsbobat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = [Files/Folders - Created Within 30 Days] Apple_Inc -> C:\Users\mebsbobat\AppData\Local\Apple_Inc -> [2009/12/09 15:45:12 | 00,000,000 | ---D | C] Quintessential Media Player -> C:\Program Files\Quintessential Media Player -> [2009/12/09 15:29:24 | 00,000,000 | ---D | C] WindowsUpdate -> C:\Users\mebsbobat\AppData\Local\WindowsUpdate -> [2009/12/09 15:09:35 | 00,000,000 | ---D | C] LastGood.Tmp -> C:\Windows\LastGood.Tmp -> [2009/12/09 14:56:40 | 00,000,000 | ---D | C] nshhttp.dll -> C:\Windows\System32\nshhttp.dll -> [2009/12/09 14:41:27 | 00,024,064 | ---- | C] (Microsoft Corporation) httpapi.dll -> C:\Windows\System32\httpapi.dll -> [2009/12/09 14:41:26 | 00,030,720 | ---- | C] (Microsoft Corporation) mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2009/12/09 14:37:07 | 01,638,912 | ---- | C] (Microsoft Corporation) inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2009/12/09 14:37:07 | 01,469,440 | ---- | C] (Microsoft Corporation) msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2009/12/09 14:37:07 | 00,594,432 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2009/12/09 14:37:07 | 00,387,584 | ---- | C] (Microsoft Corporation) iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2009/12/09 14:37:07 | 00,184,320 | ---- | C] (Microsoft Corporation) ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2009/12/09 14:37:07 | 00,173,056 | ---- | C] (Microsoft Corporation) ieui.dll -> C:\Windows\System32\ieui.dll -> [2009/12/09 14:37:07 | 00,164,352 | ---- | C] (Microsoft Corporation) ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2009/12/09 14:37:07 | 00,133,632 | ---- | C] (Microsoft Corporation) iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2009/12/09 14:37:07 | 00,109,056 | ---- | C] (Microsoft Corporation) iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2009/12/09 14:37:07 | 00,071,680 | ---- | C] (Microsoft Corporation) iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2009/12/09 14:37:07 | 00,055,808 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2009/12/09 14:37:07 | 00,055,296 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2009/12/09 14:37:07 | 00,025,600 | ---- | C] (Microsoft Corporation) msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2009/12/09 14:37:07 | 00,013,312 | ---- | C] (Microsoft Corporation) rastls.dll -> C:\Windows\System32\rastls.dll -> [2009/12/09 14:36:00 | 00,243,712 | ---- | C] (Microsoft Corporation) Mozilla -> C:\Users\mebsbobat\AppData\Roaming\Mozilla -> [2009/12/08 11:53:33 | 00,000,000 | ---D | C] SiteAdvisor -> C:\ProgramData\SiteAdvisor -> [2009/12/08 09:19:19 | 00,000,000 | ---D | C] mfeavfk.sys -> C:\Windows\System32\drivers\mfeavfk.sys -> [2009/12/08 09:16:47 | 00,079,816 | ---- | C] (McAfee, Inc.) mfesmfk.sys -> C:\Windows\System32\drivers\mfesmfk.sys -> [2009/12/08 09:16:47 | 00,040,552 | ---- | C] (McAfee, Inc.) mfebopk.sys -> C:\Windows\System32\drivers\mfebopk.sys -> [2009/12/08 09:16:47 | 00,035,272 | ---- | C] (McAfee, Inc.) Mpfp.sys -> C:\Windows\System32\drivers\Mpfp.sys -> [2009/12/08 09:16:38 | 00,130,424 | ---- | C] (McAfee, Inc.) McAfee -> C:\Program Files\Common Files\McAfee -> [2009/12/08 09:15:58 | 00,000,000 | ---D | C] McAfee.com -> C:\Program Files\McAfee.com -> [2009/12/08 09:15:56 | 00,000,000 | ---D | C] McAfee -> C:\Program Files\McAfee -> [2009/12/08 09:15:54 | 00,000,000 | ---D | C] mferkdk.sys -> C:\Windows\System32\drivers\mferkdk.sys -> [2009/12/08 09:10:02 | 00,034,248 | ---- | C] (McAfee, Inc.) lowsec -> C:\Windows\System32\lowsec -> [2009/12/06 16:57:52 | 00,000,000 | -HSD | C] dypeucmp.exe -> C:\dypeucmp.exe -> [2009/12/06 16:57:42 | 00,098,304 | ---- | C] (lObJggk) Windows Portable Devices -> C:\Program Files\Windows Portable Devices -> [2009/12/06 15:14:34 | 00,000,000 | ---D | C] tzres.dll -> C:\Windows\System32\tzres.dll -> [2009/12/06 15:04:54 | 00,002,048 | ---- | C] (Microsoft Corporation) UIAnimation.dll -> C:\Windows\System32\UIAnimation.dll -> [2009/12/06 15:03:19 | 00,092,672 | ---- | C] (Microsoft Corporation) UIRibbon.dll -> C:\Windows\System32\UIRibbon.dll -> [2009/12/06 15:03:13 | 03,023,360 | ---- | C] (Microsoft Corporation) UIRibbonRes.dll -> C:\Windows\System32\UIRibbonRes.dll -> [2009/12/06 15:03:13 | 01,164,800 | ---- | C] (Microsoft Corporation) WMPhoto.dll -> C:\Windows\System32\WMPhoto.dll -> [2009/12/06 15:01:50 | 00,369,664 | ---- | C] (Microsoft Corporation) cdd.dll -> C:\Windows\System32\cdd.dll -> [2009/12/06 15:01:40 | 00,037,888 | ---- | C] (Microsoft Corporation) d3d10warp.dll -> C:\Windows\System32\d3d10warp.dll -> [2009/12/06 15:01:32 | 00,829,440 | ---- | C] (Microsoft Corporation) printfilterpipelineprxy.dll -> C:\Windows\System32\printfilterpipelineprxy.dll -> [2009/12/06 15:01:32 | 00,026,112 | ---- | C] (Microsoft Corporation) xpsservices.dll -> C:\Windows\System32\xpsservices.dll -> [2009/12/06 15:01:29 | 01,554,432 | ---- | C] (Microsoft Corporation) DWrite.dll -> C:\Windows\System32\DWrite.dll -> [2009/12/06 15:01:29 | 01,064,448 | ---- | C] (Microsoft Corporation) WindowsCodecs.dll -> C:\Windows\System32\WindowsCodecs.dll -> [2009/12/06 15:01:29 | 00,974,848 | ---- | C] (Microsoft Corporation) OpcServices.dll -> C:\Windows\System32\OpcServices.dll -> [2009/12/06 15:01:29 | 00,847,360 | ---- | C] (Microsoft Corporation) d2d1.dll -> C:\Windows\System32\d2d1.dll -> [2009/12/06 15:01:29 | 00,828,928 | ---- | C] (Microsoft Corporation) FntCache.dll -> C:\Windows\System32\FntCache.dll -> [2009/12/06 15:01:29 | 00,793,088 | ---- | C] (Microsoft Corporation) printfilterpipelinesvc.exe -> C:\Windows\System32\printfilterpipelinesvc.exe -> [2009/12/06 15:01:29 | 00,667,648 | ---- | C] (Microsoft Corporation) d3d10level9.dll -> C:\Windows\System32\d3d10level9.dll -> [2009/12/06 15:01:29 | 00,486,912 | ---- | C] (Microsoft Corporation) XpsPrint.dll -> C:\Windows\System32\XpsPrint.dll -> [2009/12/06 15:01:29 | 00,351,232 | ---- | C] (Microsoft Corporation) PhotoMetadataHandler.dll -> C:\Windows\System32\PhotoMetadataHandler.dll -> [2009/12/06 15:01:29 | 00,321,024 | ---- | C] (Microsoft Corporation) XpsGdiConverter.dll -> C:\Windows\System32\XpsGdiConverter.dll -> [2009/12/06 15:01:29 | 00,280,064 | ---- | C] (Microsoft Corporation) dxdiag.exe -> C:\Windows\System32\dxdiag.exe -> [2009/12/06 15:01:29 | 00,252,928 | ---- | C] (Microsoft Corporation) dxdiagn.dll -> C:\Windows\System32\dxdiagn.dll -> [2009/12/06 15:01:29 | 00,195,584 | ---- | C] (Microsoft Corporation) d3d10core.dll -> C:\Windows\System32\d3d10core.dll -> [2009/12/06 15:01:29 | 00,190,464 | ---- | C] (Microsoft Corporation) WindowsCodecsExt.dll -> C:\Windows\System32\WindowsCodecsExt.dll -> [2009/12/06 15:01:29 | 00,189,440 | ---- | C] (Microsoft Corporation) XpsRasterService.dll -> C:\Windows\System32\XpsRasterService.dll -> [2009/12/06 15:01:29 | 00,135,680 | ---- | C] (Microsoft Corporation) d3d10.dll -> C:\Windows\System32\d3d10.dll -> [2009/12/06 15:01:28 | 01,030,144 | ---- | C] (Microsoft Corporation) d3d11.dll -> C:\Windows\System32\d3d11.dll -> [2009/12/06 15:01:28 | 00,519,680 | ---- | C] (Microsoft Corporation) dxgi.dll -> C:\Windows\System32\dxgi.dll -> [2009/12/06 15:01:28 | 00,481,792 | ---- | C] (Microsoft Corporation) d3d10_1core.dll -> C:\Windows\System32\d3d10_1core.dll -> [2009/12/06 15:01:28 | 00,218,112 | ---- | C] (Microsoft Corporation) d3d10_1.dll -> C:\Windows\System32\d3d10_1.dll -> [2009/12/06 15:01:28 | 00,161,280 | ---- | C] (Microsoft Corporation) WPDShextAutoplay.exe -> C:\Windows\System32\WPDShextAutoplay.exe -> [2009/12/06 15:00:47 | 00,030,208 | ---- | C] (Microsoft Corporation) BthMtpContextHandler.dll -> C:\Windows\System32\BthMtpContextHandler.dll -> [2009/12/06 15:00:46 | 00,031,232 | ---- | C] (Microsoft Corporation) PortableDeviceConnectApi.dll -> C:\Windows\System32\PortableDeviceConnectApi.dll -> [2009/12/06 15:00:22 | 00,060,928 | ---- | C] (Microsoft Corporation) WpdConns.dll -> C:\Windows\System32\WpdConns.dll -> [2009/12/06 15:00:03 | 00,033,280 | ---- | C] (Microsoft Corporation) WpdMtpUS.dll -> C:\Windows\System32\WpdMtpUS.dll -> [2009/12/06 15:00:01 | 00,061,952 | ---- | C] (Microsoft Corporation) wpd_ci.dll -> C:\Windows\System32\wpd_ci.dll -> [2009/12/06 15:00:00 | 00,546,816 | ---- | C] (Microsoft Corporation) WPDSp.dll -> C:\Windows\System32\WPDSp.dll -> [2009/12/06 15:00:00 | 00,350,208 | ---- | C] (Microsoft Corporation) PortableDeviceApi.dll -> C:\Windows\System32\PortableDeviceApi.dll -> [2009/12/06 15:00:00 | 00,334,848 | ---- | C] (Microsoft Corporation) WpdMtp.dll -> C:\Windows\System32\WpdMtp.dll -> [2009/12/06 15:00:00 | 00,226,816 | ---- | C] (Microsoft Corporation) PortableDeviceWMDRM.dll -> C:\Windows\System32\PortableDeviceWMDRM.dll -> [2009/12/06 15:00:00 | 00,196,608 | ---- | C] (Microsoft Corporation) PortableDeviceTypes.dll -> C:\Windows\System32\PortableDeviceTypes.dll -> [2009/12/06 15:00:00 | 00,160,256 | ---- | C] (Microsoft Corporation) PortableDeviceClassExtension.dll -> C:\Windows\System32\PortableDeviceClassExtension.dll -> [2009/12/06 15:00:00 | 00,100,864 | ---- | C] (Microsoft Corporation) oleaccrc.dll -> C:\Windows\System32\oleaccrc.dll -> [2009/12/06 14:58:05 | 00,004,096 | ---- | C] (Microsoft Corporation) UIAutomationCore.dll -> C:\Windows\System32\UIAutomationCore.dll -> [2009/12/06 14:58:00 | 00,555,520 | ---- | C] (Microsoft Corporation) unregmp2.exe -> C:\Windows\System32\unregmp2.exe -> [2009/12/06 14:40:59 | 00,310,784 | ---- | C] (Microsoft Corporation) wmploc.DLL -> C:\Windows\System32\wmploc.DLL -> [2009/12/06 14:40:51 | 08,147,456 | ---- | C] (Microsoft Corporation) timedate.cpl -> C:\Windows\System32\timedate.cpl -> [2009/12/06 14:34:23 | 00,714,240 | ---- | C] (Microsoft Corporation) win32k.sys -> C:\Windows\System32\win32k.sys -> [2009/12/06 14:34:20 | 02,036,736 | ---- | C] (Microsoft Corporation) WSDApi.dll -> C:\Windows\System32\WSDApi.dll -> [2009/12/06 14:34:08 | 00,355,328 | ---- | C] (Microsoft Corporation) wups2.dll -> C:\Windows\System32\wups2.dll -> [2009/12/06 13:30:03 | 00,044,768 | ---- | C] (Microsoft Corporation) wucltux.dll -> C:\Windows\System32\wucltux.dll -> [2009/12/06 13:30:02 | 02,421,760 | ---- | C] (Microsoft Corporation) wuapi.dll -> C:\Windows\System32\wuapi.dll -> [2009/12/06 13:28:33 | 00,575,704 | ---- | C] (Microsoft Corporation) wudriver.dll -> C:\Windows\System32\wudriver.dll -> [2009/12/06 13:28:33 | 00,087,552 | ---- | C] (Microsoft Corporation) wups.dll -> C:\Windows\System32\wups.dll -> [2009/12/06 13:28:33 | 00,035,552 | ---- | C] (Microsoft Corporation) wuwebv.dll -> C:\Windows\System32\wuwebv.dll -> [2009/12/06 13:27:57 | 00,171,608 | ---- | C] (Microsoft Corporation) wuapp.exe -> C:\Windows\System32\wuapp.exe -> [2009/12/06 13:27:57 | 00,033,792 | ---- | C] (Microsoft Corporation) MACSSDK_wiz.dll -> C:\Windows\System32\MACSSDK_wiz.dll -> [2006/11/25 08:14:44 | 00,139,264 | ---- | C] ( ) MACSSDK.dll -> C:\Windows\System32\MACSSDK.dll -> [2006/11/25 08:14:44 | 00,126,976 | ---- | C] ( ) 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files/Folders - Modified Within 30 Days] NTUSER.DAT -> C:\Users\mebsbobat\NTUSER.DAT -> [2009/12/09 16:24:37 | 02,621,440 | -HS- | M] () User_Feed_Synchronization-{7693036E-8996-41B3-A0BC-336BBD8FEA2B}.job -> C:\Windows\tasks\User_Feed_Synchronization-{7693036E-8996-41B3-A0BC-336BBD8FEA2B}.job -> [2009/12/09 16:23:34 | 00,000,430 | -H-- | M] () mapisvc.inf -> C:\Windows\System32\mapisvc.inf -> [2009/12/09 15:38:33 | 00,000,422 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2009/12/09 15:33:20 | 00,633,886 | ---- | M] () PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2009/12/09 15:33:19 | 00,700,730 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2009/12/09 15:33:19 | 00,118,772 | ---- | M] () SupBackGroundTask.job -> C:\Windows\tasks\SupBackGroundTask.job -> [2009/12/09 15:31:27 | 00,000,416 | -H-- | M] () Quintessential Media Player.lnk -> C:\Users\mebsbobat\Desktop\Quintessential Media Player.lnk -> [2009/12/09 15:29:32 | 00,000,997 | ---- | M] () Config.MPF -> C:\Windows\System32\Config.MPF -> [2009/12/09 15:04:39 | 00,008,624 | ---- | M] () ErrorFix Startup.job -> C:\Windows\tasks\ErrorFix Startup.job -> [2009/12/09 15:04:02 | 00,000,370 | ---- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/12/09 15:03:33 | 00,003,168 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/12/09 15:03:32 | 00,003,168 | -H-- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2009/12/09 15:03:27 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009/12/09 15:03:22 | 00,067,584 | --S- | M] () bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2009/12/09 15:01:27 | 00,001,441 | ---- | M] () NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\mebsbobat\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> [2009/12/09 15:01:19 | 00,524,288 | -HS- | M] () NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> C:\Users\mebsbobat\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> [2009/12/09 15:01:19 | 00,065,536 | -HS- | M] () IconCache.db -> C:\Users\mebsbobat\AppData\Local\IconCache.db -> [2009/12/09 15:01:17 | 01,783,143 | -H-- | M] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2009/12/08 11:53:26 | 00,001,764 | ---- | M] () scandisk.lnk -> C:\Users\mebsbobat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk -> [2009/12/08 11:38:27 | 00,000,817 | -HS- | M] () McDefragTask.job -> C:\Windows\tasks\McDefragTask.job -> [2009/12/08 11:26:55 | 00,000,348 | ---- | M] () McQcTask.job -> C:\Windows\tasks\McQcTask.job -> [2009/12/08 11:26:55 | 00,000,326 | ---- | M] () McAfee Security Center.lnk -> C:\Users\Public\Desktop\McAfee Security Center.lnk -> [2009/12/08 09:19:24 | 00,000,851 | ---- | M] () ntuser.pol -> C:\ProgramData\ntuser.pol -> [2009/12/07 22:04:40 | 00,000,258 | RHS- | M] () dypeucmp.exe -> C:\dypeucmp.exe -> [2009/12/06 16:57:51 | 00,098,304 | ---- | M] (lObJggk) wxiuk.exe -> C:\wxiuk.exe -> [2009/12/06 16:57:50 | 00,030,206 | ---- | M] () iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2009/12/06 16:46:05 | 00,002,231 | ---- | M] () xbwg.oko -> C:\Windows\System32\xbwg.oko -> [2009/12/06 15:56:18 | 00,026,113 | ---- | M] () Safari.lnk -> C:\Users\Public\Desktop\Safari.lnk -> [2009/12/06 15:34:29 | 00,001,854 | ---- | M] () FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2009/12/06 15:17:22 | 00,371,088 | ---- | M] () Msft_User_WpdMtpDr_01_07_00.Wdf -> C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf -> [2009/12/06 15:14:06 | 00,000,000 | -H-- | M] () Msft_User_WpdFs_01_07_00.Wdf -> C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf -> [2009/12/06 15:13:49 | 00,000,000 | -H-- | M] () msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2009/11/21 16:35:38 | 00,594,432 | ---- | M] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2009/11/21 16:35:38 | 00,055,296 | ---- | M] (Microsoft Corporation) jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2009/11/21 16:34:58 | 00,025,600 | ---- | M] (Microsoft Corporation) inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2009/11/21 16:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) ieui.dll -> C:\Windows\System32\ieui.dll -> [2009/11/21 16:34:39 | 00,164,352 | ---- | M] (Microsoft Corporation) iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2009/11/21 16:34:39 | 00,109,056 | ---- | M] (Microsoft Corporation) iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2009/11/21 16:34:39 | 00,071,680 | ---- | M] (Microsoft Corporation) iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2009/11/21 16:34:38 | 00,184,320 | ---- | M] (Microsoft Corporation) iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2009/11/21 16:34:38 | 00,055,808 | ---- | M] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2009/11/21 16:34:33 | 00,387,584 | ---- | M] (Microsoft Corporation) ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2009/11/21 14:59:58 | 00,133,632 | ---- | M] (Microsoft Corporation) ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2009/11/21 14:59:52 | 00,173,056 | ---- | M] (Microsoft Corporation) msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2009/11/21 14:59:14 | 00,013,312 | ---- | M] (Microsoft Corporation) mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2009/11/21 14:58:54 | 01,638,912 | ---- | M] (Microsoft Corporation) nshhttp.dll -> C:\Windows\System32\nshhttp.dll -> [2009/11/09 22:31:42 | 00,024,064 | ---- | M] (Microsoft Corporation) httpapi.dll -> C:\Windows\System32\httpapi.dll -> [2009/11/09 22:30:03 | 00,030,720 | ---- | M] (Microsoft Corporation) 3 C:\Users\mebsbobat\AppData\Local\Temp\*.tmp files -> C:\Users\mebsbobat\AppData\Local\Temp\*.tmp -> 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files - No Company Name] Quintessential Media Player.lnk -> C:\Users\mebsbobat\Desktop\Quintessential Media Player.lnk -> [2009/12/09 15:29:32 | 00,000,997 | ---- | C] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2009/12/08 11:53:26 | 00,001,764 | ---- | C] () Config.MPF -> C:\Windows\System32\Config.MPF -> [2009/12/08 09:19:48 | 00,008,624 | ---- | C] () McAfee Security Center.lnk -> C:\Users\Public\Desktop\McAfee Security Center.lnk -> [2009/12/08 09:19:24 | 00,000,851 | ---- | C] () McDefragTask.job -> C:\Windows\tasks\McDefragTask.job -> [2009/12/08 09:16:18 | 00,000,348 | ---- | C] () McQcTask.job -> C:\Windows\tasks\McQcTask.job -> [2009/12/08 09:16:16 | 00,000,326 | ---- | C] () ntuser.pol -> C:\ProgramData\ntuser.pol -> [2009/12/07 22:04:40 | 00,000,258 | RHS- | C] () wxiuk.exe -> C:\wxiuk.exe -> [2009/12/06 16:57:48 | 00,030,206 | ---- | C] () HDDinstall-results.xls -> C:\HDDinstall-results.xls -> [2009/12/06 16:39:29 | 00,103,424 | ---- | C] () HDD Installation Calcs 5 - Profile Depths.xmcd -> C:\HDD Installation Calcs 5 - Profile Depths.xmcd -> [2009/12/06 16:39:14 | 00,666,679 | ---- | C] () HDD Installation Calcs 5 - Profile Depths.pdf -> C:\HDD Installation Calcs 5 - Profile Depths.pdf -> [2009/12/06 16:39:11 | 00,066,754 | ---- | C] () HDD Installation Calcs 4 - Roller Pull Force.xmcd -> C:\HDD Installation Calcs 4 - Roller Pull Force.xmcd -> [2009/12/06 16:38:57 | 00,544,603 | ---- | C] () HDD Installation Calcs 4 - Roller Pull Force.pdf -> C:\HDD Installation Calcs 4 - Roller Pull Force.pdf -> [2009/12/06 16:38:54 | 00,058,993 | ---- | C] () HDD Installation Calcs 3d - Empty Narrows2.xmcd -> C:\HDD Installation Calcs 3d - Empty Narrows2.xmcd -> [2009/12/06 16:38:26 | 01,542,343 | ---- | C] () HDD Installation Calcs 3d - Empty Narrows2.pdf -> C:\HDD Installation Calcs 3d - Empty Narrows2.pdf -> [2009/12/06 16:38:24 | 00,080,924 | ---- | C] () HDD Installation Calcs 3c - Empty Narrows1.xmcd -> C:\HDD Installation Calcs 3c - Empty Narrows1.xmcd -> [2009/12/06 16:37:56 | 01,542,666 | ---- | C] () HDD Installation Calcs 3c - Empty Narrows1.pdf -> C:\HDD Installation Calcs 3c - Empty Narrows1.pdf -> [2009/12/06 16:37:51 | 00,080,927 | ---- | C] () HDD Installation Calcs 3b - Empty Marshland.xmcd -> C:\HDD Installation Calcs 3b - Empty Marshland.xmcd -> [2009/12/06 16:37:25 | 01,530,551 | ---- | C] () HDD Installation Calcs 3b - Empty Marshland.pdf -> C:\HDD Installation Calcs 3b - Empty Marshland.pdf -> [2009/12/06 16:37:22 | 00,080,835 | ---- | C] () HDD Installation Calcs 3a - Empty Creek.xmcd -> C:\HDD Installation Calcs 3a - Empty Creek.xmcd -> [2009/12/06 16:36:53 | 01,710,599 | ---- | C] () HDD Installation Calcs 3a - Empty Creek.pdf -> C:\HDD Installation Calcs 3a - Empty Creek.pdf -> [2009/12/06 16:36:50 | 00,080,882 | ---- | C] () HDD Installation Calcs 2d - Water-Filled Narrows2.xmcd -> C:\HDD Installation Calcs 2d - Water-Filled Narrows2.xmcd -> [2009/12/06 16:36:31 | 01,333,830 | ---- | C] () HDD Installation Calcs 2d - Water-Filled Narrows2.pdf -> C:\HDD Installation Calcs 2d - Water-Filled Narrows2.pdf -> [2009/12/06 16:36:28 | 00,078,624 | ---- | C] () HDD Installation Calcs 2c - Water-Filled Narrows1.xmcd -> C:\HDD Installation Calcs 2c - Water-Filled Narrows1.xmcd -> [2009/12/06 16:36:06 | 01,333,719 | ---- | C] () HDD Installation Calcs 2c - Water-Filled Narrows1.pdf -> C:\HDD Installation Calcs 2c - Water-Filled Narrows1.pdf -> [2009/12/06 16:36:03 | 00,078,650 | ---- | C] () HDD Installation Calcs 2b - Water-Filled Marshland.xmcd -> C:\HDD Installation Calcs 2b - Water-Filled Marshland.xmcd -> [2009/12/06 16:35:34 | 01,343,676 | ---- | C] () HDD Installation Calcs 2b - Water-Filled Marshland.pdf -> C:\HDD Installation Calcs 2b - Water-Filled Marshland.pdf -> [2009/12/06 16:35:30 | 00,078,726 | ---- | C] () HDD Installation Calcs 2a - Water-Filled Creek.xmcd -> C:\HDD Installation Calcs 2a - Water-Filled Creek.xmcd -> [2009/12/06 16:34:58 | 01,409,209 | ---- | C] () HDD Installation Calcs 2a - Water-Filled Creek.pdf -> C:\HDD Installation Calcs 2a - Water-Filled Creek.pdf -> [2009/12/06 16:34:54 | 00,078,677 | ---- | C] () HDD Installation Calcs 1 - Content Density for SG1.xmcd -> C:\HDD Installation Calcs 1 - Content Density for SG1.xmcd -> [2009/12/06 16:28:54 | 00,484,366 | ---- | C] () HDD Installation Calcs 1 - Content Density for SG1.pdf -> C:\HDD Installation Calcs 1 - Content Density for SG1.pdf -> [2009/12/06 16:28:49 | 00,071,568 | ---- | C] () xbwg.oko -> C:\Windows\System32\xbwg.oko -> [2009/12/06 15:56:24 | 00,026,113 | ---- | C] () Msft_User_WpdMtpDr_01_07_00.Wdf -> C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf -> [2009/12/06 15:14:06 | 00,000,000 | -H-- | C] () Msft_User_WpdFs_01_07_00.Wdf -> C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf -> [2009/12/06 15:13:49 | 00,000,000 | -H-- | C] () EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/09/17 09:56:59 | 00,117,248 | ---- | C] () ODBC.INI -> C:\Windows\ODBC.INI -> [2009/02/10 20:36:37 | 00,000,376 | ---- | C] () libfilefmt-1.1.0.dll -> C:\Windows\System32\libfilefmt-1.1.0.dll -> [2009/01/02 18:14:22 | 03,423,744 | ---- | C] () libmcl-3.1.1.dll -> C:\Windows\System32\libmcl-3.1.1.dll -> [2009/01/02 18:14:22 | 00,706,048 | ---- | C] () libavi-dd-1.2.0.dll -> C:\Windows\System32\libavi-dd-1.2.0.dll -> [2009/01/02 18:14:22 | 00,020,480 | ---- | C] () MRT.INI -> C:\Windows\System32\MRT.INI -> [2008/05/17 23:52:51 | 00,000,118 | ---- | C] () igfxCoIn_v1437.dll -> C:\Windows\System32\igfxCoIn_v1437.dll -> [2008/02/11 19:55:18 | 00,147,456 | ---- | C] () qt-dx331.dll -> C:\Windows\System32\qt-dx331.dll -> [2008/01/03 05:39:28 | 03,596,288 | ---- | C] () xvidcore.dll -> C:\Windows\System32\xvidcore.dll -> [2008/01/03 05:39:28 | 01,138,688 | ---- | C] () xvidvfw.dll -> C:\Windows\System32\xvidvfw.dll -> [2008/01/03 05:39:28 | 00,217,088 | ---- | C] () ff_vfw.dll -> C:\Windows\System32\ff_vfw.dll -> [2008/01/03 05:39:26 | 00,005,120 | ---- | C] () ff_vfw.dll.manifest -> C:\Windows\System32\ff_vfw.dll.manifest -> [2008/01/03 05:39:26 | 00,000,547 | ---- | C] () igfxCoIn_v1409.dll -> C:\Windows\System32\igfxCoIn_v1409.dll -> [2008/01/02 17:57:36 | 00,147,456 | ---- | C] () igklg400.dll -> C:\Windows\System32\igklg400.dll -> [2008/01/02 17:47:22 | 01,953,696 | ---- | C] () igklg450.dll -> C:\Windows\System32\igklg450.dll -> [2008/01/02 17:47:22 | 01,533,360 | ---- | C] () igmedcompkrn.dll -> C:\Windows\System32\igmedcompkrn.dll -> [2008/01/02 17:47:22 | 00,104,636 | ---- | C] () lngEng.ini -> C:\Windows\System32\lngEng.ini -> [2007/07/12 02:15:00 | 00,000,135 | R--- | C] () lngKor.ini -> C:\Windows\System32\lngKor.ini -> [2007/07/12 02:15:00 | 00,000,117 | ---- | C] () WdfCoInstaller01000.dll -> C:\Windows\System32\WdfCoInstaller01000.dll -> [2007/07/12 01:53:09 | 01,060,424 | ---- | C] () rixdicon.dll -> C:\Windows\System32\rixdicon.dll -> [2007/07/12 01:53:04 | 00,016,480 | ---- | C] () igmedkrn.dll -> C:\Windows\System32\igmedkrn.dll -> [2007/07/12 01:52:58 | 00,910,464 | ---- | C] () igfxCoIn_v1283.dll -> C:\Windows\System32\igfxCoIn_v1283.dll -> [2007/07/12 01:52:58 | 00,204,800 | ---- | C] () NDADLL.dll -> C:\Windows\System32\NDADLL.dll -> [2007/02/16 10:51:02 | 00,274,432 | ---- | C] () btwhidcs.dll -> C:\Windows\System32\btwhidcs.dll -> [2006/12/20 13:00:12 | 00,389,120 | ---- | C] () LDBGenWizView.dll -> C:\Windows\System32\LDBGenWizView.dll -> [2006/11/30 11:00:28 | 00,307,200 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006/11/02 22:37:35 | 00,037,665 | ---- | C] () GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006/11/02 22:37:35 | 00,029,779 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006/11/02 22:37:35 | 00,026,489 | ---- | C] () GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006/11/02 22:37:35 | 00,026,040 | ---- | C] () sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 22:35:32 | 00,005,632 | ---- | C] () atitmmxx.dll -> C:\Windows\System32\atitmmxx.dll -> [2006/11/02 20:25:44 | 00,159,744 | ---- | C] () pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 17:40:29 | 00,013,750 | ---- | C] () AVSAudioWideStereoDMO.dll -> C:\Windows\System32\AVSAudioWideStereoDMO.dll -> [2006/10/10 04:01:28 | 00,061,440 | ---- | C] () OUTLPERF.INI -> C:\Windows\System32\OUTLPERF.INI -> [2005/09/10 06:06:28 | 00,002,695 | ---- | C] () lcppn21.dll -> C:\Windows\System32\lcppn21.dll -> [2001/11/14 13:56:00 | 01,802,240 | ---- | C] () [File - Lop Check] ErrorFix -> C:\Users\mebsbobat\AppData\Roaming\ErrorFix -> [2009/02/27 18:14:39 | 00,000,000 | ---D | M] GetRightToGo -> C:\Users\mebsbobat\AppData\Roaming\GetRightToGo -> [2009/03/26 15:16:53 | 00,000,000 | ---D | M] ICAClient -> C:\Users\mebsbobat\AppData\Roaming\ICAClient -> [2008/10/06 20:58:31 | 00,000,000 | ---D | M] PictureMover -> C:\Users\mebsbobat\AppData\Roaming\PictureMover -> [2008/08/22 00:03:37 | 00,000,000 | ---D | M] ErrorFix Scan.job -> C:\Windows\Tasks\ErrorFix Scan.job -> [2009/06/29 12:00:00 | 00,000,430 | ---- | M] () ErrorFix Startup.job -> C:\Windows\Tasks\ErrorFix Startup.job -> [2009/12/09 15:04:02 | 00,000,370 | ---- | M] () McDefragTask.job -> C:\Windows\Tasks\McDefragTask.job -> [2009/12/08 11:26:55 | 00,000,348 | ---- | M] () McQcTask.job -> C:\Windows\Tasks\McQcTask.job -> [2009/12/08 11:26:55 | 00,000,326 | ---- | M] () SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2009/12/09 15:01:29 | 00,032,600 | ---- | M] () SupBackGroundTask.job -> C:\Windows\Tasks\SupBackGroundTask.job -> [2009/12/09 15:31:27 | 00,000,416 | -H-- | M] () User_Feed_Synchronization-{7693036E-8996-41B3-A0BC-336BBD8FEA2B}.job -> C:\Windows\Tasks\User_Feed_Synchronization-{7693036E-8996-41B3-A0BC-336BBD8FEA2B}.job -> [2009/12/09 16:23:34 | 00,000,430 | -H-- | M] () [File - Purity Scan] [Custom Scans] < %SYSTEMDRIVE%\eventlog.dll /s /md5 > < %SYSTEMDRIVE%\scecli.dll /s /md5 > scecli.dll : MD5=8FC182167381E9915651267044105EE1 -> C:\Windows\System32\scecli.dll -> [2009/04/11 16:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=80E2839D05CA5970A86D7BE2A08BFF61 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll -> [2006/11/02 19:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll -> [2008/01/19 17:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=8FC182167381E9915651267044105EE1 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll -> [2009/04/11 16:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\netlogon.dll /s /md5 > netlogon.dll : MD5=95DAECF0FB120A7B5DA679CC54E37DDE -> C:\Windows\System32\netlogon.dll -> [2009/04/11 16:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll -> [2006/11/02 19:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll -> [2008/01/19 17:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=95DAECF0FB120A7B5DA679CC54E37DDE -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll -> [2009/04/11 16:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\cngaudit.dll /s /md5 > cngaudit.dll : MD5=7F15B4953378C8B5161D65C26D5FED4D -> C:\Windows\System32\cngaudit.dll -> [2006/11/02 19:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) cngaudit.dll : MD5=7F15B4953378C8B5161D65C26D5FED4D -> C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll -> [2006/11/02 19:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\sceclt.dll /s /md5 > < %SYSTEMDRIVE%\ntelogon.dll /s /md5 > < %SYSTEMDRIVE%\logevent.dll /s /md5 > < %SYSTEMDRIVE%\iaStor.sys /s /md5 > < %SYSTEMDRIVE%\nvstor.sys /s /md5 > nvstor.sys : MD5=9E0BA19A28C498A6D323D065DB76DFFC -> C:\Windows\System32\drivers\nvstor.sys -> [2006/11/02 19:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=ABED0C09758D1D97DB0042DBB2688177 -> C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys -> [2008/01/19 17:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=9E0BA19A28C498A6D323D065DB76DFFC -> C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys -> [2006/11/02 19:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=ABED0C09758D1D97DB0042DBB2688177 -> C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys -> [2008/01/19 17:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) < %SYSTEMDRIVE%\atapi.sys /s /md5 > atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\System32\drivers\atapi.sys -> [2009/04/11 16:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=B35CFCEF838382AB6490B321C87EDF17 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys -> [2008/02/14 18:49:42 | 00,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=A779CA2C76DA4FCB595E692C05E8E4EB -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys -> [2007/07/12 02:31:44 | 00,019,048 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys -> [2009/04/11 16:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys -> [2006/11/02 19:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=2D9C903DC76A66813D350A562DE40ED9 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys -> [2008/01/19 17:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=A779CA2C76DA4FCB595E692C05E8E4EB -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys -> [2007/07/12 02:31:44 | 00,019,048 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=B35CFCEF838382AB6490B321C87EDF17 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys -> [2008/02/14 18:49:42 | 00,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=5653737BAD8C6C10136451C195C19881 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys -> [2007/07/12 02:31:44 | 00,019,048 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=E03E8C99D15D0381E02743C36AFC7C6F -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys -> [2008/02/14 18:49:41 | 00,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=2D9C903DC76A66813D350A562DE40ED9 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys -> [2008/01/19 17:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys -> [2009/04/11 16:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\si3112.sys /s /md5 > < %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 > < %SYSTEMDRIVE%\viasraid.sys /s /md5 > < %SYSTEMDRIVE%\AGP440.sys /s /md5 > AGP440.sys : MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -> C:\Windows\System32\drivers\AGP440.sys -> [2006/11/02 19:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys -> [2008/01/19 17:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys -> [2007/07/12 02:31:25 | 00,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys -> [2006/11/02 19:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys -> [2007/07/12 02:31:06 | 00,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys -> [2008/01/19 17:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys -> [2007/07/12 02:31:06 | 00,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys -> [2007/07/12 02:31:25 | 00,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=313FF294978EA6AF715722D708FB249F -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys -> [2007/07/12 02:31:06 | 00,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=BF34B4A0E0B64440C5389AA6B902F4AD -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys -> [2007/07/12 02:31:25 | 00,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys -> [2008/01/19 17:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys -> [2008/01/19 17:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\vaxscsi.sys /s /md5 > [Alternate Data Streams] @Alternate Data Stream - 177 bytes -> C:\ProgramData\TEMP:B5358C17 < End of report > [/code]