OTL logfile created on: 10/8/2010 10:24:30 AM - Run 1 OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Administrator\Desktop\mytools Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 503.00 Mb Total Physical Memory | 99.00 Mb Available Physical Memory | 20.00% Memory free 1.00 Gb Paging File | 1.00 Gb Available in Paging File | 80.00% Paging File free Paging file location(s): c:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.52 Gb Total Space | 48.09 Gb Free Space | 64.53% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KMASWABI-DT Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/10/08 07:59:42 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\mytools\OTL.exe PRC - [2010/10/06 10:53:10 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2008/05/26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/05/12 15:04:08 | 000,439,248 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe PRC - [2005/06/23 19:27:36 | 000,085,696 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe PRC - [2005/06/23 19:27:30 | 000,124,608 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe PRC - [2005/06/23 19:27:28 | 001,715,904 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe PRC - [2005/06/23 19:27:18 | 000,019,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe PRC - [2005/06/02 09:21:46 | 000,161,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe PRC - [2005/06/02 09:21:40 | 000,185,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe PRC - [2005/06/02 09:21:38 | 000,048,752 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe PRC - [2003/08/20 03:23:34 | 000,032,873 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/10/08 07:59:42 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\mytools\OTL.exe MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2006/05/12 15:04:08 | 000,439,248 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4) SRV - [2005/06/23 19:27:30 | 000,124,608 | ---- | M] (symantec) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam) SRV - [2005/06/23 19:27:28 | 001,715,904 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus) SRV - [2005/06/23 19:27:18 | 000,019,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch) SRV - [2005/06/02 09:21:46 | 000,161,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr) SRV - [2005/06/02 09:21:46 | 000,083,568 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc) SRV - [2005/06/02 09:21:40 | 000,185,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr) SRV - [2005/04/22 12:03:28 | 000,206,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc) SRV - [2005/03/30 21:48:22 | 000,992,864 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/09/15 13:30:55 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101007.002\navex15.sys -- (NAVEX15) DRV - [2010/09/15 13:30:51 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101007.002\naveng.sys -- (NAVENG) DRV - [2010/05/22 00:41:01 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2005/05/13 19:50:10 | 000,123,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent) DRV - [2005/04/22 12:03:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2005/04/22 12:03:00 | 000,017,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2005/03/30 21:48:20 | 000,372,832 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2005/02/04 20:14:32 | 000,053,896 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL) DRV - [2005/02/04 20:14:30 | 000,324,232 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT) DRV - [2004/08/04 14:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2004/08/04 14:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2004/08/04 14:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2004/08/04 14:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810) DRV - [2004/08/04 02:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4) DRV - [2004/08/04 02:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3) DRV - [2004/08/04 02:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5) DRV - [2004/08/04 02:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4) DRV - [2004/08/04 02:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6) DRV - [2004/08/04 02:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3) DRV - [2004/08/04 02:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1) DRV - [2004/08/04 02:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0) DRV - [2004/08/04 02:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7) DRV - [2004/08/04 02:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5) DRV - [2004/08/04 02:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6) DRV - [2004/08/04 02:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x) DRV - [2004/08/04 02:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0) DRV - [2004/08/04 02:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1) DRV - [2004/08/04 02:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2) DRV - [2002/05/09 03:44:42 | 000,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2002/04/04 08:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi) DRV - [2001/08/17 16:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2004/08/04 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [kiss] C:\WINDOWS\System32\pingy.exe File not found O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [srmclean] C:\cpqs\scom\srmclean.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe () O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_01) O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_01) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = psu.co.bw O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - File not found O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/10/05 09:15:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{f2cea4b8-6a0a-11de-8f71-000ffeb16e1a}\Shell\AutoRun\command - "" = F:\Recycle\P-1-3-64-8794238531-8742492-9897532\Furio.exe -- File not found O33 - MountPoints2\{f2cea4b8-6a0a-11de-8f71-000ffeb16e1a}\Shell\open\command - "" = F:\Recycle\P-1-3-64-8794238531-8742492-9897532\Furio.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (17183584330711040) [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2010/10/08 09:09:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\gmer [2010/10/08 09:08:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\mytools [2010/10/08 08:19:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/10/08 08:14:40 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2010/10/08 07:54:43 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe [2010/10/07 20:02:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell [2010/10/07 20:02:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm [2010/10/07 20:02:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$ [2010/10/07 20:01:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010/10/07 19:58:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010/10/07 19:55:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010/10/07 19:54:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010/10/07 19:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2010/10/07 19:20:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2010/10/06 16:08:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Threat Expert [2010/10/06 14:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/10/06 11:13:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2010/10/06 10:58:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2010/10/06 10:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2010/10/06 10:54:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Google [2010/10/06 10:54:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2010/10/06 10:53:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google [2010/10/06 10:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010/10/06 10:51:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2010/10/06 10:43:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AdobeUM [2010/10/06 10:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe [2010/10/06 10:13:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe [2010/10/06 09:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes [2010/10/06 09:17:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/10/06 09:16:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/10/06 09:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/10/06 08:49:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/10/06 08:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Windows Search [2010/10/06 08:14:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010/10/05 12:51:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help [2010/10/05 09:19:07 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2010/10/05 09:19:07 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2010/10/05 09:16:47 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2010/10/08 10:01:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/10/08 10:01:30 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/10/08 10:00:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/10/08 10:00:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/10/08 10:00:00 | 527,290,368 | -HS- | M] () -- C:\hiberfil.sys [2010/10/08 09:58:23 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/10/08 09:57:02 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010/10/08 09:55:03 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-252294398-3762290007-116252578-1143UA.job [2010/10/08 09:05:00 | 000,616,718 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/10/08 09:05:00 | 000,528,154 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/10/08 09:05:00 | 000,097,034 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/10/08 09:01:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/10/08 08:45:14 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010/10/08 08:14:42 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk [2010/10/08 08:14:42 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk [2010/10/08 07:37:52 | 006,418,514 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db [2010/10/07 19:22:55 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/10/07 19:22:55 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/10/07 19:22:42 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010/10/07 19:20:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2010/10/07 17:14:30 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip [2010/10/07 15:51:47 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe [2010/10/07 12:55:06 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-252294398-3762290007-116252578-1143Core.job [2010/10/07 12:42:35 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/10/06 11:03:15 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2010/10/06 09:17:04 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2010/10/06 09:17:04 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/10/06 09:14:51 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/10/06 08:23:10 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/10/05 09:21:37 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010/10/05 09:15:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010/10/05 09:15:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/10/05 09:15:37 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010/10/05 09:15:37 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010/10/05 09:15:15 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010/10/05 09:13:53 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/10/05 09:13:53 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/10/05 09:11:49 | 000,022,832 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/10/05 09:10:11 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010/10/05 08:59:22 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010/10/05 08:18:22 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/10/05 08:16:47 | 001,071,506 | ---- | M] () -- C:\WINDOWS\setupapi.old [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/10/08 09:08:54 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip [2010/10/08 08:14:42 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk [2010/10/08 08:14:42 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk [2010/10/07 19:20:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2010/10/06 15:01:37 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010/10/06 11:03:14 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2010/10/06 10:53:58 | 000,000,900 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/10/06 10:53:52 | 000,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/10/06 09:17:04 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2010/10/06 09:17:04 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/10/06 08:32:09 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010/10/06 08:32:09 | 000,069,612 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010/10/06 08:32:09 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010/10/06 08:32:09 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010/10/06 08:32:09 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010/10/06 08:32:09 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010/10/06 08:32:09 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010/10/06 08:32:08 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010/10/06 08:32:08 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010/10/06 08:32:07 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010/10/06 08:32:07 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010/10/06 08:32:07 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010/10/06 08:32:07 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010/10/06 08:32:07 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010/10/06 08:32:07 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010/10/06 08:32:07 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010/10/06 08:32:07 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010/10/06 08:32:07 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010/10/06 08:32:07 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010/10/06 08:32:06 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010/10/06 08:32:06 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010/10/06 08:32:06 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010/10/06 08:32:06 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010/10/06 08:32:06 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010/10/06 08:32:06 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010/10/06 08:32:06 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010/10/06 08:32:06 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010/10/06 08:32:06 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010/10/06 08:32:06 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010/10/06 08:32:06 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010/10/06 08:32:06 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010/10/06 08:32:06 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010/10/06 08:32:06 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010/10/06 08:32:06 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010/10/06 08:32:06 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010/10/06 08:32:06 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010/10/06 08:32:06 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010/10/06 08:32:06 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010/10/06 08:32:06 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010/10/06 08:32:06 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010/10/06 08:32:06 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010/10/06 08:32:05 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010/10/06 08:32:05 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010/10/06 08:32:05 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010/10/06 08:32:05 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010/10/06 08:32:05 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010/10/06 08:32:05 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010/10/06 08:32:05 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010/10/06 08:32:05 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010/10/06 08:32:05 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010/10/06 08:32:05 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010/10/06 08:32:05 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010/10/06 08:32:05 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010/10/06 08:32:05 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010/10/06 08:32:05 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010/10/06 08:32:05 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010/10/06 08:32:05 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010/10/06 08:32:05 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010/10/06 08:32:05 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010/10/06 08:32:05 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010/10/06 08:32:05 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010/10/06 08:32:05 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010/10/06 08:32:05 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010/10/06 08:32:05 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010/10/06 08:32:04 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010/10/06 08:32:04 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010/10/06 08:32:04 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010/10/06 08:32:04 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010/10/06 08:32:04 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010/10/06 08:32:03 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010/10/06 08:32:03 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010/10/06 08:32:03 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010/10/06 08:32:03 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010/10/06 08:32:03 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010/10/06 08:32:03 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010/10/06 08:32:03 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010/10/06 08:32:03 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010/10/06 08:32:03 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010/10/06 08:32:03 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010/10/06 08:32:03 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010/10/06 08:32:03 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010/10/06 08:32:02 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010/10/06 08:23:37 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010/10/06 08:23:36 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010/10/06 08:23:34 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2010/10/05 10:33:09 | 001,291,776 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll [2010/10/05 09:23:26 | 527,290,368 | -HS- | C] () -- C:\hiberfil.sys [2010/10/05 09:17:48 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010/10/05 09:16:51 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010/10/05 09:16:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010/10/05 09:16:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010/10/05 09:16:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010/10/05 09:16:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010/10/05 09:16:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010/10/05 09:16:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010/10/05 09:16:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010/10/05 09:16:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010/10/05 09:16:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010/10/05 09:16:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010/10/05 09:16:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010/10/05 09:16:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010/10/05 09:16:41 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010/10/05 09:16:41 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010/10/05 09:16:41 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010/10/05 09:16:41 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010/10/05 09:16:41 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010/10/05 09:16:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010/10/05 09:15:37 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010/10/05 09:15:37 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010/10/05 09:15:37 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2010/10/05 09:15:37 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2010/10/05 09:13:53 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/10/05 08:46:20 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010/10/05 08:46:19 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2010/10/05 08:46:19 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010/10/05 08:46:19 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010/10/05 08:46:19 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010/10/05 08:46:19 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010/10/05 08:46:19 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2009/07/06 13:56:30 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/10/04 04:07:44 | 000,003,147 | ---- | C] () -- C:\WINDOWS\System32\mirc.ini [2007/10/11 12:40:30 | 000,749,568 | ---- | C] () -- C:\WINDOWS\System32\agissi.dll [2007/10/11 12:40:29 | 011,157,504 | ---- | C] () -- C:\WINDOWS\System32\zhhp_res.dll [2007/10/11 12:40:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\vshp2600.dll [2007/10/11 12:39:39 | 000,000,939 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2007/09/14 05:14:36 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\knlps.sys [2007/09/14 05:14:36 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\remote.ini [2007/06/12 12:19:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI [2007/05/10 09:23:20 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini [2007/05/10 09:23:20 | 000,000,277 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2007/05/10 09:21:11 | 000,000,103 | ---- | C] () -- C:\WINDOWS\System32\hptrace.ini [2007/05/10 09:20:54 | 000,008,589 | ---- | C] () -- C:\WINDOWS\hpdj6127.ini [2007/03/14 20:54:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2007/03/14 20:51:54 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2007/03/14 11:12:29 | 000,000,467 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/03/15 21:51:32 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\msn.dll [2003/02/04 00:26:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll [2002/08/27 18:03:14 | 000,029,184 | -H-- | C] () -- C:\WINDOWS\System32\systemac.dll [color=#E56717]========== LOP Check ==========[/color] [2009/07/06 10:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search [2010/10/06 08:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search [2010/10/07 09:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2010/10/05 09:15:37 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2008/09/30 20:07:51 | 000,004,981 | ---- | M] () -- C:\bom.xe [2010/10/05 09:10:11 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2007/10/17 09:13:07 | 000,000,015 | ---- | M] () -- C:\chk_busy.tis [2010/10/05 09:15:37 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010/10/08 10:00:00 | 527,290,368 | -HS- | M] () -- C:\hiberfil.sys [2010/10/05 09:15:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2006/09/22 08:43:00 | 005,668,864 | ---- | M] (Technical Information Systems SA) -- C:\Man3000.exe [2010/10/05 09:15:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/04 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010/10/06 08:23:10 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/10/08 09:59:58 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys [2007/03/26 09:11:38 | 000,000,056 | ---- | M] () -- C:\w_pr_font.tis [color=#A23BEC]< %systemroot%\*./mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\config\*.sav >[/color] [2010/10/05 10:40:56 | 000,524,288 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2010/10/05 08:28:13 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav [2010/10/05 10:40:56 | 030,146,560 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2010/10/05 10:40:56 | 008,126,464 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-08 07:06:19 [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 < End of report > PRC - [2010/10/08 07:59:42 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\mytools\OTL.exe PRC - [2010/10/06 10:53:10 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2008/05/26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/05/12 15:04:08 | 000,439,248 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe PRC - [2005/06/23 19:27:36 | 000,085,696 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe PRC - [2005/06/23 19:27:30 | 000,124,608 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe PRC - [2005/06/23 19:27:28 | 001,715,904 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe PRC - [2005/06/23 19:27:18 | 000,019,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe PRC - [2005/06/02 09:21:46 | 000,161,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe PRC - [2005/06/02 09:21:40 | 000,185,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe PRC - [2005/06/02 09:21:38 | 000,048,752 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe PRC - [2003/08/20 03:23:34 | 000,032,873 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/10/08 07:59:42 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\mytools\OTL.exe MOD - [2009/05/24 22:41:34 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll MOD - [2009/03/06 04:33:26 | 000,961,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll MOD - [2009/02/12 15:19:38 | 000,178,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll MOD - [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll MOD - [2008/10/25 11:44:34 | 000,022,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveNew.dll MOD - [2008/07/25 11:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008/04/13 23:07:58 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll MOD - [2007/08/23 00:18:08 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2006/05/12 15:04:08 | 000,439,248 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4) SRV - [2005/06/23 19:27:30 | 000,124,608 | ---- | M] (symantec) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam) SRV - [2005/06/23 19:27:28 | 001,715,904 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus) SRV - [2005/06/23 19:27:18 | 000,019,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch) SRV - [2005/06/02 09:21:46 | 000,161,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr) SRV - [2005/06/02 09:21:46 | 000,083,568 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc) SRV - [2005/06/02 09:21:40 | 000,185,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr) SRV - [2005/04/22 12:03:28 | 000,206,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc) SRV - [2005/03/30 21:48:22 | 000,992,864 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010/09/15 13:30:55 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101007.002\navex15.sys -- (NAVEX15) DRV - [2010/09/15 13:30:51 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101007.002\naveng.sys -- (NAVENG) DRV - [2010/05/22 00:41:01 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2005/05/13 19:50:10 | 000,123,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent) DRV - [2005/04/22 12:03:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2005/04/22 12:03:00 | 000,017,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2005/03/30 21:48:20 | 000,372,832 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2005/02/04 20:14:32 | 000,053,896 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL) DRV - [2005/02/04 20:14:30 | 000,324,232 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT) DRV - [2004/08/04 14:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2004/08/04 14:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2004/08/04 14:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2004/08/04 14:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810) DRV - [2004/08/04 02:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4) DRV - [2004/08/04 02:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3) DRV - [2004/08/04 02:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5) DRV - [2004/08/04 02:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4) DRV - [2004/08/04 02:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6) DRV - [2004/08/04 02:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3) DRV - [2004/08/04 02:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1) DRV - [2004/08/04 02:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0) DRV - [2004/08/04 02:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7) DRV - [2004/08/04 02:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5) DRV - [2004/08/04 02:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6) DRV - [2004/08/04 02:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x) DRV - [2004/08/04 02:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0) DRV - [2004/08/04 02:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1) DRV - [2004/08/04 02:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2) DRV - [2002/05/09 03:44:42 | 000,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2002/04/04 08:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi) DRV - [2001/08/17 16:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2004/08/04 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [kiss] C:\WINDOWS\System32\pingy.exe File not found O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [srmclean] C:\cpqs\scom\srmclean.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe () O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_01) O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_01) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = psu.co.bw O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - File not found O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/10/05 09:15:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{f2cea4b8-6a0a-11de-8f71-000ffeb16e1a}\Shell\AutoRun\command - "" = F:\Recycle\P-1-3-64-8794238531-8742492-9897532\Furio.exe -- File not found O33 - MountPoints2\{f2cea4b8-6a0a-11de-8f71-000ffeb16e1a}\Shell\open\command - "" = F:\Recycle\P-1-3-64-8794238531-8742492-9897532\Furio.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2010/10/08 09:09:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\gmer [2010/10/08 09:08:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\mytools [2010/10/08 08:19:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/10/08 08:14:40 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2010/10/08 07:54:43 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe [2010/10/07 20:02:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell [2010/10/07 20:02:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm [2010/10/07 20:02:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$ [2010/10/07 20:01:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010/10/07 19:58:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010/10/07 19:56:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010/10/07 19:56:54 | 001,986,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010/10/07 19:56:54 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010/10/07 19:56:53 | 011,077,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010/10/07 19:56:53 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2010/10/07 19:55:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010/10/07 19:54:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010/10/07 19:23:03 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010/10/07 19:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2010/10/07 19:20:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2010/10/06 16:08:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Threat Expert [2010/10/06 14:58:34 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll [2010/10/06 14:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/10/06 11:13:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2010/10/06 10:58:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2010/10/06 10:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2010/10/06 10:54:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Google [2010/10/06 10:54:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2010/10/06 10:53:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google [2010/10/06 10:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010/10/06 10:51:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2010/10/06 10:43:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AdobeUM [2010/10/06 10:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe [2010/10/06 10:13:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe [2010/10/06 09:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes [2010/10/06 09:17:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/10/06 09:16:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/10/06 09:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/10/06 08:49:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/10/06 08:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Windows Search [2010/10/06 08:32:12 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010/10/06 08:32:12 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll [2010/10/06 08:32:12 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2010/10/06 08:32:05 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm [2010/10/06 08:32:04 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm [2010/10/06 08:32:03 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm [2010/10/06 08:31:55 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll [2010/10/06 08:31:41 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys [2010/10/06 08:31:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll [2010/10/06 08:31:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll [2010/10/06 08:31:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe [2010/10/06 08:31:37 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll [2010/10/06 08:31:37 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll [2010/10/06 08:31:37 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll [2010/10/06 08:31:37 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2010/10/06 08:31:36 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll [2010/10/06 08:31:36 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll [2010/10/06 08:31:36 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll [2010/10/06 08:31:36 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2010/10/06 08:31:36 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll [2010/10/06 08:31:36 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax [2010/10/06 08:31:36 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax [2010/10/06 08:31:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2010/10/06 08:31:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2010/10/06 08:31:35 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2010/10/06 08:31:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2010/10/06 08:31:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2010/10/06 08:31:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2010/10/06 08:31:35 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll [2010/10/06 08:31:35 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll [2010/10/06 08:31:34 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2010/10/06 08:31:34 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2010/10/06 08:31:34 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2010/10/06 08:31:34 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll [2010/10/06 08:31:34 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2010/10/06 08:31:34 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2010/10/06 08:31:34 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll [2010/10/06 08:31:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll [2010/10/06 08:31:33 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll [2010/10/06 08:31:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2010/10/06 08:31:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2010/10/06 08:31:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2010/10/06 08:31:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2010/10/06 08:31:30 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2010/10/06 08:31:30 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll [2010/10/06 08:31:30 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2010/10/06 08:31:29 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2010/10/06 08:31:29 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2010/10/06 08:31:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2010/10/06 08:31:28 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll [2010/10/06 08:31:28 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll [2010/10/06 08:31:28 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2010/10/06 08:31:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2010/10/06 08:31:28 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2010/10/06 08:31:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2010/10/06 08:31:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2010/10/06 08:31:27 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2010/10/06 08:31:27 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll [2010/10/06 08:31:26 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll [2010/10/06 08:31:26 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2010/10/06 08:31:26 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll [2010/10/06 08:31:26 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll [2010/10/06 08:31:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll [2010/10/06 08:31:26 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll [2010/10/06 08:31:26 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2010/10/06 08:31:26 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll [2010/10/06 08:31:26 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe [2010/10/06 08:31:26 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2010/10/06 08:31:25 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe [2010/10/06 08:31:25 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2010/10/06 08:31:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2010/10/06 08:31:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2010/10/06 08:31:18 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe [2010/10/06 08:26:18 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe [2010/10/06 08:23:38 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2010/10/06 08:23:38 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2010/10/06 08:23:38 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2010/10/06 08:23:38 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2010/10/06 08:23:38 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2010/10/06 08:23:38 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2010/10/06 08:23:38 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2010/10/06 08:23:38 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2010/10/06 08:23:38 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2010/10/06 08:23:38 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2010/10/06 08:23:37 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2010/10/06 08:23:37 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2010/10/06 08:23:37 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2010/10/06 08:23:37 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2010/10/06 08:23:37 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2010/10/06 08:23:37 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2010/10/06 08:23:37 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2010/10/06 08:23:37 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2010/10/06 08:23:37 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2010/10/06 08:23:37 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2010/10/06 08:23:37 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2010/10/06 08:23:37 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2010/10/06 08:23:36 | 000,144,384 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [2010/10/06 08:23:36 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys [2010/10/06 08:23:35 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2010/10/06 08:23:34 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [2010/10/06 08:23:34 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2010/10/06 08:23:34 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2010/10/06 08:23:34 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2010/10/06 08:23:34 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2010/10/06 08:23:34 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys [2010/10/06 08:23:34 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2010/10/06 08:23:34 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys [2010/10/06 08:23:33 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2010/10/06 08:23:33 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2010/10/06 08:23:33 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2010/10/06 08:23:33 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2010/10/06 08:23:33 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys [2010/10/06 08:14:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010/10/05 18:22:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll [2010/10/05 18:22:24 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys [2010/10/05 18:22:24 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll [2010/10/05 12:51:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help [2010/10/05 11:57:04 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2010/10/05 11:56:47 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2010/10/05 11:56:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll [2010/10/05 11:55:26 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2010/10/05 11:52:54 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll [2010/10/05 11:52:53 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll [2010/10/05 11:47:59 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010/10/05 11:45:29 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll [2010/10/05 11:41:35 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll [2010/10/05 11:38:02 | 001,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll [2010/10/05 11:32:39 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll [2010/10/05 11:32:36 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2010/10/05 11:32:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2010/10/05 11:31:49 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe [2010/10/05 11:31:49 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe [2010/10/05 11:14:27 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll [2010/10/05 11:14:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll [2010/10/05 11:14:16 | 000,989,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll [2010/10/05 11:12:38 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll [2010/10/05 11:12:33 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2010/10/05 11:12:30 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2010/10/05 11:12:26 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2010/10/05 11:10:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll [2010/10/05 11:10:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll [2010/10/05 11:10:47 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll [2010/10/05 11:10:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll [2010/10/05 11:10:45 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll [2010/10/05 11:09:29 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll [2010/10/05 11:05:23 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll [2010/10/05 11:03:46 | 008,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010/10/05 11:01:08 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll [2010/10/05 10:57:53 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll [2010/10/05 10:56:51 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll [2010/10/05 10:53:32 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys [2010/10/05 10:53:32 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2010/10/05 10:53:31 | 000,226,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys [2010/10/05 10:53:29 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll [2010/10/05 10:53:29 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll [2010/10/05 10:53:19 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll [2010/10/05 10:51:56 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2010/10/05 10:51:31 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll [2010/10/05 10:51:31 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll [2010/10/05 10:51:31 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll [2010/10/05 10:51:30 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll [2010/10/05 10:51:04 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2010/10/05 10:47:53 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2010/10/05 10:45:31 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll [2010/10/05 10:37:55 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe [2010/10/05 10:37:52 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll [2010/10/05 10:31:28 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll [2010/10/05 10:29:56 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll [2010/10/05 10:29:05 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2010/10/05 10:29:03 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2010/10/05 10:28:59 | 000,916,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2010/10/05 10:28:55 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll [2010/10/05 10:28:49 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll [2010/10/05 10:28:47 | 005,951,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2010/10/05 10:25:05 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2010/10/05 10:20:11 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll [2010/10/05 10:18:44 | 000,092,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys [2010/10/05 10:18:44 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll [2010/10/05 10:18:43 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll [2010/10/05 10:13:06 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll [2010/10/05 10:12:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll [2010/10/05 09:19:51 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll [2010/10/05 09:19:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys [2010/10/05 09:19:48 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll [2010/10/05 09:19:47 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll [2010/10/05 09:19:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll [2010/10/05 09:19:47 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll [2010/10/05 09:19:46 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll [2010/10/05 09:19:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe [2010/10/05 09:19:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll [2010/10/05 09:19:36 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe [2010/10/05 09:19:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe [2010/10/05 09:19:35 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime [2010/10/05 09:19:35 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll [2010/10/05 09:19:34 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys [2010/10/05 09:19:34 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys [2010/10/05 09:19:33 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys [2010/10/05 09:19:28 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll [2010/10/05 09:19:26 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll [2010/10/05 09:19:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll [2010/10/05 09:19:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll [2010/10/05 09:19:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll [2010/10/05 09:19:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll [2010/10/05 09:19:19 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll [2010/10/05 09:19:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll [2010/10/05 09:19:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll [2010/10/05 09:19:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll [2010/10/05 09:19:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll [2010/10/05 09:19:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll [2010/10/05 09:19:18 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll [2010/10/05 09:19:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll [2010/10/05 09:19:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll [2010/10/05 09:19:18 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll [2010/10/05 09:19:18 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll [2010/10/05 09:19:18 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll [2010/10/05 09:19:18 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll [2010/10/05 09:19:17 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll [2010/10/05 09:19:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll [2010/10/05 09:19:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll [2010/10/05 09:19:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll [2010/10/05 09:19:09 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll [2010/10/05 09:19:07 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2010/10/05 09:19:07 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2010/10/05 09:19:02 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe [2010/10/05 09:19:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe [2010/10/05 09:18:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe [2010/10/05 09:18:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe [2010/10/05 09:18:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2010/10/05 09:18:53 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2010/10/05 09:18:53 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2010/10/05 09:18:53 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2010/10/05 09:18:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2010/10/05 09:18:52 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2010/10/05 09:18:51 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll [2010/10/05 09:18:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll [2010/10/05 09:18:43 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2010/10/05 09:18:39 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll [2010/10/05 09:18:11 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2010/10/05 09:18:11 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2010/10/05 09:18:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll [2010/10/05 09:18:08 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2010/10/05 09:18:07 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll [2010/10/05 09:18:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2010/10/05 09:18:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2010/10/05 09:18:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2010/10/05 09:18:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2010/10/05 09:18:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2010/10/05 09:18:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2010/10/05 09:18:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2010/10/05 09:18:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2010/10/05 09:18:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2010/10/05 09:17:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2010/10/05 09:17:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2010/10/05 09:17:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2010/10/05 09:17:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2010/10/05 09:17:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2010/10/05 09:17:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2010/10/05 09:17:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2010/10/05 09:17:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2010/10/05 09:17:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2010/10/05 09:17:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2010/10/05 09:17:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2010/10/05 09:17:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2010/10/05 09:17:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2010/10/05 09:17:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2010/10/05 09:17:55 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2010/10/05 09:17:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2010/10/05 09:17:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2010/10/05 09:17:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2010/10/05 09:17:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2010/10/05 09:17:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll [2010/10/05 09:17:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll [2010/10/05 09:17:51 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll [2010/10/05 09:17:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe [2010/10/05 09:17:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll [2010/10/05 09:17:44 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll [2010/10/05 09:17:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll [2010/10/05 09:17:34 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2010/10/05 09:17:26 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2010/10/05 09:17:26 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2010/10/05 09:17:25 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2010/10/05 09:17:24 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2010/10/05 09:17:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll [2010/10/05 09:17:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2010/10/05 09:17:20 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2010/10/05 09:17:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2010/10/05 09:17:16 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2010/10/05 09:17:16 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2010/10/05 09:17:16 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2010/10/05 09:17:16 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2010/10/05 09:16:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2010/10/05 09:16:58 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe [2010/10/05 09:16:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll [2010/10/05 09:16:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll [2010/10/05 09:16:52 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2010/10/05 09:16:52 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2010/10/05 09:16:52 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2010/10/05 09:16:51 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2010/10/05 09:16:51 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2010/10/05 09:16:50 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2010/10/05 09:16:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2010/10/05 09:16:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2010/10/05 09:16:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2010/10/05 09:16:47 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010/10/05 09:16:47 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2010/10/05 09:16:37 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll [2010/10/05 09:16:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll [2010/10/05 09:16:32 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll [2010/10/05 09:16:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll [2010/10/05 09:16:31 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2010/10/05 09:16:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2010/10/05 09:16:25 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll [2010/10/05 09:16:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll [2010/10/05 09:16:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll [2010/10/05 09:16:02 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll [2010/10/05 09:16:01 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll [2010/10/05 09:16:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe [2010/10/05 09:16:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe [2010/10/05 09:16:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll [2010/10/05 09:16:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll [2010/10/05 09:15:54 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx [2010/10/05 08:46:31 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2010/10/05 08:46:31 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll [2010/10/05 08:46:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2010/10/05 08:46:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2010/10/08 10:01:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/10/08 10:01:30 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/10/08 10:00:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/10/08 10:00:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/10/08 10:00:00 | 527,290,368 | -HS- | M] () -- C:\hiberfil.sys [2010/10/08 09:58:23 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/10/08 09:57:02 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010/10/08 09:55:03 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-252294398-3762290007-116252578-1143UA.job [2010/10/08 09:05:00 | 000,616,718 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/10/08 09:05:00 | 000,528,154 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/10/08 09:05:00 | 000,097,034 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/10/08 09:01:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/10/08 08:45:14 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010/10/08 08:14:42 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk [2010/10/08 08:14:42 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk [2010/10/08 07:37:52 | 006,418,514 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db [2010/10/07 19:22:55 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/10/07 19:22:55 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/10/07 19:22:42 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010/10/07 19:20:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2010/10/07 17:14:30 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip [2010/10/07 15:51:47 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe [2010/10/07 12:55:06 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-252294398-3762290007-116252578-1143Core.job [2010/10/07 12:42:35 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/10/06 11:03:15 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2010/10/06 09:17:04 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2010/10/06 09:17:04 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/10/06 09:14:51 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/10/06 08:23:10 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/10/05 09:21:37 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010/10/05 09:15:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010/10/05 09:15:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/10/05 09:15:37 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010/10/05 09:15:37 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010/10/05 09:15:15 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010/10/05 09:13:53 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/10/05 09:13:53 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/10/05 09:11:49 | 000,022,832 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/10/05 09:10:11 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010/10/05 08:59:22 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010/10/05 08:18:22 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/10/05 08:16:47 | 001,071,506 | ---- | M] () -- C:\WINDOWS\setupapi.old [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/10/08 09:08:54 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip [2010/10/08 08:14:42 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk [2010/10/08 08:14:42 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk [2010/10/07 19:20:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2010/10/06 15:01:37 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010/10/06 11:03:14 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2010/10/06 10:53:58 | 000,000,900 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/10/06 10:53:52 | 000,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/10/06 09:17:04 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2010/10/06 09:17:04 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/10/06 08:32:09 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010/10/06 08:32:09 | 000,069,612 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010/10/06 08:32:09 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010/10/06 08:32:09 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010/10/06 08:32:09 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010/10/06 08:32:09 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010/10/06 08:32:09 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010/10/06 08:32:08 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010/10/06 08:32:08 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010/10/06 08:32:07 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010/10/06 08:32:07 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010/10/06 08:32:07 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010/10/06 08:32:07 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010/10/06 08:32:07 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010/10/06 08:32:07 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010/10/06 08:32:07 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010/10/06 08:32:07 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010/10/06 08:32:07 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010/10/06 08:32:07 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010/10/06 08:32:06 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010/10/06 08:32:06 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010/10/06 08:32:06 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010/10/06 08:32:06 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010/10/06 08:32:06 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010/10/06 08:32:06 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010/10/06 08:32:06 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010/10/06 08:32:06 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010/10/06 08:32:06 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010/10/06 08:32:06 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010/10/06 08:32:06 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010/10/06 08:32:06 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010/10/06 08:32:06 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010/10/06 08:32:06 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010/10/06 08:32:06 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010/10/06 08:32:06 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010/10/06 08:32:06 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010/10/06 08:32:06 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010/10/06 08:32:06 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010/10/06 08:32:06 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010/10/06 08:32:06 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010/10/06 08:32:06 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010/10/06 08:32:05 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010/10/06 08:32:05 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010/10/06 08:32:05 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010/10/06 08:32:05 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010/10/06 08:32:05 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010/10/06 08:32:05 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010/10/06 08:32:05 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010/10/06 08:32:05 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010/10/06 08:32:05 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010/10/06 08:32:05 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010/10/06 08:32:05 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010/10/06 08:32:05 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010/10/06 08:32:05 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010/10/06 08:32:05 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010/10/06 08:32:05 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010/10/06 08:32:05 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010/10/06 08:32:05 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010/10/06 08:32:05 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010/10/06 08:32:05 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010/10/06 08:32:05 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010/10/06 08:32:05 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010/10/06 08:32:05 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010/10/06 08:32:05 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010/10/06 08:32:04 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010/10/06 08:32:04 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010/10/06 08:32:04 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010/10/06 08:32:04 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010/10/06 08:32:04 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010/10/06 08:32:03 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010/10/06 08:32:03 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010/10/06 08:32:03 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010/10/06 08:32:03 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010/10/06 08:32:03 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010/10/06 08:32:03 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010/10/06 08:32:03 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010/10/06 08:32:03 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010/10/06 08:32:03 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010/10/06 08:32:03 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010/10/06 08:32:03 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010/10/06 08:32:03 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010/10/06 08:32:02 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010/10/06 08:23:37 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010/10/06 08:23:36 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010/10/06 08:23:34 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2010/10/05 10:33:09 | 001,291,776 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll [2010/10/05 09:23:26 | 527,290,368 | -HS- | C] () -- C:\hiberfil.sys [2010/10/05 09:17:48 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010/10/05 09:16:51 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010/10/05 09:16:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010/10/05 09:16:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010/10/05 09:16:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010/10/05 09:16:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010/10/05 09:16:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010/10/05 09:16:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010/10/05 09:16:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010/10/05 09:16:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010/10/05 09:16:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010/10/05 09:16:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010/10/05 09:16:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010/10/05 09:16:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010/10/05 09:16:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010/10/05 09:16:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010/10/05 09:16:41 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010/10/05 09:16:41 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010/10/05 09:16:41 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010/10/05 09:16:41 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010/10/05 09:16:41 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010/10/05 09:16:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010/10/05 09:16:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010/10/05 09:16:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010/10/05 09:15:37 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010/10/05 09:15:37 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010/10/05 09:15:37 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2010/10/05 09:15:37 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2010/10/05 09:13:53 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/10/05 09:13:42 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/10/05 08:46:20 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010/10/05 08:46:19 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2010/10/05 08:46:19 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010/10/05 08:46:19 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010/10/05 08:46:19 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010/10/05 08:46:19 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010/10/05 08:46:19 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2009/07/06 13:56:30 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/10/04 04:07:44 | 000,003,147 | ---- | C] () -- C:\WINDOWS\System32\mirc.ini [2007/10/11 12:40:30 | 000,749,568 | ---- | C] () -- C:\WINDOWS\System32\agissi.dll [2007/10/11 12:40:29 | 011,157,504 | ---- | C] () -- C:\WINDOWS\System32\zhhp_res.dll [2007/10/11 12:40:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\vshp2600.dll [2007/10/11 12:39:39 | 000,000,939 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2007/09/14 05:14:36 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\knlps.sys [2007/09/14 05:14:36 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\remote.ini [2007/06/12 12:19:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI [2007/05/10 09:23:20 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini [2007/05/10 09:23:20 | 000,000,277 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2007/05/10 09:21:11 | 000,000,103 | ---- | C] () -- C:\WINDOWS\System32\hptrace.ini [2007/05/10 09:20:54 | 000,008,589 | ---- | C] () -- C:\WINDOWS\hpdj6127.ini [2007/03/14 20:54:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2007/03/14 20:51:54 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2007/03/14 11:12:29 | 000,000,467 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/03/15 21:51:32 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\msn.dll [2003/02/04 00:26:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll [2002/08/27 18:03:14 | 000,029,184 | -H-- | C] () -- C:\WINDOWS\System32\systemac.dll [color=#E56717]========== LOP Check ==========[/color] [2009/07/06 10:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search [2010/10/06 08:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search [2010/10/07 09:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2010/10/05 09:15:37 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2008/09/30 20:07:51 | 000,004,981 | ---- | M] () -- C:\bom.xe [2010/10/05 09:10:11 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2007/10/17 09:13:07 | 000,000,015 | ---- | M] () -- C:\chk_busy.tis [2010/10/05 09:15:37 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010/10/08 10:00:00 | 527,290,368 | -HS- | M] () -- C:\hiberfil.sys [2010/10/05 09:15:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2006/09/22 08:43:00 | 005,668,864 | ---- | M] (Technical Information Systems SA) -- C:\Man3000.exe [2010/10/05 09:15:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/04 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010/10/06 08:23:10 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/10/08 09:59:58 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys [2007/03/26 09:11:38 | 000,000,056 | ---- | M] () -- C:\w_pr_font.tis [color=#A23BEC]< %systemroot%\*./mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\config\*.sav >[/color] [2010/10/05 10:40:56 | 000,524,288 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2010/10/05 08:28:13 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav [2010/10/05 10:40:56 | 030,146,560 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2010/10/05 10:40:56 | 008,126,464 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-08 07:06:19 [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 < End of report >