OTL logfile created on: 2/15/2011 8:17:17 AM - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Documents and Settings\Joe\Desktop\more trojans
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 34.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 88.02 Gb Free Space | 78.76% Space Free | Partition Type: NTFS
 
Computer Name: ISABEL | User Name: Joe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/02/15 08:15:40 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Joe\Desktop\more trojans\OTL.exe
PRC - [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/01/05 09:13:06 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2010/12/11 09:41:11 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/11 09:41:09 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/11/23 21:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/07 12:43:18 | 000,106,496 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
PRC - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/08/15 09:39:04 | 003,343,688 | ---- | M] (Webshots.com) -- C:\Program Files\Webshots\Webshots.scr
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/18 11:53:53 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdvcoms.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/02/15 08:15:40 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Joe\Desktop\more trojans\OTL.exe
MOD - [2011/01/05 09:13:48 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010/12/04 01:58:45 | 000,413,112 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\asOEHook.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [Auto | Stopped] --  -- (Bonjour Service)
SRV - File not found [Disabled | Stopped] --  -- (AppMgmt)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/11/25 09:49:46 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/11/23 21:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe -- (NIS)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/04/19 22:02:49 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2007/10/18 11:53:53 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdvcoms.exe -- (lxdv_device)
SRV - [2007/10/18 11:53:41 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdvserv.exe -- (lxdvCATSCustConnectService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/02/11 13:02:26 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110214.035\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/02/11 13:02:26 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110214.035\NAVENG.SYS -- (NAVENG)
DRV - [2011/01/20 20:25:19 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/12/01 00:24:00 | 000,368,248 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1205000.07D\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/11/22 23:21:16 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/11/22 23:08:31 | 000,509,560 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1205000.07D\SRTSP.SYS -- (SRTSP)
DRV - [2010/11/22 23:08:31 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/11/17 21:59:55 | 000,652,336 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\SYMEFA.SYS -- (SymEFA)
DRV - [2010/11/15 20:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\Ironx86.SYS -- (SymIRON)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/11/10 20:46:29 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110214.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/10/20 21:28:36 | 000,340,016 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\SYMDS.SYS -- (SymDS)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/03 15:23:36 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/03 15:23:34 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/03 15:23:32 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/04/29 08:01:57 | 000,259,200 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2009/04/29 08:01:57 | 000,213,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2009/04/29 08:01:57 | 000,146,560 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2009/04/29 08:01:57 | 000,118,409 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2009/04/29 08:01:57 | 000,022,745 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2009/04/29 08:01:57 | 000,021,993 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2009/04/29 07:57:17 | 000,066,992 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2009/04/29 07:57:16 | 000,024,698 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/01/30 13:42:54 | 000,009,728 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\palmmdm.sys -- (palmmdm)
DRV - [2004/09/17 08:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/04/13 16:03:46 | 000,016,509 | ---- | M] (Palm, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2003/11/03 12:46:00 | 001,330,940 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2001/08/22 07:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: kodak-companion@mozilla.com:2.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: quickdrag@mozilla.ktechcomputing.com:2.0.2.1
FF - prefs.js..extensions.enabledItems: ststusscicalc@sunny:4.9.2
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.9.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: firefox@zoodles.com:2.3
FF - prefs.js..extensions.enabledItems: openinie@wittersworld.com:1.3
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: avg@igeared:6.011.025.001
 
 
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/01/05 09:13:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2011/01/20 20:28:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn\ [2011/01/20 20:23:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/02/13 12:03:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011/02/13 15:12:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/29 16:32:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/12 01:20:37 | 000,000,000 | ---D | M]
 
[2010/01/16 18:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Extensions
[2010/01/16 18:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/02/13 12:12:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions
[2011/01/07 09:22:23 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/06/23 08:13:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/04/29 09:01:14 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2010/12/04 13:09:45 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2011/01/07 09:22:23 | 000,000,000 | ---D | M] (Zoodles) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions\firefox@zoodles.com
[2010/12/04 13:09:45 | 000,000,000 | ---D | M] (Kodak EasyShare Gallery Companion) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions\kodak-companion@mozilla.com
[2010/08/19 08:48:38 | 000,000,000 | ---D | M] (Open in IE) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions\openinie@wittersworld.com
[2010/09/12 08:05:54 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions\personas@christopher.beard
[2009/09/10 17:13:32 | 000,000,000 | ---D | M] (QuickDrag) -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions\quickdrag@mozilla.ktechcomputing.com
[2010/04/02 07:36:16 | 000,000,000 | ---D | M] ("Status-bar Scientific Calculator") -- C:\Documents and Settings\Joe\Application Data\Mozilla\Firefox\Profiles\l6n4o1hb.default\extensions\ststusscicalc@sunny
[2011/02/14 17:44:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/31 11:06:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/28 22:55:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/20 20:23:42 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\COFFPLGN
[2011/01/20 20:28:53 | 000,000,000 | ---D | M] (Norton IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPLGN
[2011/01/05 09:13:49 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011/02/13 12:03:35 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX
[2011/02/13 15:12:03 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.011.025.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
[2010/08/31 11:05:51 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2010/08/28 07:14:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - Startup: C:\Documents and Settings\Joe\Start Menu\Programs\Startup\VZAccess Manager.lnk =  File not found
O4 - Startup: C:\Documents and Settings\Joe\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\Launcher.exe (Webshots.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains:   ([]msn in My Computer)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240197517416 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} https://vpn.cmf.org//SNX/CSHELL/extender.cab (SlimClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Joe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Joe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/19 20:02:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/02/14 20:43:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/02/14 20:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Desktop\more trojans
[2011/02/14 19:48:38 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Joe\Desktop\mbam-setup-1.50.1.1100.exe
[2011/02/14 19:40:59 | 006,080,440 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Joe\Desktop\NPE.exe
[2011/02/13 15:42:50 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2011/02/13 14:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2011/02/13 12:40:16 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/02/13 12:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Local Settings\Application Data\AVG Security Toolbar
[2011/02/13 12:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Application Data\AVG10
[2011/02/13 12:05:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/02/13 12:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/02/13 12:04:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2011/02/13 12:03:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/02/13 12:03:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/02/13 12:02:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/02/13 11:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/02/12 22:06:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Local Settings\Application Data\NPE
[2011/02/12 22:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Application Data\Tific
[2011/02/12 19:34:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Desktop\Trojan
[2011/02/12 16:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2011/02/12 16:37:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\41EBC322660F4D16A0DF53147210CBDB.TMP
[2011/02/12 16:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/02/12 14:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\My Documents\Anti-Malware
[2011/02/12 08:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2011/02/11 08:01:06 | 091,399,968 | ---- | C] (                                                            ) -- C:\Documents and Settings\Joe\Desktop\setup_9.0.0.722_11.02.2011_14-07.exe
[2011/02/07 08:22:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Handmark
[2011/02/07 08:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\Handmark
[2011/01/30 17:06:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mobipocket.com
[2011/01/30 17:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\Mobipocket.com
[2011/01/30 14:43:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Desktop\pgwhole
[2011/01/26 22:30:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Application Data\Smith Micro
[2011/01/26 22:07:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Start Menu\Programs\Palm
[2011/01/26 15:27:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS
[2011/01/26 15:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
[2011/01/26 15:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton Security Scan
[2011/01/26 15:27:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS\0300010.008
[2011/01/25 21:31:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joe\Desktop\FileZ683
[2011/01/21 09:44:37 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2009/04/20 00:50:02 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDVhcp.dll
[2009/04/20 00:50:02 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdvinpa.dll
[2009/04/20 00:50:01 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdviesc.dll
[2009/04/20 00:50:00 | 001,069,056 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdvserv.dll
[2009/04/20 00:50:00 | 000,954,368 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdvusb1.dll
[2009/04/20 00:49:59 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdvpmui.dll
[2009/04/20 00:49:59 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdvlmpm.dll
[2009/04/20 00:49:59 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdvprox.dll
[2009/04/20 00:49:56 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdvhbn3.dll
[2009/04/20 00:49:53 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdvcomc.dll
[2009/04/20 00:49:53 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdvcomm.dll
[7 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/02/15 08:21:10 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/15 08:15:25 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-963894560-839522115-1004.job
[2011/02/15 08:15:25 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-484763869-963894560-839522115-1004.job
[2011/02/15 07:55:51 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/15 07:55:40 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2011/02/15 07:55:40 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-484763869-963894560-839522115-1006.job
[2011/02/15 07:55:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/14 20:47:00 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\Kasoersky steps through Trojan.doc
[2011/02/14 20:45:58 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\New Microsoft Word Document.doc
[2011/02/14 19:57:00 | 000,000,392 | RHS- | M] () -- C:\boot.ini
[2011/02/14 19:49:36 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/14 19:48:41 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Joe\Desktop\mbam-setup-1.50.1.1100.exe
[2011/02/14 19:41:57 | 006,080,440 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Joe\Desktop\NPE.exe
[2011/02/14 17:44:49 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Anna.job
[2011/02/14 09:26:40 | 106,091,254 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/02/13 15:41:18 | 000,178,152 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\activescan2_en.exe
[2011/02/13 12:04:24 | 000,665,496 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\Cat.DB
[2011/02/12 08:28:24 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-963894560-839522115-1006.job
[2011/02/12 07:44:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2011/02/12 01:20:38 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/02/11 11:16:00 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Joe\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/02/11 08:05:21 | 091,399,968 | ---- | M] (                                                            ) -- C:\Documents and Settings\Joe\Desktop\setup_9.0.0.722_11.02.2011_14-07.exe
[2011/02/11 03:21:29 | 000,204,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/11 03:04:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/09 07:30:40 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\Kacie 2-06 to 2-12B.xls
[2011/02/09 07:26:06 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\Joe\Start Menu\Programs\Startup\Webshots.lnk
[2011/02/08 20:58:42 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\FM Progress Rpt 1.11 ResNote.doc
[2011/02/08 20:58:42 | 000,015,194 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDrTemplate.xlsx
[2011/02/08 20:58:42 | 000,014,976 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 2-7-11.xlsx
[2011/02/08 20:58:42 | 000,014,798 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 2-28-11.xlsx
[2011/02/08 20:58:41 | 000,172,032 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VDA Meds and refill dates_1_1.xls
[2011/02/08 20:58:41 | 000,014,854 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 2-14-11.xlsx
[2011/02/08 20:58:41 | 000,014,812 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 2-21-11.xlsx
[2011/02/08 20:58:40 | 000,108,032 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\DE Jan 11.doc
[2011/02/08 20:58:40 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\JE progress note 1.doc
[2011/02/08 20:58:40 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\RL monthly progress note Jan 11.doc
[2011/02/08 20:58:39 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\3-6 to 3-12.xls
[2011/02/08 20:58:39 | 000,013,024 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\2-6-2011.xlsx
[2011/02/08 20:58:39 | 000,013,011 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\3-6-2011.xlsx
[2011/02/08 20:58:38 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\2-27 to 3-5.xls
[2011/02/08 20:58:38 | 000,013,068 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\2-20-2011.xlsx
[2011/02/08 20:58:38 | 000,013,036 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\2-27-2011.xlsx
[2011/02/08 20:58:37 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\2-20 to 2-26.xls
[2011/02/08 20:58:37 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\2-13 to 2-19.xls
[2011/02/08 20:58:37 | 000,013,062 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\2-13-2011.xlsx
[2011/02/08 20:58:36 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\2-06 to 2-12.xls
[2011/02/08 20:58:36 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\1-30 to 2-05.xls
[2011/02/08 20:58:35 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\03.6.xls
[2011/02/08 20:58:35 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\02.13.xls
[2011/02/08 20:58:35 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\02.27.xls
[2011/02/08 20:58:35 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\02.20.xls
[2011/02/08 20:58:34 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\02.06.xls
[2011/02/08 20:58:19 | 000,166,400 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VDA Meds and refill dates_1.xls
[2011/02/07 22:11:14 | 000,014,400 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\RL Emergency Protocol 9-17-10.docx
[2011/02/07 22:08:26 | 000,014,520 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\FM Emergency Protocol 9-17-10.docx
[2011/02/07 22:00:18 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\DE Emergency Protocol 9-17-10.doc
[2011/02/07 21:33:33 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\JE Emeregency Protocol 9-17-10l.doc
[2011/02/07 20:09:04 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\FM Progress Rpt 1.11 ResNote..doc
[2011/02/07 18:37:40 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\~$ Progress Rpt 1.11 ResNote..doc
[2011/02/06 14:57:22 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/04 09:45:04 | 000,000,056 | ---- | M] () -- C:\{CF863137-3632-47EF-833F-E10DD765E585}
[2011/02/04 09:44:59 | 000,031,064 | ---- | M] () -- C:\{1096AA09-D8A8-4291-8A7E-7E786D933FE4}
[2011/02/02 21:30:26 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\RL monthly progress note Dec 10.doc
[2011/02/02 21:29:22 | 000,109,056 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\DE Jan 11.doc
[2011/02/02 21:28:50 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\JE progress note 1.11.doc
[2011/02/01 20:09:58 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\To Summarize.doc
[2011/02/01 19:19:34 | 000,002,423 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mobipocket Reader.lnk
[2011/01/31 21:29:21 | 000,325,303 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\00433160.jpg
[2011/01/31 21:29:18 | 000,012,636 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-17-11.xlsx
[2011/01/31 21:29:18 | 000,004,800 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\Med Passes.xls
[2011/01/31 21:29:17 | 000,014,899 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-24-11_1.xlsx
[2011/01/31 21:29:17 | 000,014,875 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-31-11_1.xlsx
[2011/01/31 21:29:17 | 000,014,820 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-17-11_1.xlsx
[2011/01/31 21:29:17 | 000,012,635 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-24-11.xlsx
[2011/01/31 21:29:17 | 000,012,580 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-31-11.xlsx
[2011/01/30 14:41:01 | 000,131,848 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\pgwhole.zip
[2011/01/30 14:12:22 | 000,266,240 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\CMRC med_treat order.doc
[2011/01/26 22:30:19 | 000,001,893 | ---- | M] () -- C:\Documents and Settings\Joe\Start Menu\Programs\Startup\VZAccess Manager.lnk
[2011/01/26 15:27:36 | 000,000,970 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Scan.lnk
[2011/01/25 21:25:51 | 000,159,139 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\FileZ683.zip
[2011/01/23 18:56:31 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Joe\My Documents\Anna's project 2011.doc
[2011/01/21 09:44:37 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2011/01/21 09:44:37 | 000,439,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2011/01/20 20:27:22 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2011/01/20 20:25:19 | 000,126,512 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011/01/20 20:25:19 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011/01/20 20:25:19 | 000,007,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011/01/20 20:25:19 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011/01/20 20:11:29 | 000,015,012 | ---- | M] () -- C:\Documents and Settings\All Users\lxdv
[2011/01/19 16:58:20 | 000,000,307 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\Ms. Nancy's Kindergarten.url
[2011/01/19 11:05:57 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\JE progress note 12 10.doc
[2011/01/19 10:47:53 | 000,108,544 | ---- | M] () -- C:\Documents and Settings\Joe\Desktop\DE Janauary 2010.doc
[7 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/02/14 20:46:59 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\Kasoersky steps through Trojan.doc
[2011/02/14 20:45:58 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\New Microsoft Word Document.doc
[2011/02/14 09:26:40 | 106,091,254 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/02/13 15:40:48 | 000,178,152 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\activescan2_en.exe
[2011/02/08 21:32:07 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\Kacie 2-06 to 2-12B.xls
[2011/02/08 20:58:42 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\FM Progress Rpt 1.11 ResNote.doc
[2011/02/08 20:58:41 | 000,172,032 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VDA Meds and refill dates_1_1.xls
[2011/02/08 20:58:40 | 000,108,032 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\DE Jan 11.doc
[2011/02/08 20:58:40 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\JE progress note 1.doc
[2011/02/08 20:58:40 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\RL monthly progress note Jan 11.doc
[2011/02/08 20:58:39 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\3-6 to 3-12.xls
[2011/02/08 20:58:39 | 000,013,024 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\2-6-2011.xlsx
[2011/02/08 20:58:39 | 000,013,011 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\3-6-2011.xlsx
[2011/02/08 20:58:38 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\2-27 to 3-5.xls
[2011/02/08 20:58:38 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\2-20 to 2-26.xls
[2011/02/08 20:58:38 | 000,013,068 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\2-20-2011.xlsx
[2011/02/08 20:58:38 | 000,013,036 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\2-27-2011.xlsx
[2011/02/08 20:58:37 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\2-13 to 2-19.xls
[2011/02/08 20:58:37 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\2-06 to 2-12.xls
[2011/02/08 20:58:37 | 000,013,062 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\2-13-2011.xlsx
[2011/02/08 20:58:36 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\1-30 to 2-05.xls
[2011/02/08 20:58:35 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\03.6.xls
[2011/02/08 20:58:35 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\02.13.xls
[2011/02/08 20:58:35 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\02.27.xls
[2011/02/08 20:58:35 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\02.20.xls
[2011/02/08 20:58:34 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\02.06.xls
[2011/02/07 22:08:25 | 000,014,520 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\FM Emergency Protocol 9-17-10.docx
[2011/02/07 21:59:02 | 000,014,400 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\RL Emergency Protocol 9-17-10.docx
[2011/02/07 21:44:05 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\DE Emergency Protocol 9-17-10.doc
[2011/02/07 21:33:33 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\JE Emeregency Protocol 9-17-10l.doc
[2011/02/07 18:37:40 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\~$ Progress Rpt 1.11 ResNote..doc
[2011/02/04 09:45:04 | 000,000,056 | ---- | C] () -- C:\{CF863137-3632-47EF-833F-E10DD765E585}
[2011/02/04 09:44:59 | 000,031,064 | ---- | C] () -- C:\{1096AA09-D8A8-4291-8A7E-7E786D933FE4}
[2011/02/02 21:30:26 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\RL monthly progress note Dec 10.doc
[2011/02/02 21:29:53 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\FM Progress Rpt 1.11 ResNote..doc
[2011/02/02 21:29:21 | 000,109,056 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\DE Jan 11.doc
[2011/02/02 21:28:50 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\JE progress note 1.11.doc
[2011/02/01 20:09:51 | 000,079,872 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\To Summarize.doc
[2011/01/31 21:29:21 | 000,325,303 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\00433160.jpg
[2011/01/31 21:29:19 | 000,004,800 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\Med Passes.xls
[2011/01/31 21:29:18 | 000,166,400 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VDA Meds and refill dates_1.xls
[2011/01/31 21:29:18 | 000,014,820 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-17-11_1.xlsx
[2011/01/31 21:29:18 | 000,012,636 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-17-11.xlsx
[2011/01/31 21:29:17 | 000,014,899 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-24-11_1.xlsx
[2011/01/31 21:29:17 | 000,014,875 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-31-11_1.xlsx
[2011/01/31 21:29:17 | 000,012,635 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-24-11.xlsx
[2011/01/31 21:29:17 | 000,012,580 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 1-31-11.xlsx
[2011/01/31 21:29:16 | 000,014,976 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 2-7-11.xlsx
[2011/01/31 21:29:16 | 000,014,854 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 2-14-11.xlsx
[2011/01/31 21:29:16 | 000,014,812 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 2-21-11.xlsx
[2011/01/31 21:29:16 | 000,014,798 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDr 2-28-11.xlsx
[2011/01/31 21:29:15 | 000,015,194 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\VerneyDrTemplate.xlsx
[2011/01/30 17:06:45 | 000,002,423 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mobipocket Reader.lnk
[2011/01/30 14:40:39 | 000,131,848 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\pgwhole.zip
[2011/01/29 18:21:46 | 000,266,240 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\CMRC med_treat order.doc
[2011/01/26 22:30:19 | 000,001,893 | ---- | C] () -- C:\Documents and Settings\Joe\Start Menu\Programs\Startup\VZAccess Manager.lnk
[2011/01/26 15:27:30 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NSS\0300010.008\isolate.ini
[2011/01/25 21:25:51 | 000,159,139 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\FileZ683.zip
[2011/01/19 17:54:51 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Joe\My Documents\Anna's project 2011.doc
[2011/01/19 11:05:36 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\JE progress note 12 10.doc
[2011/01/19 10:22:03 | 000,108,544 | ---- | C] () -- C:\Documents and Settings\Joe\Desktop\DE Janauary 2010.doc
[2011/01/12 18:39:13 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/03/08 01:08:05 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Joe\Local Settings\Application Data\xobni_installer_updater.log
[2010/03/07 18:48:51 | 000,000,062 | -H-- | C] () -- C:\Program Files\AppUpdate.log
[2010/03/05 23:35:49 | 000,000,070 | ---- | C] () -- C:\WINDOWS\mmpoly.ini
[2010/02/15 11:00:36 | 000,028,378 | ---- | C] () -- C:\Documents and Settings\Joe\Application Data\Tab Separated Values (Windows).ADR
[2010/02/07 13:58:34 | 000,028,359 | ---- | C] () -- C:\Documents and Settings\Joe\Application Data\Comma Separated Values (DOS).ADR
[2010/02/07 13:55:56 | 000,028,363 | ---- | C] () -- C:\Documents and Settings\Joe\Application Data\Comma Separated Values (Windows).ADR
[2010/02/04 13:08:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/11/13 11:42:27 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXDVFXPU.DLL
[2009/11/13 11:42:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXDVPMON.DLL
[2009/11/13 11:42:06 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdvoem.dll
[2009/11/06 11:22:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009/10/28 07:25:48 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDVinst.dll
[2009/05/20 07:15:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2009/05/20 07:10:14 | 000,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2009/05/20 06:35:42 | 000,000,094 | ---- | C] () -- C:\WINDOWS\family.ini
[2009/04/29 08:59:32 | 000,055,808 | ---- | C] () -- C:\Documents and Settings\Joe\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/25 11:32:19 | 000,000,003 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2009/04/20 08:52:30 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll
[2009/04/20 03:08:50 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdvvs.dll
[2009/04/20 03:08:39 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdvcoin.dll
[2009/04/20 03:07:25 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdvdrs.dll
[2009/04/20 03:07:25 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdvcaps.dll
[2009/04/20 03:07:23 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdvcnv4.dll
[2009/04/20 00:50:17 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\lxdvrwrd.ini
[2009/04/20 00:49:55 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdvgrd.dll
[2009/04/19 21:54:32 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2009/04/19 15:53:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 02:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/06 01:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll

< End of report >