OTL logfile created on: 9/9/2011 6:39:33 PM - Run 1
OTL by OldTimer - Version 3.2.27.0     Folder = D:\Users\Administrator.afognak\Desktop
64bit-Windows Vista Server Standard Edition (full installation) Service Pack 1 (Version = 6.0.6001) - Type = NTDomainController
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.99 Gb Total Physical Memory | 6.30 Gb Available Physical Memory | 78.84% Memory free
16.04 Gb Paging File | 13.59 Gb Available in Paging File | 84.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 40.00 Gb Total Space | 6.18 Gb Free Space | 15.45% Space Free | Partition Type: NTFS
Drive D: | 930.50 Gb Total Space | 519.34 Gb Free Space | 55.81% Space Free | Partition Type: NTFS
Drive E: | 105.41 Gb Total Space | 34.54 Gb Free Space | 32.76% Space Free | Partition Type: NTFS
Drive F: | 3.00 Gb Total Space | 1.87 Gb Free Space | 62.18% Space Free | Partition Type: NTFS
Drive Z: | 931.49 Gb Total Space | 242.74 Gb Free Space | 26.06% Space Free | Partition Type: NTFS
 
Computer Name: NVA-SERVER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/09/09 18:39:28 | 000,581,120 | ---- | M] (OldTimer Tools) -- D:\Users\Administrator.afognak\Desktop\OTL.com
PRC - [2011/07/08 12:23:35 | 000,133,944 | ---- | M] (Cisco WebEx LLC) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2010/08/05 08:46:02 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2009/06/09 09:39:02 | 000,582,896 | ---- | M] (Dell, Inc.) -- C:\Program Files\Dell\Printer Software\ErrorApp\dkab1err.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2010/02/18 05:20:00 | 000,417,792 | ---- | M] () -- C:\Program Files\Dell\Printer Software\ErrorApp\parser.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2010/08/05 08:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV:[b]64bit:[/b] - [2009/11/15 01:54:08 | 001,760,584 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Backup Exec\beremote.exe -- (BackupExecAgentAccelerator)
SRV:[b]64bit:[/b] - [2009/11/15 01:54:02 | 002,028,872 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\Backup Exec\pvlsvr.exe -- (BackupExecDeviceMediaService)
SRV:[b]64bit:[/b] - [2009/11/15 01:54:00 | 009,658,184 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\Backup Exec\beserver.exe -- (BackupExecRPCService)
SRV:[b]64bit:[/b] - [2009/11/15 01:53:58 | 005,627,720 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\Backup Exec\bengine.exe -- (BackupExecJobEngine)
SRV:[b]64bit:[/b] - [2009/11/15 01:53:58 | 000,408,904 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\Backup Exec\benetns.exe -- (BackupExecAgentBrowser)
SRV:[b]64bit:[/b] - [2009/06/09 09:38:54 | 001,054,960 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DKabcoms.exe -- (dkab_device)
SRV:[b]64bit:[/b] - [2009/02/11 22:05:17 | 000,638,464 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dns.exe -- (DNS)
SRV:[b]64bit:[/b] - [2008/09/28 15:19:12 | 009,474,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Exchange Server\bin\store.exe -- (MSExchangeIS)
SRV:[b]64bit:[/b] - [2008/09/28 15:18:54 | 000,022,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Exchange Server\ClientAccess\PopImap\Microsoft.Exchange.Pop3Service.exe -- (MSExchangePop3)
SRV:[b]64bit:[/b] - [2008/09/28 15:18:54 | 000,022,128 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Exchange Server\ClientAccess\PopImap\Microsoft.Exchange.Imap4Service.exe -- (MSExchangeImap4)
SRV:[b]64bit:[/b] - [2008/09/28 15:18:52 | 000,055,408 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Exchange Server\Bin\Microsoft.Exchange.Monitoring.exe -- (MSExchangeMonitoring)
SRV:[b]64bit:[/b] - [2008/09/28 15:18:32 | 000,057,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Exchange Server\Bin\MSExchangeMailSubmission.exe -- (MSExchangeMailSubmission)
SRV:[b]64bit:[/b] - [2008/09/28 15:18:22 | 000,261,008 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Exchange Server\Bin\MSExchangeMailboxAssistants.exe -- (MSExchangeMailboxAssistants)
SRV:[b]64bit:[/b] - [2008/09/28 15:18:16 | 000,039,032 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Exchange Server\Bin\Microsoft.Exchange.AntispamUpdateSvc.exe -- (MSExchangeAntispamUpdate)
SRV:[b]64bit:[/b] - [2008/09/28 15:18:04 | 000,069,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Exchange Server\Bin\MSExchangeTransportLogSearch.exe -- (MSExchangeTransportLogSearch)
SRV:[b]64bit:[/b] - [2008/09/28 15:18:04 | 000,063,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Exchange Server\Bin\MSExchangeTransport.exe -- (MSExchangeTransport)
SRV:[b]64bit:[/b] - [2008/09/28 15:17:58 | 000,084,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Exchange Server\Bin\Microsoft.Exchange.EdgeSyncSvc.exe -- (MSExchangeEdgeSync)
SRV:[b]64bit:[/b] - [2008/09/28 15:17:48 | 000,113,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Exchange Server\Bin\MSExchangeADTopologyService.exe -- (MSExchangeADTopology)
SRV:[b]64bit:[/b] - [2008/09/28 15:17:48 | 000,034,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Exchange Server\bin\Microsoft.Exchange.ServiceHost.exe -- (MSExchangeServiceHost)
SRV:[b]64bit:[/b] - [2008/09/28 15:17:06 | 000,088,120 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Exchange Server\Bin\MSExchangeFDS.exe -- (MSExchangeFDS)
SRV:[b]64bit:[/b] - [2008/09/28 15:16:54 | 000,232,352 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Exchange Server\Bin\Microsoft.Exchange.Search.ExSearch.exe -- (MSExchangeSearch)
SRV:[b]64bit:[/b] - [2008/09/28 15:16:32 | 000,063,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Exchange Server\bin\Microsoft.Exchange.Cluster.ReplayService.exe -- (MSExchangeRepl)
SRV:[b]64bit:[/b] - [2008/09/28 15:12:52 | 002,763,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Exchange Server\bin\mad.exe -- (MSExchangeSA)
SRV:[b]64bit:[/b] - [2008/01/19 05:53:45 | 001,019,392 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\ntfrs.exe -- (NtFrs)
SRV:[b]64bit:[/b] - [2008/01/19 05:52:27 | 000,091,648 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\RSoPProv.exe -- (RSoPProv)
SRV:[b]64bit:[/b] - [2008/01/19 05:52:26 | 000,195,584 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2008/01/19 05:52:18 | 000,326,656 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dfssvc.exe -- (Dfs)
SRV:[b]64bit:[/b] - [2008/01/19 05:52:17 | 000,059,392 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\ismserv.exe -- (IsmServ)
SRV:[b]64bit:[/b] - [2008/01/19 05:52:06 | 000,012,288 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\wmsvc.exe -- (WMSvc)
SRV:[b]64bit:[/b] - [2008/01/19 05:52:05 | 000,015,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:[b]64bit:[/b] - [2008/01/19 05:51:52 | 003,671,040 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DFSRs.exe -- (DFSR)
SRV:[b]64bit:[/b] - [2008/01/19 05:51:51 | 000,041,984 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:[b]64bit:[/b] - [2008/01/19 05:51:45 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\sacsvr.dll -- (sacsvr)
SRV:[b]64bit:[/b] - [2008/01/19 05:51:44 | 000,026,112 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\FCRegSvc.dll -- (FCRegSvc)
SRV:[b]64bit:[/b] - [2007/02/12 05:13:00 | 000,158,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft\Exchange Server\bin\msftesql.exe -- (msftesql-Exchange)
SRV - [2011/07/08 12:23:35 | 000,133,944 | ---- | M] (Cisco WebEx LLC) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2011/03/17 08:55:40 | 002,024,824 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/04/20 08:13:21 | 000,371,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/20 08:13:21 | 000,371,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/06/09 09:38:58 | 000,603,376 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\DKabcoms.exe -- (dkab_device)
SRV - [2008/07/27 10:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/30 17:36:35 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/01/19 05:52:59 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2009/11/15 01:54:32 | 000,050,224 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VirtFile.sys -- (VirtFile)
DRV:[b]64bit:[/b] - [2009/11/15 01:54:26 | 000,048,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tpfilter.sys -- (tpfilter)
DRV:[b]64bit:[/b] - [2009/01/09 18:49:59 | 000,221,696 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\vid.sys -- (Vid)
DRV:[b]64bit:[/b] - [2009/01/09 18:49:12 | 000,133,120 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:[b]64bit:[/b] - [2009/01/09 18:49:12 | 000,038,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storflt.sys -- (storflt)
DRV:[b]64bit:[/b] - [2009/01/09 18:49:12 | 000,006,656 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\s3cap.sys -- (s3cap)
DRV:[b]64bit:[/b] - [2008/09/18 18:07:06 | 000,474,664 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2008/07/02 08:49:42 | 003,086,888 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2008/07/01 14:17:16 | 000,609,832 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\bxois.sys -- (BXOIS)
DRV:[b]64bit:[/b] - [2008/06/19 08:02:32 | 000,081,408 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\bxdiaga.sys -- (b06diag)
DRV:[b]64bit:[/b] - [2008/05/14 14:23:50 | 000,068,096 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bxnd60a.sys -- (l2nd)
DRV:[b]64bit:[/b] - [2008/02/06 15:34:58 | 002,210,816 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV:[b]64bit:[/b] - [2008/01/23 15:55:06 | 000,057,392 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\halfinch.sys -- (halfinchVRTS)
DRV:[b]64bit:[/b] - [2008/01/19 05:52:18 | 000,045,112 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfs.sys -- (DfsDriver)
DRV:[b]64bit:[/b] - [2008/01/19 05:51:45 | 000,103,992 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysNative\DRIVERS\sacdrv.sys -- (sacdrv)
DRV:[b]64bit:[/b] - [2008/01/19 05:51:36 | 000,035,328 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\qd260x64.sys -- (ioatdma) Intel(R)
DRV:[b]64bit:[/b] - [2008/01/18 23:11:31 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2008/01/18 22:29:26 | 000,009,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ltotape.sys -- (ltotape)
DRV:[b]64bit:[/b] - [2008/01/05 03:22:48 | 000,317,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel(R)
DRV:[b]64bit:[/b] - [2007/08/24 00:01:42 | 000,028,208 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\scsichng.sys -- (SCSIChanger)
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/SoftAdmin.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
O1 HOSTS File: ([2006/09/18 13:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O4:[b]64bit:[/b] - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe (Broadcom Corporation)
O4 - HKCU..\Run: [DKab1err] C:\Program Files\Dell\Printer Software\ErrorApp\dkab1err.exe (Dell, Inc.)
O4 - HKCU..\RunOnce: [201199_18_902791] C:\Users\Administrator.afognak\AppData\Local\Temp\LMIR0002.tmp.bat.js ()
O4 - Startup: C:\Users\Administrator.afognak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\POP Collector.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ShowSuperHidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O13 - gopher Prefix: missing
O13 - ftp Prefix: missing
O13 - gopher Prefix: missing
O13 - home Prefix: missing
O13 - mosaic Prefix: missing
O13 - www Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = afognak.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2CFA553E-B765-4FAB-AC79-ECCCB6895B83}: NameServer = 192.168.0.11,192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B479EEA-EA1C-4C27-876F-6773E9AD5635}: NameServer = 192.168.0.11,192.168.0.1,4.2.2.2
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20:[b]64bit:[/b] - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Key error. -  File not found
O29:[b]64bit:[/b] - HKLM SecurityProviders - (pwdssp.dll) -  File not found
O29 - HKLM SecurityProviders - (pwdssp.dll) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/09/09 20:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/09/09 20:43:49 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2011/09/09 20:43:49 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2011/09/09 20:43:49 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml.dll
[2011/09/09 20:43:49 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2011/09/09 20:43:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Mechanic
[2011/09/09 20:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2011/09/09 20:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/09/09 20:43:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\WinRAR
[2011/09/09 20:43:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/09/09 20:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/09/09 20:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/09/09 20:31:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\uTorrent
[2011/09/09 20:31:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Local\uTorrent
[2011/09/09 18:39:26 | 000,581,120 | ---- | C] (OldTimer Tools) -- D:\Users\Administrator.afognak\Desktop\OTL.com
[2011/09/09 18:33:46 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/09/09 14:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/09/09 14:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/09/09 14:44:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HijackThis
[2011/09/09 14:44:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\Desktop
[2011/09/09 13:09:06 | 605,410,472 | ---- | C] (Microsoft Corporation) -- D:\Users\Administrator.afognak\Desktop\Windows6.0-KB948465-X64.exe
[2011/09/09 13:07:09 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- D:\Users\Administrator.afognak\Desktop\HiJackThis.exe
[2011/09/08 19:15:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/09/08 19:02:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\try
[2011/09/08 19:02:31 | 000,000,000 | ---D | C] -- \Program Files
[2011/09/08 19:01:21 | 009,466,208 | ---- | C] (Malwarebytes Corporation                                    ) -- D:\Users\Administrator.afognak\Desktop\try this.exe
[2011/09/08 18:50:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/09/08 18:50:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\Spybot - Search & Destroy
[2011/09/08 18:50:27 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/09/08 16:31:07 | 000,000,000 | ---D | C] -- C:\Windows\Program Files (x86)
[2011/09/08 15:32:42 | 000,000,000 | ---D | C] -- C:\broadcom
[2011/09/08 14:42:51 | 000,000,000 | ---D | C] -- D:\Users\Administrator.afognak\Documents\WC7435_PS_5.133.3.0_Eng[1]
[2011/09/08 14:40:40 | 006,269,752 | ---- | C] (Dell, Inc.) -- D:\Users\Administrator.afognak\Desktop\RAID_FRMW_WIN_R278433.EXE
[2011/09/08 14:40:40 | 002,537,984 | ---- | C] (Dell, Inc.) -- D:\Users\Administrator.afognak\Desktop\RAID_DRVR_WIN_R210510.EXE
[2011/09/08 14:40:40 | 000,522,000 | ---- | C] (Microsoft Corporation) -- D:\Users\Administrator.afognak\Desktop\setup.exe
[2011/09/08 14:40:40 | 000,360,960 | ---- | C] (Microsoft Corporation) -- D:\Users\Administrator.afognak\Desktop\setup.com
[2011/09/08 14:40:34 | 000,000,000 | ---D | C] -- D:\Users\Administrator.afognak\Desktop\xerox 7435
[2011/09/08 14:40:34 | 000,000,000 | ---D | C] -- D:\Users\Administrator.afognak\Desktop\updates
[2011/09/08 14:40:34 | 000,000,000 | ---D | C] -- D:\Users\Administrator.afognak\Desktop\setup
[2011/09/08 14:40:34 | 000,000,000 | ---D | C] -- D:\Users\Administrator.afognak\Desktop\scripts
[2011/09/08 14:40:34 | 000,000,000 | ---D | C] -- D:\Users\Administrator.afognak\Desktop\Procmon
[2011/09/08 14:40:34 | 000,000,000 | ---D | C] -- D:\Users\Administrator.afognak\Desktop\Pop3Connector
[2011/09/08 14:40:34 | 000,000,000 | ---D | C] -- D:\Users\Administrator.afognak\Desktop\DSET Report for coastline computers of kodiak[NVA-SERVER SvcTag-HG97YH1-PE2900]
[2011/09/08 14:40:34 | 000,000,000 | ---D | C] -- D:\Users\Administrator.afognak\Desktop\Backup Exec
[2011/09/08 14:40:34 | 000,000,000 | ---D | C] -- D:\Users\Administrator.afognak\Desktop\4118_M20_120_3420_M15_x64_PCL_v3.04.05.03
[2011/09/08 14:38:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/09/08 14:38:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/09/08 14:33:48 | 000,000,000 | ---D | C] -- \exch2k7-installer
[2011/09/08 12:47:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/08 12:47:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/07 18:51:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator.afognak\AppData\Roaming\BACS.exe
[2011/09/06 15:48:22 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/09/06 15:48:22 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/09/06 15:48:22 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/09/06 15:48:22 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/09/06 15:48:22 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/09/06 15:48:22 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/09/06 15:48:22 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/09/06 15:48:22 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/09/06 15:48:22 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/09/06 15:48:22 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/09/06 15:48:22 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/09/06 15:48:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/09/06 15:48:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/22 07:52:38 | 001,056,768 | ---- | C] ( ) -- C:\Windows\SysWow64\dkabserv.dll
[2011/06/22 07:52:38 | 000,446,464 | ---- | C] ( ) -- C:\Windows\SysWow64\dkabhcp.dll
[2011/06/22 07:52:37 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\dkabcomc.dll
[2011/06/22 07:52:37 | 000,603,376 | ---- | C] ( ) -- C:\Windows\SysWow64\dkabcoms.exe
[2011/06/22 07:52:37 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\dkabcomm.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/09/09 20:44:19 | 001,402,880 | ---- | M] () -- D:\Users\Administrator.afognak\Desktop\dam.msi
[2011/09/09 20:43:49 | 000,000,625 | ---- | M] () -- D:\Users\Administrator.afognak\Desktop\Registry Mechanic.lnk
[2011/09/09 20:09:50 | 000,296,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/09/09 18:39:28 | 000,581,120 | ---- | M] (OldTimer Tools) -- D:\Users\Administrator.afognak\Desktop\OTL.com
[2011/09/09 18:19:30 | 002,170,088 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/09 18:19:30 | 001,699,520 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/09 18:19:30 | 000,440,010 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/09 18:12:09 | 000,001,460 | ---- | M] () -- C:\Users\Administrator.afognak\AppData\Local\d3d9caps64.dat
[2011/09/09 18:10:27 | 000,003,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/09 18:10:26 | 000,003,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/09 18:10:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/09 15:24:18 | 000,387,584 | ---- | M] () -- D:\Users\Administrator.afognak\Desktop\rescue2usb.exe
[2011/09/09 14:59:56 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/09/09 14:07:01 | 018,370,560 | ---- | M] () -- D:\Users\Administrator.afognak\Desktop\Dell_DSET_2.2.0.118_A01.msi
[2011/09/09 13:10:03 | 605,410,472 | ---- | M] (Microsoft Corporation) -- D:\Users\Administrator.afognak\Desktop\Windows6.0-KB948465-X64.exe
[2011/09/09 13:07:17 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- D:\Users\Administrator.afognak\Desktop\HiJackThis.exe
[2011/09/09 12:55:56 | 000,032,548 | ---- | M] () -- D:\Users\Administrator.afognak\Desktop\cc_20110909_125522.reg
[2011/09/08 19:01:21 | 009,466,208 | ---- | M] (Malwarebytes Corporation                                    ) -- D:\Users\Administrator.afognak\Desktop\try this.exe
[2011/09/08 18:50:29 | 000,000,801 | ---- | M] () -- D:\Users\Administrator.afognak\Desktop\Spybot - Search & Destroy.lnk
[2011/09/08 18:22:06 | 000,002,144 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/09/08 16:17:15 | 000,379,392 | ---- | M] () -- D:\Users\Administrator.afognak\Desktop\subinacl.msi
[2011/09/08 16:12:56 | 000,001,731 | ---- | M] () -- D:\Users\Administrator.afognak\Desktop\updateMBperms.bat
[2011/09/08 16:12:48 | 000,000,663 | ---- | M] () -- D:\Users\Administrator.afognak\Desktop\try.lnk
[2011/09/08 14:38:21 | 000,000,685 | ---- | M] () -- D:\Users\Administrator.afognak\Desktop\CCleaner.lnk
[2011/09/06 15:53:58 | 158,007,296 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2011/09/06 15:53:58 | 000,524,288 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2011/09/06 15:53:58 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/09/09 20:44:19 | 001,402,880 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\dam.msi
[2011/09/09 20:43:49 | 000,040,408 | ---- | C] () -- C:\Windows\SysNative\CleanMFT64.exe
[2011/09/09 20:43:49 | 000,000,625 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\Registry Mechanic.lnk
[2011/09/09 15:24:26 | 000,237,849 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\grub.exe
[2011/09/09 15:24:11 | 000,387,584 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\rescue2usb.exe
[2011/09/09 14:59:56 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/09/09 14:06:58 | 018,370,560 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\Dell_DSET_2.2.0.118_A01.msi
[2011/09/09 12:55:31 | 000,032,548 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\cc_20110909_125522.reg
[2011/09/08 18:50:29 | 000,000,801 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\Spybot - Search & Destroy.lnk
[2011/09/08 18:22:06 | 000,002,144 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/09/08 16:17:15 | 000,379,392 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\subinacl.msi
[2011/09/08 16:12:56 | 000,001,731 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\updateMBperms.bat
[2011/09/08 16:12:48 | 000,000,663 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\try.lnk
[2011/09/08 14:40:40 | 000,009,089 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\relnotes.htm
[2011/09/08 14:40:40 | 000,001,223 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\Shared (NVA-SERVER).lnk
[2011/09/08 14:40:38 | 131,624,960 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\OM-SrvAdmin-Dell-Web-WIN-6.3.0-2075_A00.20.exe
[2011/09/08 14:40:38 | 006,360,000 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\DSET Report for coastline computers of kodiak[NVA-SERVER SvcTag-HG97YH1-PE2900].zip
[2011/09/08 14:40:38 | 003,317,170 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\4118_M20_120_3420_M15_x64_PCL_v3.04.05.03.zip
[2011/09/08 14:40:38 | 002,616,665 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\ExBPA.201105260240174494.data.xml
[2011/09/08 14:40:38 | 000,000,685 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\CCleaner.lnk
[2011/09/08 14:40:38 | 000,000,063 | ---- | C] () -- D:\Users\Administrator.afognak\Desktop\autorun.inf
[2011/09/06 15:48:29 | 001,208,832 | ---- | C] () -- C:\Windows\SysNative\kernel32.dll
[2011/09/06 15:48:29 | 000,847,872 | ---- | C] () -- C:\Windows\SysNative\oleaut32.dll
[2011/09/06 15:48:28 | 002,762,240 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2011/09/06 15:48:27 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2011/09/06 15:48:27 | 000,450,048 | ---- | C] () -- C:\Windows\SysNative\winsrv.dll
[2011/09/06 15:48:27 | 000,407,552 | ---- | C] () -- C:\Windows\SysNative\drivers\afd.sys
[2011/09/06 15:48:27 | 000,344,576 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2011/09/06 15:48:27 | 000,085,504 | ---- | C] () -- C:\Windows\SysNative\csrsrv.dll
[2011/09/06 15:48:26 | 009,272,320 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2011/09/06 15:48:26 | 000,274,432 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2011/09/06 15:48:26 | 000,176,128 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2011/09/06 15:48:26 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2011/09/06 15:48:26 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2011/09/06 15:48:26 | 000,105,984 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2011/09/06 15:48:25 | 012,477,440 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2011/09/06 15:48:23 | 002,339,840 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2011/09/06 15:48:23 | 001,488,384 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2011/09/06 15:48:23 | 001,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2011/09/06 15:48:23 | 001,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2011/09/06 15:48:23 | 000,710,656 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2011/09/06 15:48:23 | 000,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2011/09/06 15:48:23 | 000,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2011/09/06 15:48:23 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2011/09/06 15:48:22 | 001,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2011/09/06 15:48:22 | 001,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2011/09/06 15:48:22 | 000,479,232 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2011/09/06 15:48:22 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2011/09/06 15:48:22 | 000,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2011/09/06 15:48:22 | 000,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2011/09/06 15:48:22 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\drivers\dfsc.sys
[2011/09/06 15:48:22 | 000,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2011/09/06 15:48:22 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2011/09/06 15:48:22 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2011/09/06 15:48:22 | 000,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2011/09/06 15:48:22 | 000,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2011/09/06 15:48:22 | 000,056,832 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll
[2011/09/06 15:48:22 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2011/09/06 15:48:22 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2010/02/18 12:03:58 | 004,059,136 | ---- | C] () -- C:\Program Files (x86)\5000Objects.mdb
[2009/03/20 15:52:46 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2009/02/27 13:40:30 | 002,090,792 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/02/19 12:12:00 | 000,001,460 | ---- | C] () -- C:\Users\Administrator.afognak\AppData\Local\d3d9caps64.dat
[2008/10/02 10:03:36 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\StrStorage.dll
[2008/01/19 06:18:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2008/01/19 01:35:56 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2008/01/18 22:37:50 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2008/01/18 20:17:40 | 000,100,043 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2008/01/18 20:17:40 | 000,018,271 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/18 19:34:08 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/01/05 03:23:28 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/03 11:04:28 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2008/01/03 10:57:53 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >