Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hacker - Backdoor Remote Access

Started by Dbaker80 , Jan 24 2010 08:34 PM

  • Please log in to reply

#1
Dbaker80
Posted 24 January 2010 - 08:34 PM

Dbaker80

    New Member

  • Member
  • Pip
  • 2 posts
Hi, I recently ran into a problem where a hacker obtained control of my pc while I was on it. I used the free version of Avast and after that purchased Malwarebytes Anti-Malware and found that I had a good number of trojans, some keylogger software and other malicious stuff.

It happened again, this time he couldn't take over my computer - just whatever screen I was on even in desktop the hacker kept trying to go to different websites or click other desktop icons, but couldn't. I opened up run/cmd typed in netstat -ano and netstat -n but it didn't give me anything, the hacker then typed one of my old passwords in the command prompt (old password I changed after the first incident).

I just upgraded my avast to the full version, I have all ports blocked, but no sure how he/she keeps getting in. They have control of pc or and mess with pc when I remove network connection as well. I did find I had mIrc downloaded, which I don't remember ever downloading and removed it.

I am wondering how I can keep this from happening anymore, I don't feel to safe while using the computer online but must for school and such. I do notice if I get on facebook, sometimes shortly there after the problem ensues and I am not the only person using my machine anymore.

Thanks, and if you need any info I am more than welcoming to give computer specs and such.

Edited by Dbaker80, 24 January 2010 - 11:20 PM.

  • 0

Advertisements

#2
Dbaker80
Posted 24 January 2010 - 11:25 PM

Dbaker80

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I did a MBAM and OTL Run, and placed the logs below - I did run the GMER but was knocked to blue screen with error = PFN_List_Corrupt and scared to run it again, logs are below (Also, I now have Avast Internet Security Running, will that help keep them out from backdoor access?)

Thanks, Remote Access is not toggled ... I have blocked that, but was still to be infected and even when I take dsl cable out, he/she has access and can type and talk to me if I have a promt up in Mozilla, Word, Google, or Run Command

MBAM =

Malwarebytes' Anti-Malware 1.44
Database version: 3538
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/25/2010 12:02:58 AM
mbam-log-2010-01-25 (00-02-58).txt

Scan type: Quick Scan
Objects scanned: 133886
Time elapsed: 19 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



**** OTL Log ****
OTL logfile created on: 1/25/2010 12:03:25 AM - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = H:\Documents and Settings\Dustin Baker\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 81.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): H:\pagefile.sys 1149 1500 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
C: Drive not present or media not loaded
Drive D: | 306.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 111.78 Gb Total Space | 66.14 Gb Free Space | 59.17% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: JBAK-COMPUTER
Current User Name: Dustin Baker
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/24 23:13:17 | 00,547,328 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Dustin Baker\Desktop\OTL.exe
PRC - [2010/01/19 06:57:44 | 02,743,104 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/01/19 06:57:41 | 00,040,384 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/01/19 06:57:28 | 00,119,200 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2010/01/07 16:07:10 | 00,429,392 | ---- | M] (Malwarebytes Corporation) -- H:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/01/07 16:07:10 | 00,236,368 | ---- | M] (Malwarebytes Corporation) -- H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/05/21 13:01:02 | 17,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- H:\WINDOWS\RTHDCPL.EXE
PRC - [2008/10/02 08:40:06 | 00,066,872 | ---- | M] () -- H:\WINDOWS\system32\PnkBstrA.exe
PRC - [2008/07/23 16:24:26 | 00,002,560 | ---- | M] () -- H:\WINDOWS\Runservice.exe
PRC - [2008/06/10 14:56:31 | 01,406,024 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft IntelliPoint\ipoint.exe
PRC - [2008/06/10 14:56:27 | 00,447,560 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/01/24 23:13:17 | 00,547,328 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Dustin Baker\Desktop\OTL.exe
MOD - [2010/01/19 06:47:18 | 00,122,880 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast5\snxBorder.dll
MOD - [2010/01/19 06:45:48 | 00,135,168 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast5\snxPlugins.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (SAVScan)
SRV - File not found [On_Demand | Stopped] -- -- (navapsvc)
SRV - [2010/01/19 06:57:41 | 00,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- H:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/01/19 06:57:41 | 00,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- H:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/01/19 06:57:41 | 00,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- H:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/01/19 06:57:28 | 00,119,200 | ---- | M] (ALWIL Software) [Auto | Running] -- H:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2010/01/07 16:07:10 | 00,236,368 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/09/06 01:51:14 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- H:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca2ebe79b532a4) Google Update Service (gupdate1ca2ebe79b532a4)
SRV - [2009/03/27 23:33:55 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/11/12 14:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- H:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2008/10/02 08:40:06 | 00,066,872 | ---- | M] () [Auto | Running] -- H:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008/07/23 16:24:26 | 00,002,560 | ---- | M] () [Auto | Running] -- H:\WINDOWS\Runservice.exe -- (LicCtrlService)
SRV - [2007/08/15 19:15:16 | 00,501,048 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- H:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2005/06/02 12:37:50 | 00,068,096 | ---- | M] () [On_Demand | Stopped] -- H:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/11/03 15:43:02 | 00,106,496 | ---- | M] (Intel Corp.) [Auto | Stopped] -- H:\Program Files\Intel\Intel® Active Monitor\imonNT.exe -- (imonNT) Intel®
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2002/10/16 19:56:00 | 00,176,128 | ---- | M] (Executive Software International, Inc.) [On_Demand | Stopped] -- H:\Program Files\Executive Software\DiskeeperLite\DKService.exe -- (Diskeeper)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default = 54 51 D5 14 0A 42 24 46 9B 60 09 C7 9F 59 B2 BE [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Data = C3 17 11 E0 B2 A4 AC 29 3E F1 D7 B3 41 B1 26 5E 77 7F FB 0D C7 48 7E BE 12 BE E1 AD BE 28 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2010/01/24 23:25:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2010/01/24 23:25:20 | 00,000,000 | ---D | M]

[2010/01/24 23:25:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Mozilla\Extensions
[2010/01/24 23:43:22 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Mozilla\Firefox\Profiles\ookrgcab.default\extensions
[2007/04/08 02:05:57 | 00,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Dustin Baker\Application Data\Mozilla\Firefox\Profiles\ookrgcab.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}(2)
[2007/12/26 22:31:03 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- H:\Documents and Settings\Dustin Baker\Application Data\Mozilla\Firefox\Profiles\ookrgcab.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2007/04/08 02:05:58 | 00,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Dustin Baker\Application Data\Mozilla\Firefox\Profiles\ookrgcab.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}(2)
[2010/01/12 02:17:50 | 00,000,000 | ---D | M] (AIM Toolbar) -- H:\Documents and Settings\Dustin Baker\Application Data\Mozilla\Firefox\Profiles\ookrgcab.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2006/01/15 05:38:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Mozilla\Firefox\Profiles\qwo8xdun.default\extensions
[2006/01/15 05:38:29 | 00,000,000 | ---D | M] (Firefox (default)) -- H:\Documents and Settings\Dustin Baker\Application Data\Mozilla\Firefox\Profiles\qwo8xdun.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/01/24 23:43:22 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions
[2007/04/08 02:05:59 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- H:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2006/10/17 01:43:02 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions\[email protected]
[2007/04/08 02:05:59 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
[2007/08/15 19:15:12 | 00,069,632 | ---- | M] () -- H:\Program Files\Mozilla Firefox\plugins\npitunes.dll

O1 HOSTS File: ([2010/01/10 21:27:47 | 00,000,021 | ---- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (no name) - SOFTWARE - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] H:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [IntelliPoint] H:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] H:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] H:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] H:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [RTHDCPL] H:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [igndlm.exe] H:\Program Files\Download Manager\dlm.exe (IGN Entertainment)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - Reg Error: Key error. File not found
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {234B7457-1A7E-4268-BA71-9936F0C78BEC} https://www.contentw...eanup3Proj1.cab (ContentCleanup3X Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} H:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (CDownloadCtrl Object)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1005.cab (MySpace Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E704581-CCAE-46D2-9C64-20D724B3624E} http://radaol-prod-w...agi3.0.84.2.cab (UnagiAx Class)
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} http://launch.gamesp...nch/alaunch.cab (GSDACtl Class)
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} Reg Error: Value error. (XML DOM Document 4.0)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.c...loadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: H:\Documents and Settings\Dustin Baker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: H:\Documents and Settings\Dustin Baker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O29 - HKLM SecurityProviders - (zwebauth.dll) - H:\WINDOWS\System32\ZWebAuth.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2000/06/01 03:39:56 | 00,000,524 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{6fbd9566-35a5-11dc-bd31-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{6fbd9566-35a5-11dc-bd31-806d6172696f}\Shell\adobe\command - "" = goodies\ar405eng.exe
O33 - MountPoints2\{6fbd9566-35a5-11dc-bd31-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6fbd9566-35a5-11dc-bd31-806d6172696f}\Shell\AutoRun\command - "" = D:\aocsetup.exe -- [2001/07/20 19:29:50 | 00,553,017 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{6fbd9566-35a5-11dc-bd31-806d6172696f}\Shell\log\command - "" = D:\goodies\machine\machine.exe -- [2000/08/30 17:07:26 | 00,262,144 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{6fbd9566-35a5-11dc-bd31-806d6172696f}\Shell\machine\command - "" = D:\GOODIES\MACHINE\MACHINE.EXE -- [2000/08/30 17:07:26 | 00,262,144 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{6fbd9566-35a5-11dc-bd31-806d6172696f}\Shell\setup\command - "" = D:\aocsetup.exe -- [2001/07/20 19:29:50 | 00,553,017 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{6fbd9566-35a5-11dc-bd31-806d6172696f}\Shell\zone\command - "" = D:\GOODIES\MSZONE\ZONEA660.EXE -- [2000/04/05 17:44:16 | 06,928,087 | R--- | M] ()
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\adobe\command - "" = goodies\ar405eng.exe
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\aocsetup.exe -- [2001/07/20 19:29:50 | 00,553,017 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\D\Shell\log\command - "" = D:\goodies\machine\machine.exe -- [2000/08/30 17:07:26 | 00,262,144 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\D\Shell\machine\command - "" = D:\GOODIES\MACHINE\MACHINE.EXE -- [2000/08/30 17:07:26 | 00,262,144 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\D\Shell\setup\command - "" = D:\aocsetup.exe -- [2001/07/20 19:29:50 | 00,553,017 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\D\Shell\zone\command - "" = D:\GOODIES\MSZONE\ZONEA660.EXE -- [2000/04/05 17:44:16 | 06,928,087 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

File not found -- H:\Documents and Settings\Dustin Baker\Desktop\2008Probowl[1].mkv.
[2010/01/24 23:24:19 | 08,327,264 | ---- | C] (Mozilla) -- H:\Documents and Settings\Dustin Baker\Desktop\Firefox Setup 3.6.exe
[2010/01/24 23:13:17 | 00,547,328 | ---- | C] (OldTimer Tools) -- H:\Documents and Settings\Dustin Baker\Desktop\OTL.exe
[2010/01/24 22:52:11 | 00,439,808 | ---- | C] (OldTimer Tools) -- H:\Documents and Settings\Dustin Baker\Desktop\TFC.exe
[2010/01/24 20:33:13 | 00,162,640 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswSP.sys
[2010/01/24 20:33:13 | 00,019,024 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/01/24 20:33:12 | 00,269,904 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswSnx.sys
[2010/01/24 20:33:10 | 00,103,120 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswFW.sys
[2010/01/24 20:32:53 | 00,194,640 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswNdis2.sys
[2010/01/24 20:32:53 | 00,023,248 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswRdr.sys
[2010/01/24 20:32:52 | 00,046,544 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswTdi.sys
[2010/01/24 20:32:51 | 00,100,304 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswmon2.sys
[2010/01/24 20:32:51 | 00,094,672 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswmon.sys
[2010/01/24 20:32:44 | 00,028,240 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aavmker4.sys
[2010/01/24 20:32:14 | 00,152,672 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\aswBoot.exe
[2010/01/24 20:32:14 | 00,038,848 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\avastSS.scr
[2010/01/24 20:32:14 | 00,012,112 | ---- | C] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswNdis.sys
[2010/01/24 18:55:21 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/01/24 18:29:25 | 00,000,000 | ---D | C] -- H:\Program Files\msn gaming zone
[2010/01/24 17:04:50 | 00,000,000 | ---D | C] -- H:\Program Files\Bethesda Softworks
[2010/01/22 21:17:17 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/01/22 21:17:14 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Dustin Baker\Application Data\Office Genuine Advantage
[2010/01/22 18:46:46 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\zh-TW
[2010/01/22 18:46:46 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\zh-HK
[2010/01/22 18:46:46 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\tr-TR
[2010/01/22 18:46:46 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\sv-SE
[2010/01/22 18:46:46 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\pt-BR
[2010/01/22 18:46:46 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\nl-NL
[2010/01/22 18:46:46 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\nb-NO
[2010/01/22 18:46:45 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\ko-KR
[2010/01/22 18:46:45 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\it-IT
[2010/01/22 18:46:45 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\he-IL
[2010/01/22 18:46:45 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\fr-FR
[2010/01/22 18:46:45 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\fi-FI
[2010/01/22 18:46:45 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\es-ES
[2010/01/22 18:46:45 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\el-GR
[2010/01/22 18:46:45 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\de-DE
[2010/01/22 18:46:45 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\da-DK
[2010/01/22 18:46:44 | 00,000,000 | ---D | C] -- H:\WINDOWS\System32\ar-SA
[2010/01/10 21:56:53 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- H:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/10 21:56:52 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- H:\WINDOWS\System32\drivers\mbam.sys
[2009/12/20 00:11:19 | 00,000,000 | ---D | C] -- H:\My Recordings
[2009/04/06 05:58:14 | 00,000,000 | ---D | M] -- H:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/04/05 15:05:36 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/01/18 01:36:44 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Application Data\Mozilla
[2007/11/09 14:37:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
[2007/08/12 15:05:47 | 00,254,000 | R--- | C] ( ) -- H:\WINDOWS\System32\Audio3D.dll
[2006/09/26 18:37:19 | 00,000,000 | --SD | M] -- H:\Documents and Settings\LocalService\Application Data\Microsoft
[2004/10/22 01:43:30 | 16,706,160 | ---- | C] (Netopsystems AG) -- H:\Program Files\AdbeRdr60_enu_full.exe
[2004/10/15 21:37:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2004/05/30 00:09:51 | 00,254,000 | R--- | C] ( ) -- H:\WINDOWS\System32\A3D.dll
[2004/05/29 13:07:27 | 00,000,000 | ---D | M] -- H:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2004/05/29 13:03:44 | 00,000,000 | --SD | M] -- H:\Documents and Settings\NetworkService\Application Data\Microsoft
[1 H:\WINDOWS\Fonts\*.tmp files -> H:\WINDOWS\Fonts\*.tmp -> ]
[1 H:\Documents and Settings\Dustin Baker\My Documents\*.tmp files -> H:\Documents and Settings\Dustin Baker\My Documents\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

File not found -- H:\Documents and Settings\Dustin Baker\Desktop\2008Probowl[1].mkv.
[2010/01/24 23:25:25 | 00,001,602 | ---- | M] () -- H:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/24 23:24:55 | 08,327,264 | ---- | M] (Mozilla) -- H:\Documents and Settings\Dustin Baker\Desktop\Firefox Setup 3.6.exe
[2010/01/24 23:20:45 | 00,001,374 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2010/01/24 23:20:45 | 00,000,868 | ---- | M] () -- H:\WINDOWS\tasks\Google Software Updater.job
[2010/01/24 23:20:45 | 00,000,236 | ---- | M] () -- H:\WINDOWS\tasks\OGALogon.job
[2010/01/24 23:20:44 | 00,000,882 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/24 23:20:35 | 00,001,057 | ---- | M] () -- H:\WINDOWS\System32\mmf.sys
[2010/01/24 23:20:28 | 00,000,006 | -H-- | M] () -- H:\WINDOWS\tasks\SA.DAT
[2010/01/24 23:20:23 | 00,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2010/01/24 23:20:22 | 29,512,70400 | -HS- | M] () -- H:\hiberfil.sys
[2010/01/24 23:16:33 | 00,000,886 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/24 23:13:17 | 00,547,328 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Dustin Baker\Desktop\OTL.exe
[2010/01/24 23:02:38 | 00,000,278 | -HS- | M] () -- H:\Documents and Settings\Dustin Baker\ntuser.ini
[2010/01/24 22:52:12 | 00,439,808 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Dustin Baker\Desktop\TFC.exe
[2010/01/24 20:33:40 | 09,961,472 | ---- | M] () -- H:\Documents and Settings\Dustin Baker\ntuser.dat
[2010/01/24 20:33:13 | 00,001,700 | ---- | M] () -- H:\Documents and Settings\All Users\Desktop\avast! Internet Security.lnk
[2010/01/24 20:32:51 | 00,002,626 | ---- | M] () -- H:\WINDOWS\System32\CONFIG.NT
[2010/01/24 18:39:38 | 00,000,924 | ---- | M] () -- H:\Documents and Settings\Dustin Baker\My Documents\My Sharing Folders.lnk
[2010/01/24 17:25:37 | 00,001,805 | ---- | M] () -- H:\Documents and Settings\All Users\Desktop\Oblivion.lnk
[2010/01/24 02:43:00 | 00,000,454 | ---- | M] () -- H:\WINDOWS\tasks\Driver Robot.job
[2010/01/23 18:22:07 | 00,000,456 | ---- | M] () -- H:\WINDOWS\tasks\ParetoLogic Registration.job
[2010/01/19 08:13:58 | 00,162,640 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswSP.sys
[2010/01/19 06:57:59 | 00,038,848 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\avastSS.scr
[2010/01/19 06:57:39 | 00,152,672 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\aswBoot.exe
[2010/01/19 06:48:19 | 00,103,120 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswFW.sys
[2010/01/19 06:48:02 | 00,269,904 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswSnx.sys
[2010/01/19 06:47:42 | 00,194,640 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswNdis2.sys
[2010/01/19 06:46:52 | 00,046,544 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswTdi.sys
[2010/01/19 06:43:40 | 00,023,248 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswRdr.sys
[2010/01/19 06:43:12 | 00,100,304 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswmon2.sys
[2010/01/19 06:43:08 | 00,094,672 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswmon.sys
[2010/01/19 06:42:57 | 00,019,024 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/01/19 06:42:40 | 00,028,240 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aavmker4.sys
[2010/01/16 02:54:23 | 01,579,828 | -H-- | M] () -- H:\Documents and Settings\Dustin Baker\Local Settings\Application Data\IconCache.db
[2010/01/13 09:15:56 | 00,001,374 | ---- | M] () -- H:\WINDOWS\imsins.BAK
[2010/01/10 23:20:22 | 00,000,520 | ---- | M] () -- H:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for Dustin Baker.job
[2010/01/10 23:20:22 | 00,000,506 | ---- | M] () -- H:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Dustin Baker.job
[2010/01/10 21:56:56 | 00,000,696 | ---- | M] () -- H:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/10 21:42:12 | 00,000,552 | ---- | M] () -- H:\WINDOWS\System32\d3d8caps.dat
[2010/01/10 21:27:48 | 00,002,106 | ---- | M] () -- H:\WINDOWS\System32\tmp.reg
[2010/01/09 16:22:02 | 00,012,112 | ---- | M] (ALWIL Software) -- H:\WINDOWS\System32\drivers\aswNdis.sys
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- H:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- H:\WINDOWS\System32\drivers\mbam.sys
[2010/01/02 21:39:44 | 00,000,456 | -H-- | M] () -- H:\IPH.PH
[2010/01/01 20:00:00 | 00,000,544 | ---- | M] () -- H:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
[2010/01/01 15:00:00 | 00,000,460 | ---- | M] () -- H:\WINDOWS\tasks\Norton Security Scan.job
[2009/12/19 11:35:37 | 00,034,816 | ---- | M] () -- H:\Documents and Settings\Dustin Baker\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/15 11:24:48 | 00,293,376 | ---- | M] () -- H:\Documents and Settings\Dustin Baker\Desktop\gmer.exe
[2009/12/12 11:21:58 | 00,555,334 | ---- | M] () -- H:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/12 11:21:58 | 00,468,746 | ---- | M] () -- H:\WINDOWS\System32\perfh009.dat
[2009/12/12 11:21:58 | 00,079,352 | ---- | M] () -- H:\WINDOWS\System32\perfc009.dat
[2009/12/06 01:32:54 | 00,019,968 | ---- | M] () -- H:\Documents and Settings\Dustin Baker\Desktop\Gift of Faith.doc
[2009/11/21 10:51:42 | 01,206,508 | ---- | M] () -- H:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/11/12 22:21:13 | 00,020,992 | ---- | M] () -- H:\Documents and Settings\Dustin Baker\My Documents\Hey Stevie.doc
[2009/11/11 18:59:05 | 00,243,128 | ---- | M] () -- H:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/11 08:37:05 | 00,000,808 | ---- | M] () -- H:\WINDOWS\win.ini
[1 H:\Documents and Settings\Dustin Baker\My Documents\*.tmp files -> H:\Documents and Settings\Dustin Baker\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/24 23:25:25 | 00,001,602 | ---- | C] () -- H:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/24 20:33:13 | 00,001,700 | ---- | C] () -- H:\Documents and Settings\All Users\Desktop\avast! Internet Security.lnk
[2010/01/24 18:29:24 | 29,512,70400 | -HS- | C] () -- H:\hiberfil.sys
[2010/01/24 17:25:37 | 00,001,805 | ---- | C] () -- H:\Documents and Settings\All Users\Desktop\Oblivion.lnk
[2010/01/22 18:46:55 | 00,000,236 | ---- | C] () -- H:\WINDOWS\tasks\OGALogon.job
[2010/01/10 23:20:09 | 00,000,520 | ---- | C] () -- H:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for Dustin Baker.job
[2010/01/10 23:20:05 | 00,000,506 | ---- | C] () -- H:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Dustin Baker.job
[2010/01/10 21:56:56 | 00,000,696 | ---- | C] () -- H:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/10 21:42:12 | 00,000,552 | ---- | C] () -- H:\WINDOWS\System32\d3d8caps.dat
[2010/01/02 21:39:19 | 00,000,456 | -H-- | C] () -- H:\IPH.PH
[2009/12/15 11:24:48 | 00,293,376 | ---- | C] () -- H:\Documents and Settings\Dustin Baker\Desktop\gmer.exe
[2009/12/06 18:26:33 | 00,380,928 | ---- | C] () -- H:\WINDOWS\System32\actskin4.ocx
[2009/12/06 01:32:54 | 00,019,968 | ---- | C] () -- H:\Documents and Settings\Dustin Baker\Desktop\Gift of Faith.doc
[2009/11/12 22:12:58 | 00,020,992 | ---- | C] () -- H:\Documents and Settings\Dustin Baker\My Documents\Hey Stevie.doc
[2009/09/27 00:32:54 | 00,339,968 | ---- | C] () -- H:\WINDOWS\System32\pythoncom25.dll
[2009/09/27 00:32:54 | 00,114,688 | ---- | C] () -- H:\WINDOWS\System32\pywintypes25.dll
[2009/09/24 00:39:24 | 00,000,023 | ---- | C] () -- H:\WINDOWS\BlendSettings.ini
[2009/08/03 15:07:42 | 00,403,816 | ---- | C] () -- H:\WINDOWS\System32\OGACheckControl.dll
[2008/11/21 16:47:52 | 03,596,288 | ---- | C] () -- H:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 16:45:16 | 00,000,416 | ---- | C] () -- H:\WINDOWS\System32\dtu100.dll.manifest
[2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- H:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- H:\WINDOWS\System32\AgCPanelFrench.dll
[2008/10/02 08:40:19 | 00,022,328 | ---- | C] () -- H:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/07/23 16:24:28 | 00,001,057 | -HS- | C] () -- H:\WINDOWS\System32\mmf(2)(2).sys
[2008/07/23 16:24:28 | 00,001,057 | ---- | C] () -- H:\WINDOWS\System32\mmf.sys
[2008/07/23 16:24:28 | 00,001,057 | ---- | C] () -- H:\WINDOWS\System32\mmf(5)(2).sys
[2008/07/23 16:24:28 | 00,001,057 | ---- | C] () -- H:\WINDOWS\System32\mmf(4)(2).sys
[2008/07/23 16:24:28 | 00,001,057 | ---- | C] () -- H:\WINDOWS\System32\mmf(3)(2).sys
[2008/07/23 16:24:28 | 00,001,057 | ---- | C] () -- H:\WINDOWS\System32\mmf(2)(3).sys
[2008/07/23 16:24:26 | 00,048,640 | ---- | C] () -- H:\WINDOWS\mmfs.dll
[2008/03/11 19:52:12 | 01,566,325 | -HS- | C] () -- H:\WINDOWS\System32\fjrycxqb.ini
[2008/03/11 16:32:32 | 00,961,326 | -HS- | C] () -- H:\WINDOWS\System32\wufelfst.ini
[2008/03/09 23:28:27 | 01,103,276 | -HS- | C] () -- H:\WINDOWS\System32\xhflpqny.ini
[2008/03/09 20:30:05 | 00,968,506 | -HS- | C] () -- H:\WINDOWS\System32\oqmeekhk.ini
[2008/03/09 13:37:19 | 00,968,368 | -HS- | C] () -- H:\WINDOWS\System32\ntmbtvmj.ini
[2008/03/09 03:20:14 | 00,968,266 | -HS- | C] () -- H:\WINDOWS\System32\annmbvib.ini
[2008/03/08 22:05:44 | 00,968,128 | -HS- | C] () -- H:\WINDOWS\System32\eqhauoql.ini
[2008/03/08 13:55:57 | 00,968,017 | -HS- | C] () -- H:\WINDOWS\System32\dyxujygp.ini
[2008/03/07 23:35:06 | 00,967,897 | -HS- | C] () -- H:\WINDOWS\System32\qsyrhbfy.ini
[2008/03/07 14:40:51 | 00,971,571 | -HS- | C] () -- H:\WINDOWS\System32\bsbvsbcx.ini
[2008/03/06 23:01:01 | 00,971,705 | -HS- | C] () -- H:\WINDOWS\System32\pxiuocxi.ini
[2008/03/06 14:41:28 | 00,974,674 | -HS- | C] () -- H:\WINDOWS\System32\qcaxcspr.ini
[2008/03/05 20:31:37 | 00,969,396 | -HS- | C] () -- H:\WINDOWS\System32\mqhgydlg.ini
[2008/03/05 15:37:22 | 01,025,390 | -HS- | C] () -- H:\WINDOWS\System32\ltoqgonx.ini
[2008/03/05 02:45:27 | 01,005,868 | -HS- | C] () -- H:\WINDOWS\System32\lfdqmhkt.ini
[2008/03/04 22:23:57 | 01,005,739 | -HS- | C] () -- H:\WINDOWS\System32\dngpmkbn.ini
[2008/03/04 15:58:55 | 01,014,160 | -HS- | C] () -- H:\WINDOWS\System32\xipfckft.ini
[2008/03/03 22:19:56 | 01,009,081 | -HS- | C] () -- H:\WINDOWS\System32\kcilhbbx.ini
[2008/03/03 19:35:16 | 01,008,952 | -HS- | C] () -- H:\WINDOWS\System32\vaenkckt.ini
[2008/03/03 14:42:52 | 01,008,832 | -HS- | C] () -- H:\WINDOWS\System32\siopurtl.ini
[2008/03/02 12:39:49 | 01,112,438 | -HS- | C] () -- H:\WINDOWS\System32\djgjhgro.ini
[2008/03/02 00:34:26 | 01,007,599 | -HS- | C] () -- H:\WINDOWS\System32\wvqfxxam.ini
[2008/03/01 20:56:11 | 01,012,481 | -HS- | C] () -- H:\WINDOWS\System32\rrrnoenm.ini
[2008/03/01 13:11:48 | 01,012,361 | -HS- | C] () -- H:\WINDOWS\System32\jpyvkcdw.ini
[2008/03/01 02:00:19 | 01,012,250 | -HS- | C] () -- H:\WINDOWS\System32\gaiciyrd.ini
[2008/02/29 17:34:29 | 01,019,919 | -HS- | C] () -- H:\WINDOWS\System32\blrkcirf.ini
[2008/02/29 12:05:06 | 01,131,685 | -HS- | C] () -- H:\WINDOWS\System32\ikeyayna.ini
[2008/02/28 22:01:44 | 01,016,514 | -HS- | C] () -- H:\WINDOWS\System32\pnknjsbu.ini
[2008/02/28 14:34:33 | 01,028,364 | -HS- | C] () -- H:\WINDOWS\System32\mvacnkvt.ini
[2008/02/27 23:07:36 | 01,023,415 | -HS- | C] () -- H:\WINDOWS\System32\petwjyfi.ini
[2008/02/27 14:12:52 | 01,030,457 | -HS- | C] () -- H:\WINDOWS\System32\qpnoedtx.ini
[2008/02/26 21:42:33 | 01,027,426 | -HS- | C] () -- H:\WINDOWS\System32\vweqypjw.ini
[2008/02/26 14:28:39 | 01,031,656 | -HS- | C] () -- H:\WINDOWS\System32\keslxipk.ini
[2008/02/25 22:24:08 | 01,025,243 | -HS- | C] () -- H:\WINDOWS\System32\pyocnpxt.ini
[2008/02/25 18:44:13 | 01,028,204 | -HS- | C] () -- H:\WINDOWS\System32\eemcuqth.ini
[2008/02/25 14:51:58 | 01,111,397 | -HS- | C] () -- H:\WINDOWS\System32\jksreqdq.ini
[2008/02/24 17:41:26 | 01,087,088 | -HS- | C] () -- H:\WINDOWS\System32\gltdqsqg.ini
[2008/02/24 12:55:51 | 01,086,968 | -HS- | C] () -- H:\WINDOWS\System32\maifcnfq.ini
[2008/02/23 23:59:50 | 01,086,839 | -HS- | C] () -- H:\WINDOWS\System32\eowddapb.ini
[2008/02/23 12:12:37 | 01,086,737 | -HS- | C] () -- H:\WINDOWS\System32\dsxfvtge.ini
[2008/02/22 23:29:00 | 01,086,599 | -HS- | C] () -- H:\WINDOWS\System32\yrdaphxd.ini
[2008/02/22 14:49:21 | 01,086,488 | -HS- | C] () -- H:\WINDOWS\System32\spvgkhmh.ini
[2008/02/21 14:35:09 | 01,107,418 | -HS- | C] () -- H:\WINDOWS\System32\hehdqyvs.ini
[2008/02/20 22:19:01 | 01,192,782 | -HS- | C] () -- H:\WINDOWS\System32\vtsrxlqe.ini
[2008/02/20 21:08:26 | 01,225,030 | -HS- | C] () -- H:\WINDOWS\System32\gueekylv.ini
[2008/02/20 15:33:40 | 01,212,504 | -HS- | C] () -- H:\WINDOWS\System32\vadgyopm.ini
[2008/02/19 22:56:38 | 01,212,084 | -HS- | C] () -- H:\WINDOWS\System32\vgxtjbgw.ini
[2008/02/19 16:26:27 | 01,240,460 | -HS- | C] () -- H:\WINDOWS\System32\bglbnsed.ini
[2008/02/18 20:25:05 | 01,239,660 | -HS- | C] () -- H:\WINDOWS\System32\bjroswsp.ini
[2008/02/18 14:45:13 | 01,239,522 | -HS- | C] () -- H:\WINDOWS\System32\jqdaldfr.ini
[2008/02/17 16:20:50 | 01,249,524 | -HS- | C] () -- H:\WINDOWS\System32\giquyesi.ini
[2008/02/17 14:48:31 | 01,249,367 | -HS- | C] () -- H:\WINDOWS\System32\yydxgttf.ini
[2008/02/17 03:54:29 | 01,249,256 | -HS- | C] () -- H:\WINDOWS\System32\pvgsbbye.ini
[2008/02/17 01:21:51 | 01,249,136 | -HS- | C] () -- H:\WINDOWS\System32\kmunwibp.ini
[2008/02/16 18:27:08 | 01,249,017 | -HS- | C] () -- H:\WINDOWS\System32\ypsfhale.ini
[2008/02/16 11:08:32 | 01,248,896 | -HS- | C] () -- H:\WINDOWS\System32\mgitjaqi.ini
[2008/02/15 22:35:44 | 01,248,767 | -HS- | C] () -- H:\WINDOWS\System32\fuwmrlui.ini
[2008/02/15 16:25:04 | 01,248,656 | -HS- | C] () -- H:\WINDOWS\System32\qfvnfuwa.ini
[2008/02/14 19:58:14 | 01,242,420 | -HS- | C] () -- H:\WINDOWS\System32\etvloeey.ini
[2008/02/14 15:03:57 | 01,242,300 | -HS- | C] () -- H:\WINDOWS\System32\msktgcro.ini
[2007/11/15 02:35:57 | 00,000,135 | ---- | C] () -- H:\Documents and Settings\Dustin Baker\Local Settings\Application Data\fusioncache.dat
[2007/10/25 13:26:01 | 00,007,566 | -HS- | C] () -- H:\WINDOWS\System32\efhkj.ini
[2007/10/25 13:24:51 | 00,231,094 | -HS- | C] () -- H:\WINDOWS\System32\efhkj.ini2
[2007/08/30 21:22:41 | 00,002,362 | -HS- | C] () -- H:\WINDOWS\System32\noswchwf.ini
[2007/08/29 19:38:07 | 00,000,645 | -HS- | C] () -- H:\WINDOWS\System32\axfchmoc.ini
[2007/08/28 19:40:19 | 00,000,465 | -HS- | C] () -- H:\WINDOWS\System32\ddaubyfl.ini
[2007/08/27 19:38:51 | 01,266,610 | -HS- | C] () -- H:\WINDOWS\System32\gvafygtl.ini
[2007/08/12 15:05:25 | 00,057,344 | ---- | C] () -- H:\WINDOWS\System32\UnEnvyNT.dll
[2007/08/10 01:10:42 | 00,000,922 | -HS- | C] () -- H:\WINDOWS\System32\wahgnlxr.ini
[2007/08/09 20:25:55 | 00,996,732 | -HS- | C] () -- H:\WINDOWS\System32\srlcfynf.ini
[2007/08/09 16:45:28 | 01,150,107 | -HS- | C] () -- H:\WINDOWS\System32\xlgmjxxy.ini
[2007/08/09 15:03:30 | 01,130,243 | -HS- | C] () -- H:\WINDOWS\System32\fpcwpmjy.ini
[2007/08/09 03:06:19 | 01,130,069 | -HS- | C] () -- H:\WINDOWS\System32\wrugaxag.ini
[2007/08/09 02:54:29 | 01,153,857 | -HS- | C] () -- H:\WINDOWS\System32\yxxqvyfo.ini
[2007/08/09 02:43:43 | 01,138,989 | -HS- | C] () -- H:\WINDOWS\System32\ihxojpxr.ini
[2007/08/08 21:24:52 | 01,138,869 | -HS- | C] () -- H:\WINDOWS\System32\cdhjwitj.ini
[2007/08/08 20:17:09 | 01,138,767 | -HS- | C] () -- H:\WINDOWS\System32\imrlyqrv.ini
[2007/08/08 19:31:44 | 01,138,629 | -HS- | C] () -- H:\WINDOWS\System32\vdlxhrbr.ini
[2007/08/08 19:02:47 | 01,138,510 | -HS- | C] () -- H:\WINDOWS\System32\lcrchdwc.ini
[2007/08/08 18:22:52 | 01,207,663 | -HS- | C] () -- H:\WINDOWS\System32\pfogewdl.ini
[2007/08/08 14:52:14 | 01,201,279 | -HS- | C] () -- H:\WINDOWS\System32\yklxfoim.ini
[2007/08/08 02:33:07 | 01,201,141 | -HS- | C] () -- H:\WINDOWS\System32\qciucfcb.ini
[2007/08/07 19:45:24 | 01,201,031 | -HS- | C] () -- H:\WINDOWS\System32\iksmmqhg.ini
[2007/08/07 14:45:59 | 01,200,911 | -HS- | C] () -- H:\WINDOWS\System32\hbewlkfj.ini
[2007/08/06 22:34:23 | 01,204,147 | -HS- | C] () -- H:\WINDOWS\System32\uvanfuey.ini
[2007/08/06 14:44:11 | 01,205,948 | -HS- | C] () -- H:\WINDOWS\System32\nulhppvg.ini
[2007/08/05 21:55:32 | 01,205,829 | -HS- | C] () -- H:\WINDOWS\System32\ivnfycdn.ini
[2007/08/05 16:29:54 | 01,205,700 | -HS- | C] () -- H:\WINDOWS\System32\rjnnyfqe.ini
[2007/08/05 12:17:56 | 01,205,590 | -HS- | C] () -- H:\WINDOWS\System32\boduqtwf.ini
[2007/08/05 02:14:33 | 00,001,124 | -HS- | C] () -- H:\WINDOWS\System32\aqwsmnnv.ini
[2007/08/04 15:58:05 | 01,488,636 | -HS- | C] () -- H:\WINDOWS\System32\gtoodcig.ini
[2007/08/04 02:02:58 | 01,497,872 | -HS- | C] () -- H:\WINDOWS\System32\xabhipft.ini
[2007/08/03 15:21:05 | 01,505,812 | -HS- | C] () -- H:\WINDOWS\System32\ukmhtgel.ini
[2007/08/02 22:25:43 | 01,523,623 | -HS- | C] () -- H:\WINDOWS\System32\nnertjsk.ini
[2007/08/01 19:28:56 | 01,303,992 | -HS- | C] () -- H:\WINDOWS\System32\bqxliblc.ini
[2007/08/01 14:34:24 | 00,101,004 | -HS- | C] () -- H:\WINDOWS\System32\ccciuxpe.ini
[2007/08/01 04:23:27 | 00,028,818 | -HS- | C] () -- H:\WINDOWS\System32\kwhxodaa.ini
[2007/07/31 21:14:35 | 00,004,042 | -HS- | C] () -- H:\WINDOWS\System32\spdcrkiu.ini
[2007/07/31 18:35:56 | 00,066,043 | -HS- | C] () -- H:\WINDOWS\System32\jhsbwcmg.ini
[2007/07/31 07:12:27 | 00,014,688 | -HS- | C] () -- H:\WINDOWS\System32\gicnlgjc.ini
[2007/07/30 19:18:37 | 00,003,393 | -HS- | C] () -- H:\WINDOWS\System32\amvhonkx.ini
[2007/07/30 14:10:52 | 00,065,775 | -HS- | C] () -- H:\WINDOWS\System32\qythogwi.ini
[2007/07/30 05:18:25 | 00,003,153 | -HS- | C] () -- H:\WINDOWS\System32\wrjfxphe.ini
[2007/07/29 21:10:19 | 00,003,033 | -HS- | C] () -- H:\WINDOWS\System32\strxbelm.ini
[2007/07/29 17:30:47 | 00,002,914 | -HS- | C] () -- H:\WINDOWS\System32\ynseimqd.ini
[2007/07/29 04:28:41 | 00,002,793 | -HS- | C] () -- H:\WINDOWS\System32\vigixwgs.ini
[2007/07/28 16:26:41 | 00,002,673 | -HS- | C] () -- H:\WINDOWS\System32\fdedeohg.ini
[2007/07/28 09:58:31 | 00,002,554 | -HS- | C] () -- H:\WINDOWS\System32\nudlnfll.ini
[2007/07/28 01:34:08 | 00,002,434 | -HS- | C] () -- H:\WINDOWS\System32\qpjicyoc.ini
[2007/07/27 22:04:41 | 00,002,314 | -HS- | C] () -- H:\WINDOWS\System32\kgudakpb.ini
[2007/07/27 18:56:26 | 00,002,193 | -HS- | C] () -- H:\WINDOWS\System32\avrocahw.ini
[2007/07/27 11:02:05 | 00,065,386 | -HS- | C] () -- H:\WINDOWS\System32\umkgqusu.ini
[2007/07/26 19:47:44 | 00,001,619 | -HS- | C] () -- H:\WINDOWS\System32\vhbicjdr.ini
[2007/07/26 16:33:00 | 00,001,499 | -HS- | C] () -- H:\WINDOWS\System32\jbtfvfja.ini
[2007/07/26 14:13:46 | 00,001,380 | -HS- | C] () -- H:\WINDOWS\System32\srgscndl.ini
[2007/07/25 12:21:16 | 01,216,482 | -HS- | C] () -- H:\WINDOWS\System32\pxdlaqwv.ini
[2007/07/24 21:07:32 | 00,000,805 | -HS- | C] () -- H:\WINDOWS\System32\mbtloekd.ini
[2007/07/24 15:55:31 | 00,782,675 | -HS- | C] () -- H:\WINDOWS\System32\vpeocigb.ini
[2007/07/24 00:23:54 | 00,734,515 | -HS- | C] () -- H:\WINDOWS\System32\cvlnytmk.ini
[2007/07/23 18:48:55 | 00,734,395 | -HS- | C] () -- H:\WINDOWS\System32\ailvuwmi.ini
[2007/07/23 15:45:28 | 00,752,917 | -HS- | C] () -- H:\WINDOWS\System32\jnqfrbul.ini
[2007/07/22 17:05:32 | 00,739,480 | -HS- | C] () -- H:\WINDOWS\System32\qioydljb.ini
[2007/07/21 19:05:19 | 00,739,361 | -HS- | C] () -- H:\WINDOWS\System32\eojkaokd.ini
[2007/07/21 12:49:54 | 00,739,240 | -HS- | C] () -- H:\WINDOWS\System32\gioburvc.ini
[2007/07/21 05:33:42 | 00,739,120 | -HS- | C] () -- H:\WINDOWS\System32\oranljjf.ini
[2007/07/21 03:08:41 | 00,739,001 | -HS- | C] () -- H:\WINDOWS\System32\xultewca.ini
[2007/07/20 23:31:23 | 00,738,881 | -HS- | C] () -- H:\WINDOWS\System32\libkqkxd.ini
[2007/07/20 19:40:30 | 00,759,101 | -HS- | C] () -- H:\WINDOWS\System32\mojplwli.ini
[2007/07/19 23:09:18 | 00,745,701 | -HS- | C] () -- H:\WINDOWS\System32\ytjtpwvr.ini
[2007/07/19 12:45:08 | 00,745,582 | -HS- | C] () -- H:\WINDOWS\System32\smauvvcu.ini
[2007/07/18 22:11:07 | 00,749,204 | -HS- | C] () -- H:\WINDOWS\System32\lkwnsesv.ini
[2007/07/18 21:03:40 | 00,785,325 | -HS- | C] () -- H:\WINDOWS\System32\yfxducee.ini
[2007/07/18 15:23:47 | 00,928,038 | -HS- | C] () -- H:\WINDOWS\System32\kjjfvdbc.ini
[2007/07/17 19:09:48 | 00,951,792 | -HS- | C] () -- H:\WINDOWS\System32\kurmcbvx.ini
[2007/07/17 14:37:27 | 00,951,672 | -HS- | C] () -- H:\WINDOWS\System32\pfflthgf.ini
[2007/07/16 20:15:52 | 00,951,553 | -HS- | C] () -- H:\WINDOWS\System32\ifhuxarf.ini
[2007/07/16 13:41:56 | 00,984,728 | -HS- | C] () -- H:\WINDOWS\System32\trmkfpqw.ini
[2007/07/16 04:03:32 | 00,975,563 | -HS- | C] () -- H:\WINDOWS\System32\gfrxumtk.ini
[2007/07/16 01:54:17 | 00,975,442 | -HS- | C] () -- H:\WINDOWS\System32\trlejsqg.ini
[2007/07/15 19:28:17 | 00,975,692 | -HS- | C] () -- H:\WINDOWS\System32\hdhssxkw.ini
[2007/07/15 15:57:09 | 00,975,340 | -HS- | C] () -- H:\WINDOWS\System32\tcqmhhfq.ini
[2007/07/15 10:38:49 | 00,975,202 | -HS- | C] () -- H:\WINDOWS\System32\fjtunama.ini
[2007/07/15 05:47:36 | 00,975,083 | -HS- | C] () -- H:\WINDOWS\System32\qycmngxm.ini
[2007/07/15 01:19:52 | 01,036,380 | -HS- | C] () -- H:\WINDOWS\System32\bdbwvakm.ini
[2007/07/15 01:00:00 | 01,409,741 | -HS- | C] () -- H:\WINDOWS\System32\fjdwwbql.ini
[2007/07/14 08:40:12 | 01,138,883 | -HS- | C] () -- H:\WINDOWS\System32\raqifcem.ini
[2007/07/14 01:54:40 | 01,138,753 | -HS- | C] () -- H:\WINDOWS\System32\irmevabh.ini
[2007/07/14 01:28:35 | 01,138,633 | -HS- | C] () -- H:\WINDOWS\System32\fxcytktg.ini
[2007/07/13 07:09:14 | 01,138,540 | -HS- | C] () -- H:\WINDOWS\System32\qkstppmr.ini
[2007/07/13 06:56:34 | 01,138,393 | -HS- | C] () -- H:\WINDOWS\System32\gqtuljma.ini
[2007/07/12 15:38:10 | 01,138,274 | -HS- | C] () -- H:\WINDOWS\System32\njxltdsk.ini
[2007/07/12 15:09:55 | 01,176,652 | -HS- | C] () -- H:\WINDOWS\System32\wswmdlaq.ini
[2007/07/12 14:57:37 | 01,103,240 | -HS- | C] () -- H:\WINDOWS\System32\csakvsbi.ini
[2007/07/12 14:17:56 | 01,103,121 | -HS- | C] () -- H:\WINDOWS\System32\meyjukuv.ini
[2007/07/12 14:08:10 | 01,103,001 | -HS- | C] () -- H:\WINDOWS\System32\etiyynoy.ini
[2007/07/12 12:02:32 | 01,102,881 | -HS- | C] () -- H:\WINDOWS\System32\jjrexcar.ini
[2007/07/12 11:58:03 | 01,102,760 | -HS- | C] () -- H:\WINDOWS\System32\qptqyoqf.ini
[2007/07/10 02:08:12 | 01,102,641 | -HS- | C] () -- H:\WINDOWS\System32\mwonbhcy.ini
[2007/07/09 18:54:39 | 01,014,568 | -HS- | C] () -- H:\WINDOWS\System32\esjunwyi.ini
[2007/07/09 15:10:09 | 01,014,481 | -HS- | C] () -- H:\WINDOWS\System32\hdiraqld.ini
[2007/07/08 21:22:58 | 01,014,379 | -HS- | C] () -- H:\WINDOWS\System32\nwjatbtb.ini
[2007/07/08 21:19:27 | 01,014,241 | -HS- | C] () -- H:\WINDOWS\System32\muxwhqkk.ini
[2007/07/08 11:39:48 | 01,014,121 | -HS- | C] () -- H:\WINDOWS\System32\vhpnoalq.ini
[2007/07/07 19:23:46 | 01,014,022 | -HS- | C] () -- H:\WINDOWS\System32\clxeludn.ini
[2007/07/07 10:56:52 | 01,013,881 | -HS- | C] () -- H:\WINDOWS\System32\hncvhgmq.ini
[2007/07/06 15:30:59 | 01,048,363 | -HS- | C] () -- H:\WINDOWS\System32\hhiscwih.ini
[2007/07/05 19:08:38 | 01,035,032 | -HS- | C] () -- H:\WINDOWS\System32\efsgmkbc.ini
[2007/07/05 13:35:58 | 01,034,912 | -HS- | C] () -- H:\WINDOWS\System32\vqhwmvpu.ini
[2007/07/05 04:23:27 | 01,034,801 | -HS- | C] () -- H:\WINDOWS\System32\yfxmrjdp.ini
[2007/07/05 03:37:07 | 01,034,681 | -HS- | C] () -- H:\WINDOWS\System32\ltngvacg.ini
[2007/07/04 19:54:25 | 01,034,561 | -HS- | C] () -- H:\WINDOWS\System32\nbmmsgbq.ini
[2007/07/04 13:30:22 | 01,034,451 | -HS- | C] () -- H:\WINDOWS\System32\lkigixki.ini
[2007/07/03 20:45:09 | 01,034,322 | -HS- | C] () -- H:\WINDOWS\System32\rswfcfno.ini
[2007/07/02 19:01:40 | 01,034,193 | -HS- | C] () -- H:\WINDOWS\System32\bqvnoira.ini
[2007/07/02 14:51:19 | 01,000,706 | -HS- | C] () -- H:\WINDOWS\System32\vgnhvcyt.ini
[2007/07/02 13:26:50 | 01,000,595 | -HS- | C] () -- H:\WINDOWS\System32\fitcysgi.ini
[2007/07/01 14:33:09 | 01,000,476 | -HS- | C] () -- H:\WINDOWS\System32\glbbiwcm.ini
[2007/07/01 13:42:42 | 01,000,346 | -HS- | C] () -- H:\WINDOWS\System32\mvrrbqum.ini
[2007/07/01 02:00:35 | 01,000,226 | -HS- | C] () -- H:\WINDOWS\System32\atrymcfg.ini
[2007/06/30 17:08:46 | 01,000,115 | -HS- | C] () -- H:\WINDOWS\System32\gjfsbcfu.ini
[2007/06/29 22:55:20 | 01,000,032 | -HS- | C] () -- H:\WINDOWS\System32\cfsvcrdu.ini
[2007/06/29 15:17:23 | 00,999,876 | -HS- | C] () -- H:\WINDOWS\System32\ivnoochu.ini
[2007/06/28 21:42:27 | 00,000,525 | -HS- | C] () -- H:\WINDOWS\System32\nivbnrak.ini
[2007/06/28 13:30:31 | 00,000,355 | -HS- | C] () -- H:\WINDOWS\System32\xbtgllvh.ini
[2007/06/27 19:26:12 | 00,947,092 | -HS- | C] () -- H:\WINDOWS\System32\gjuymnlq.ini
[2007/06/27 15:28:16 | 00,961,492 | -HS- | C] () -- H:\WINDOWS\System32\xrvnpbwd.ini
[2007/06/26 22:46:57 | 00,931,572 | -HS- | C] () -- H:\WINDOWS\System32\aughifoy.ini
[2007/06/26 14:53:52 | 00,916,164 | -HS- | C] () -- H:\WINDOWS\System32\hfcqfrsy.ini
[2007/06/25 23:45:12 | 00,916,036 | -HS- | C] () -- H:\WINDOWS\System32\fdifejft.ini
[2007/06/25 18:30:23 | 00,915,961 | -HS- | C] () -- H:\WINDOWS\System32\ujfvoqvi.ini
[2007/06/25 15:41:14 | 00,915,814 | -HS- | C] () -- H:\WINDOWS\System32\bdlaalrg.ini
[2007/06/25 02:23:34 | 00,915,667 | -HS- | C] () -- H:\WINDOWS\System32\pajctmev.ini
[2007/06/25 01:15:29 | 00,915,547 | -HS- | C] () -- H:\WINDOWS\System32\bbmskssd.ini
[2007/06/24 16:08:59 | 00,915,528 | -HS- | C] () -- H:\WINDOWS\System32\giwvywhw.ini
[2007/06/23 23:18:50 | 00,915,334 | -HS- | C] () -- H:\WINDOWS\System32\hweltbno.ini
[2007/06/23 15:22:26 | 00,001,005 | -HS- | C] () -- H:\WINDOWS\System32\jxhvlonf.ini
[2007/06/22 15:48:32 | 00,000,885 | -HS- | C] () -- H:\WINDOWS\System32\cwcnmyrj.ini
[2007/06/21 21:03:17 | 00,000,765 | -HS- | C] () -- H:\WINDOWS\System32\kaqnguda.ini
[2007/06/21 13:18:38 | 00,000,645 | -HS- | C] () -- H:\WINDOWS\System32\glrdovyy.ini
[2007/06/20 22:31:33 | 00,000,525 | -HS- | C] () -- H:\WINDOWS\System32\mcfjkeom.ini
[2007/06/20 17:09:10 | 00,000,405 | -HS- | C] () -- H:\WINDOWS\System32\jqikepvw.ini
[2007/06/20 13:32:44 | 03,124,673 | -HS- | C] () -- H:\WINDOWS\System32\dmrjltys.ini
[2007/06/19 21:02:03 | 03,166,550 | -HS- | C] () -- H:\WINDOWS\System32\tlpgdhfb.ini
[2007/06/19 13:22:45 | 03,095,046 | -HS- | C] () -- H:\WINDOWS\System32\nkbknwom.ini
[2007/06/18 19:28:34 | 03,095,498 | -HS- | C] () -- H:\WINDOWS\System32\pshggemy.ini
[2007/06/18 14:29:07 | 03,096,570 | -HS- | C] () -- H:\WINDOWS\System32\qlrtmlxq.ini
[2007/06/17 11:59:05 | 03,055,481 | -HS- | C] () -- H:\WINDOWS\System32\rfpnmbcl.ini
[2007/06/16 21:10:18 | 03,058,705 | -HS- | C] () -- H:\WINDOWS\System32\gmkrjrlf.ini
[2007/06/16 12:55:22 | 03,059,530 | -HS- | C] () -- H:\WINDOWS\System32\oatthwtm.ini
[2007/06/15 22:22:31 | 02,982,059 | -HS- | C] () -- H:\WINDOWS\System32\qjhuofge.ini
[2007/06/15 15:52:28 | 02,982,885 | -HS- | C] () -- H:\WINDOWS\System32\hkoolrbi.ini
[2007/06/14 21:51:50 | 02,984,361 | -HS- | C] () -- H:\WINDOWS\System32\uydcscph.ini
[2007/06/14 15:02:00 | 02,985,375 | -HS- | C] () -- H:\WINDOWS\System32\ktueuyrv.ini
[2007/06/13 19:53:47 | 02,986,110 | -HS- | C] () -- H:\WINDOWS\System32\snlhjwtx.ini
[2007/06/13 15:20:04 | 02,987,236 | -HS- | C] () -- H:\WINDOWS\System32\ylytkwcw.ini
[2007/06/12 21:16:40 | 02,900,412 | -HS- | C] () -- H:\WINDOWS\System32\isxuemxc.ini
[2007/06/12 18:02:33 | 02,814,233 | -HS- | C] () -- H:\WINDOWS\System32\mxhlfbtk.ini
[2007/06/12 15:51:34 | 02,815,120 | -HS- | C] () -- H:\WINDOWS\System32\kqtcewxe.ini
[2007/06/11 18:49:23 | 02,816,120 | -HS- | C] () -- H:\WINDOWS\System32\gxiafque.ini
[2007/06/11 15:20:57 | 01,876,914 | -HS- | C] () -- H:\WINDOWS\System32\rutkjbxs.ini
[2007/06/05 19:50:51 | 00,936,265 | -HS- | C] () -- H:\WINDOWS\System32\qpssunau.ini
[2007/04/25 13:21:06 | 00,003,801 | -HS- | C] () -- H:\WINDOWS\System32\qvwmpgqb.ini
[2007/04/12 20:33:00 | 01,516,353 | -HS- | C] () -- H:\WINDOWS\System32\hytfgqkw.ini
[2007/04/11 13:39:19 | 01,652,498 | -HS- | C] () -- H:\WINDOWS\System32\ytkwkmss.ini
[2006/11/14 19:08:47 | 00,002,982 | ---- | C] () -- H:\WINDOWS\wininit.ini
[2006/09/15 02:43:58 | 00,000,285 | ---- | C] () -- H:\WINDOWS\System32\MRT.INI
[2006/09/15 02:39:40 | 00,000,044 | ---- | C] () -- H:\WINDOWS\System32\msssc.dll
[2006/06/06 00:40:22 | 00,001,755 | ---- | C] () -- H:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/03/09 15:29:00 | 01,703,936 | ---- | C] () -- H:\WINDOWS\System32\nvwdmcpl.dll
[2006/03/09 15:29:00 | 01,486,848 | ---- | C] () -- H:\WINDOWS\System32\nview.dll
[2006/03/09 15:29:00 | 01,019,904 | ---- | C] () -- H:\WINDOWS\System32\nvwimg.dll
[2006/03/09 15:29:00 | 00,581,632 | ---- | C] () -- H:\WINDOWS\System32\nvhwvid.dll
[2006/03/09 15:29:00 | 00,466,944 | ---- | C] () -- H:\WINDOWS\System32\nvshell.dll
[2006/03/09 15:29:00 | 00,286,720 | ---- | C] () -- H:\WINDOWS\System32\nvnt4cpl.dll
[2005/10/05 19:39:36 | 00,012,288 | ---- | C] () -- H:\WINDOWS\System32\drivers\ndpymtdi9.sys
[2005/05/04 07:36:49 | 00,000,059 | ---- | C] () -- H:\Documents and Settings\Dustin Baker\Application Data\tvmuknwrd.dll
[2005/04/19 12:57:11 | 00,003,522 | ---- | C] () -- H:\WINDOWS\System32\jn6nsftf.ini
[2004/12/19 08:29:40 | 00,106,496 | ---- | C] () -- H:\WINDOWS\System32\xvidvfw.dll
[2004/12/19 08:17:10 | 00,614,400 | ---- | C] () -- H:\WINDOWS\System32\xvidcore.dll
[2004/10/15 21:11:00 | 00,107,008 | ---- | C] () -- H:\WINDOWS\System32\oleprn.dll
[2004/10/15 21:10:58 | 00,363,520 | ---- | C] () -- H:\WINDOWS\System32\psisdecd.dll
[2004/08/14 22:56:45 | 00,001,010 | ---- | C] () -- H:\WINDOWS\MAXLINK.INI
[2004/08/14 22:56:45 | 00,000,090 | ---- | C] () -- H:\WINDOWS\calera.ini
[2004/08/14 22:56:40 | 00,269,312 | ---- | C] () -- H:\WINDOWS\System32\FPXIG.DLL
[2004/08/14 22:56:40 | 00,068,096 | ---- | C] () -- H:\WINDOWS\System32\IGFPX32P.DLL
[2004/08/14 22:56:40 | 00,065,024 | ---- | C] () -- H:\WINDOWS\System32\JPEGACC.DLL
[2004/08/14 22:56:32 | 00,101,376 | ---- | C] () -- H:\WINDOWS\System32\WELSOF32.DLL
[2004/07/29 13:44:26 | 00,765,952 | ---- | C] () -- H:\WINDOWS\System32\tvqenc.dll
[2004/07/29 13:44:26 | 00,118,784 | ---- | C] () -- H:\WINDOWS\System32\mp3dec.dll
[2004/07/29 13:44:25 | 00,573,440 | ---- | C] () -- H:\WINDOWS\System32\tvqdec.dll
[2004/07/22 19:56:18 | 00,001,125 | ---- | C] () -- H:\WINDOWS\winamp.ini
[2004/07/22 19:45:45 | 00,001,507 | ---- | C] () -- H:\WINDOWS\cdplayer.ini
[2004/07/05 13:30:35 | 05,839,148 | ---- | C] () -- H:\Program Files\Common Files\Autodesk Shared.zip
[2004/06/03 22:38:11 | 00,016,973 | ---- | C] () -- H:\WINDOWS\System32\ZWebAuth.dll
[2004/06/03 14:51:00 | 00,000,376 | ---- | C] () -- H:\WINDOWS\ODBC.INI
[2004/05/30 01:50:52 | 00,034,816 | ---- | C] () -- H:\Documents and Settings\Dustin Baker\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/05/29 23:05:27 | 00,000,604 | ---- | C] () -- H:\WINDOWS\Vtw.INI
[2004/05/29 13:57:19 | 00,001,024 | RH-- | C] () -- H:\WINDOWS\System32\NTICDMK32.dll
[2004/03/30 02:15:02 | 00,051,200 | ---- | C] () -- H:\WINDOWS\System32\ThriXXX010205PNG.dll
[2004/03/30 02:15:01 | 00,056,832 | ---- | C] () -- H:\WINDOWS\System32\ThriXXX015003JP2.dll
[2004/03/30 02:15:01 | 00,023,040 | ---- | C] () -- H:\WINDOWS\System32\ThriXXX010104Z.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- H:\WINDOWS\System32\OUTLPERF.INI
[2002/10/06 13:42:56 | 00,237,568 | ---- | C] () -- H:\WINDOWS\System32\OggDS.dll
[2002/10/04 18:04:24 | 00,921,600 | ---- | C] () -- H:\WINDOWS\System32\VorbisEnc.dll
[2002/10/04 18:04:24 | 00,188,416 | ---- | C] () -- H:\WINDOWS\System32\vorbis.dll
[2002/10/04 18:04:16 | 00,045,056 | ---- | C] () -- H:\WINDOWS\System32\ogg.dll
[2002/05/15 18:38:40 | 00,091,136 | ---- | C] () -- H:\WINDOWS\System32\mp4fil32.dll
[2002/03/19 06:18:54 | 00,120,832 | ---- | C] () -- H:\WINDOWS\System32\lame_enc.dll
[2002/03/18 13:14:34 | 00,049,152 | ---- | C] () -- H:\WINDOWS\System32\DolphinSureCrypto.dll
[2001/12/26 15:12:30 | 00,065,536 | R--- | C] () -- H:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 00,110,592 | R--- | C] () -- H:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 00,118,784 | R--- | C] () -- H:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 00,118,784 | R--- | C] () -- H:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1998/06/13 22:53:26 | 00,044,544 | ---- | C] () -- H:\WINDOWS\System32\Gif89.dll
[1997/06/13 21:56:08 | 00,056,320 | ---- | C] () -- H:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2007/11/15 02:35:59 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\.mono
[2008/03/11 17:17:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2010/01/24 20:32:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Alwil Software
[2004/07/04 20:10:47 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Autodesk
[2009/04/07 18:31:39 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Cached Installations
[2007/04/08 17:04:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\DIGStream
[2009/01/19 22:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Electronic Arts
[2005/11/20 18:30:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\ESPN
[2008/05/19 15:58:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Funcom
[2006/11/14 20:35:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
[2008/11/16 23:47:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\SITEguard
[2008/11/17 00:21:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\STOPzilla!
[2009/06/14 18:24:27 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\TEMP
[2008/12/20 21:26:43 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Ubisoft
[2007/10/29 19:13:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Application Data\Viewpoint
[2005/12/10 01:17:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\.bittorrent
[2007/11/15 02:35:59 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\.mono
[2010/01/02 21:39:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\acccore
[2009/05/24 01:09:01 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Acreon
[2010/01/10 22:22:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Aim
[2009/09/26 04:46:01 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Blitware
[2009/12/20 00:35:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Cool Record Edit Pro
[2009/12/20 00:31:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Free Sound Recorder
[2007/09/28 17:50:15 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\IBP
[2004/09/03 00:44:47 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Lycos
[2008/12/05 01:08:44 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Mount&Blade
[2007/09/02 00:18:43 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\NCH Swift Sound
[2005/12/09 22:32:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Opera
[2007/09/05 01:58:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Prevx
[2008/12/20 21:26:43 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Ubisoft
[2008/05/11 14:06:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Uniblue
[2009/06/23 21:48:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\uTorrent
[2006/03/24 21:19:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Dustin Baker\Application Data\Viewpoint
[2010/01/24 02:43:00 | 00,000,454 | ---- | M] () -- H:\WINDOWS\Tasks\Driver Robot.job
[2010/01/24 23:20:45 | 00,000,236 | ---- | M] () -- H:\WINDOWS\Tasks\OGALogon.job
[2010/01/23 18:22:07 | 00,000,456 | ---- | M] () -- H:\WINDOWS\Tasks\ParetoLogic Registration.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2009/12/06 20:00:20 | 00,000,000 | ---D | M](H:\WINDOWS\s?curity) -- H:\WINDOWS\sеcurity
[2008/05/25 21:10:04 | 00,000,000 | ---D | M](H:\WINDOWS\System32\?ymantec) -- H:\WINDOWS\System32\Ѕymantec
[2008/05/25 15:08:34 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\??crosoft.NET) -- H:\Documents and Settings\Dustin Baker\Application Data\Μіcrosoft.NET
[2008/05/25 15:08:34 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\??crosoft.NET) -- H:\Documents and Settings\Dustin Baker\Application Data\Μіcrosoft.NET
[2008/05/03 23:51:36 | 00,000,000 | ---D | M](H:\WINDOWS\System32\M?crosoft) -- H:\WINDOWS\System32\Mіcrosoft
[2008/04/08 22:29:35 | 00,000,000 | ---D | M](H:\Program Files\Common Files\??sks) -- H:\Program Files\Common Files\Τаsks
[2008/04/08 22:29:35 | 00,000,000 | ---D | M](H:\Program Files\Common Files\??sks) -- H:\Program Files\Common Files\Τаsks
[2008/04/06 11:24:41 | 00,000,000 | ---D | M](H:\WINDOWS\System32\s?mbols) -- H:\WINDOWS\System32\sуmbols
[2008/04/06 11:24:41 | 00,000,000 | ---D | C](H:\WINDOWS\System32\s?mbols) -- H:\WINDOWS\System32\sуmbols
[2008/04/05 01:42:16 | 00,000,000 | ---D | M](H:\Program Files\s?curity) -- H:\Program Files\sеcurity
[2008/04/05 01:42:16 | 00,000,000 | ---D | M](H:\Program Files\s?curity) -- H:\Program Files\sеcurity
[2008/03/19 00:39:44 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?icrosoft) -- H:\Documents and Settings\Dustin Baker\Application Data\Μicrosoft
[2008/03/19 00:39:44 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?icrosoft) -- H:\Documents and Settings\Dustin Baker\Application Data\Μicrosoft
[2008/03/12 18:15:56 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\??crosoft) -- H:\Documents and Settings\Dustin Baker\My Documents\Міcrosoft
[2008/03/12 18:15:56 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\??crosoft) -- H:\Documents and Settings\Dustin Baker\My Documents\Міcrosoft
[2008/01/29 16:54:41 | 00,000,000 | ---D | M](H:\WINDOWS\?ymbols) -- H:\WINDOWS\ѕymbols
[2008/01/29 16:54:41 | 00,000,000 | ---D | C](H:\WINDOWS\?ymbols) -- H:\WINDOWS\ѕymbols
[2008/01/28 14:28:27 | 00,000,000 | ---D | M](H:\WINDOWS\??crosoft.NET) -- H:\WINDOWS\Μіcrosoft.NET
[2008/01/28 14:28:27 | 00,000,000 | ---D | C](H:\WINDOWS\??crosoft.NET) -- H:\WINDOWS\Μіcrosoft.NET
[2008/01/15 21:48:24 | 00,000,000 | ---D | M](H:\WINDOWS\System32\?ymbols) -- H:\WINDOWS\System32\ѕymbols
[2008/01/15 21:48:24 | 00,000,000 | ---D | C](H:\WINDOWS\System32\?ymbols) -- H:\WINDOWS\System32\ѕymbols
[2008/01/13 03:17:18 | 00,000,000 | ---D | M](H:\WINDOWS\?ecurity) -- H:\WINDOWS\ѕecurity
[2008/01/13 03:17:18 | 00,000,000 | ---D | C](H:\WINDOWS\?ecurity) -- H:\WINDOWS\ѕecurity
[2008/01/10 18:46:08 | 00,000,000 | ---D | M](H:\Program Files\?ecurity) -- H:\Program Files\ѕecurity
[2008/01/10 18:46:08 | 00,000,000 | ---D | M](H:\Program Files\?ecurity) -- H:\Program Files\ѕecurity
[2008/01/08 21:47:11 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?dobe) -- H:\Documents and Settings\Dustin Baker\Application Data\Аdobe
[2008/01/08 21:47:11 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?dobe) -- H:\Documents and Settings\Dustin Baker\Application Data\Аdobe
[2008/01/06 13:17:47 | 00,000,000 | ---D | M](H:\WINDOWS\System32\M?crosoft.NET) -- H:\WINDOWS\System32\Mіcrosoft.NET
[2008/01/06 13:17:47 | 00,000,000 | ---D | C](H:\WINDOWS\System32\M?crosoft.NET) -- H:\WINDOWS\System32\Mіcrosoft.NET
[2008/01/04 04:37:17 | 00,000,000 | ---D | M](H:\WINDOWS\T?sks) -- H:\WINDOWS\Tаsks
[2008/01/04 04:37:17 | 00,000,000 | ---D | C](H:\WINDOWS\T?sks) -- H:\WINDOWS\Tаsks
[2008/01/01 21:17:44 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\?ymbols) -- H:\Documents and Settings\Dustin Baker\My Documents\ѕymbols
[2008/01/01 21:17:44 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\?ymbols) -- H:\Documents and Settings\Dustin Baker\My Documents\ѕymbols
[2007/12/31 15:26:13 | 00,000,000 | ---D | M](H:\WINDOWS\??sks) -- H:\WINDOWS\Τаsks
[2007/12/31 15:26:13 | 00,000,000 | ---D | C](H:\WINDOWS\??sks) -- H:\WINDOWS\Τаsks
[2007/12/26 21:55:31 | 00,000,000 | ---D | M](H:\WINDOWS\??stem) -- H:\WINDOWS\ѕуstem
[2007/12/26 21:55:31 | 00,000,000 | ---D | C](H:\WINDOWS\??stem) -- H:\WINDOWS\ѕуstem
[2007/12/25 19:40:29 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\??pPatch) -- H:\Documents and Settings\Dustin Baker\Application Data\АрpPatch
[2007/12/25 19:40:29 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\??pPatch) -- H:\Documents and Settings\Dustin Baker\Application Data\АрpPatch
[2007/12/17 22:12:56 | 00,000,000 | ---D | M](H:\WINDOWS\?ystem32) -- H:\WINDOWS\ѕystem32
[2007/12/17 22:12:56 | 00,000,000 | ---D | C](H:\WINDOWS\?ystem32) -- H:\WINDOWS\ѕystem32
[2007/12/14 15:16:40 | 00,000,000 | ---D | M](H:\Program Files\Common Files\?racle) -- H:\Program Files\Common Files\Оracle
[2007/12/14 15:16:40 | 00,000,000 | ---D | M](H:\Program Files\Common Files\?racle) -- H:\Program Files\Common Files\Оracle
[2007/12/13 14:57:39 | 00,000,000 | ---D | M](H:\WINDOWS\System32\S?mantec) -- H:\WINDOWS\System32\Sуmantec
[2007/12/13 14:57:39 | 00,000,000 | ---D | C](H:\WINDOWS\System32\S?mantec) -- H:\WINDOWS\System32\Sуmantec
[2007/12/12 14:30:30 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\S?mantec) -- H:\Documents and Settings\Dustin Baker\Application Data\Sуmantec
[2007/12/12 14:30:30 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\S?mantec) -- H:\Documents and Settings\Dustin Baker\Application Data\Sуmantec
[2007/12/06 15:48:33 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\??sks) -- H:\Documents and Settings\Dustin Baker\My Documents\Τаsks
[2007/12/06 15:48:33 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\??sks) -- H:\Documents and Settings\Dustin Baker\My Documents\Τаsks
[2007/12/03 21:16:33 | 00,000,000 | ---D | M](H:\WINDOWS\System32\F?nts) -- H:\WINDOWS\System32\Fоnts
[2007/12/03 21:16:33 | 00,000,000 | ---D | C](H:\WINDOWS\System32\F?nts) -- H:\WINDOWS\System32\Fоnts
[2007/11/28 22:42:51 | 00,000,000 | ---D | M](H:\WINDOWS\?ymantec) -- H:\WINDOWS\Ѕymantec
[2007/11/28 22:42:51 | 00,000,000 | ---D | C](H:\WINDOWS\?ymantec) -- H:\WINDOWS\Ѕymantec
[2007/11/28 14:46:31 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\??sembly) -- H:\Documents and Settings\Dustin Baker\Application Data\аѕsembly
[2007/11/28 14:46:31 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\??sembly) -- H:\Documents and Settings\Dustin Baker\Application Data\аѕsembly
[2007/11/26 14:49:25 | 00,000,000 | ---D | M](H:\Program Files\Common Files\?icrosoft.NET) -- H:\Program Files\Common Files\Μicrosoft.NET
[2007/11/26 14:49:25 | 00,000,000 | ---D | M](H:\Program Files\Common Files\?icrosoft.NET) -- H:\Program Files\Common Files\Μicrosoft.NET
[2007/11/25 13:22:49 | 00,000,000 | ---D | M](H:\WINDOWS\System32\??stem) -- H:\WINDOWS\System32\ѕуstem
[2007/11/25 13:22:49 | 00,000,000 | ---D | C](H:\WINDOWS\System32\??stem) -- H:\WINDOWS\System32\ѕуstem
[2007/11/22 22:40:27 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\?dobe) -- H:\Documents and Settings\Dustin Baker\My Documents\Αdobe
[2007/11/22 22:40:27 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\?dobe) -- H:\Documents and Settings\Dustin Baker\My Documents\Αdobe
[2007/11/20 15:43:07 | 00,000,000 | ---D | M](H:\Program Files\Common Files\??crosoft.NET) -- H:\Program Files\Common Files\Міcrosoft.NET
[2007/11/20 15:43:07 | 00,000,000 | ---D | M](H:\Program Files\Common Files\??crosoft.NET) -- H:\Program Files\Common Files\Міcrosoft.NET
[2007/11/17 15:35:06 | 00,000,000 | ---D | M](H:\WINDOWS\System32\W?nSxS) -- H:\WINDOWS\System32\WіnSxS
[2007/11/17 15:35:06 | 00,000,000 | ---D | C](H:\WINDOWS\System32\W?nSxS) -- H:\WINDOWS\System32\WіnSxS
[2007/11/12 15:47:24 | 00,000,000 | ---D | M](H:\Program Files\?ppPatch) -- H:\Program Files\ΑppPatch
[2007/11/12 15:47:24 | 00,000,000 | ---D | M](H:\Program Files\?ppPatch) -- H:\Program Files\ΑppPatch
[2007/11/09 22:03:24 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\s?mbols) -- H:\Documents and Settings\Dustin Baker\My Documents\sуmbols
[2007/11/09 22:03:24 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\s?mbols) -- H:\Documents and Settings\Dustin Baker\My Documents\sуmbols
[2007/11/03 14:59:21 | 00,000,000 | ---D | M](H:\Program Files\?asks) -- H:\Program Files\Тasks
[2007/11/03 14:59:21 | 00,000,000 | ---D | M](H:\Program Files\?asks) -- H:\Program Files\Тasks
[2007/11/02 14:11:43 | 00,000,000 | ---D | M](H:\WINDOWS\System32\??stem32) -- H:\WINDOWS\System32\ѕуstem32
[2007/11/02 14:11:43 | 00,000,000 | ---D | C](H:\WINDOWS\System32\??stem32) -- H:\WINDOWS\System32\ѕуstem32
[2007/11/01 00:18:26 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\??crosoft.NET) -- H:\Documents and Settings\Dustin Baker\My Documents\Μіcrosoft.NET
[2007/11/01 00:18:26 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\??crosoft.NET) -- H:\Documents and Settings\Dustin Baker\My Documents\Μіcrosoft.NET
[2007/10/20 13:18:38 | 00,000,000 | ---D | M](H:\Program Files\Common Files\?icrosoft) -- H:\Program Files\Common Files\Μicrosoft
[2007/10/20 13:18:38 | 00,000,000 | ---D | M](H:\Program Files\Common Files\?icrosoft) -- H:\Program Files\Common Files\Μicrosoft
[2007/10/18 22:17:36 | 00,000,000 | ---D | M](H:\WINDOWS\System32\?ystem) -- H:\WINDOWS\System32\ѕystem
[2007/10/18 22:17:36 | 00,000,000 | ---D | C](H:\WINDOWS\System32\?ystem) -- H:\WINDOWS\System32\ѕystem
[2007/10/17 17:40:30 | 00,000,000 | ---D | M](H:\Program Files\Common Files\??mantec) -- H:\Program Files\Common Files\Ѕуmantec
[2007/10/17 17:40:30 | 00,000,000 | ---D | M](H:\Program Files\Common Files\??mantec) -- H:\Program Files\Common Files\Ѕуmantec
[2007/10/16 14:19:38 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?asks) -- H:\Documents and Settings\Dustin Baker\Application Data\Τasks
[2007/10/16 14:19:38 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?asks) -- H:\Documents and Settings\Dustin Baker\Application Data\Τasks
[2007/10/09 21:24:19 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\s?stem32) -- H:\Documents and Settings\Dustin Baker\Application Data\sуstem32
[2007/10/09 21:24:19 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\s?stem32) -- H:\Documents and Settings\Dustin Baker\Application Data\sуstem32
[2007/10/07 15:34:30 | 00,000,000 | ---D | M](H:\WINDOWS\M?crosoft.NET) -- H:\WINDOWS\Mіcrosoft.NET
[2007/10/07 15:34:30 | 00,000,000 | ---D | C](H:\WINDOWS\M?crosoft.NET) -- H:\WINDOWS\Mіcrosoft.NET
[2007/10/05 13:14:25 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\a?sembly) -- H:\Documents and Settings\Dustin Baker\Application Data\aѕsembly
[2007/10/05 13:14:25 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\a?sembly) -- H:\Documents and Settings\Dustin Baker\Application Data\aѕsembly
[2007/10/02 14:13:52 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\??pPatch) -- H:\Documents and Settings\Dustin Baker\My Documents\АрpPatch
[2007/10/02 14:13:52 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\??pPatch) -- H:\Documents and Settings\Dustin Baker\My Documents\АрpPatch
[2007/10/01 13:31:50 | 00,000,000 | ---D | M](H:\Program Files\Common Files\?ystem32) -- H:\Program Files\Common Files\ѕystem32
[2007/10/01 13:31:50 | 00,000,000 | ---D | M](H:\Program Files\Common Files\?ystem32) -- H:\Program Files\Common Files\ѕystem32
[2007/09/28 19:54:33 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\?icrosoft) -- H:\Documents and Settings\Dustin Baker\My Documents\Мicrosoft
[2007/09/28 19:54:33 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\?icrosoft) -- H:\Documents and Settings\Dustin Baker\My Documents\Мicrosoft
[2007/09/25 23:10:18 | 00,000,000 | ---D | M](H:\WINDOWS\System32\F?nts) -- H:\WINDOWS\System32\Fοnts
[2007/09/25 23:10:18 | 00,000,000 | ---D | C](H:\WINDOWS\System32\F?nts) -- H:\WINDOWS\System32\Fοnts
[2007/09/25 14:18:45 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?icrosoft.NET) -- H:\Documents and Settings\Dustin Baker\Application Data\Μicrosoft.NET
[2007/09/25 14:18:45 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?icrosoft.NET) -- H:\Documents and Settings\Dustin Baker\Application Data\Μicrosoft.NET
[2007/09/22 21:39:56 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\s?curity) -- H:\Documents and Settings\Dustin Baker\My Documents\sеcurity
[2007/09/22 21:39:56 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\s?curity) -- H:\Documents and Settings\Dustin Baker\My Documents\sеcurity
[2007/09/17 16:05:34 | 00,000,000 | ---D | M](H:\Program Files\s?mbols) -- H:\Program Files\sуmbols
[2007/09/17 16:05:34 | 00,000,000 | ---D | M](H:\Program Files\s?mbols) -- H:\Program Files\sуmbols
[2007/09/16 11:55:26 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?dobe) -- H:\Documents and Settings\Dustin Baker\Application Data\Αdobe
[2007/09/16 11:55:26 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?dobe) -- H:\Documents and Settings\Dustin Baker\Application Data\Αdobe
[2007/09/11 14:32:42 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\?asks) -- H:\Documents and Settings\Dustin Baker\My Documents\Тasks
[2007/09/11 14:32:42 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\?asks) -- H:\Documents and Settings\Dustin Baker\My Documents\Тasks
[2007/09/07 15:11:22 | 00,000,000 | ---D | C](H:\WINDOWS\System32\?ymantec) -- H:\WINDOWS\System32\Ѕymantec
[2007/09/06 13:46:09 | 00,000,000 | ---D | M](H:\WINDOWS\System32\??curity) -- H:\WINDOWS\System32\ѕеcurity
[2007/09/06 13:46:09 | 00,000,000 | ---D | C](H:\WINDOWS\System32\??curity) -- H:\WINDOWS\System32\ѕеcurity
[2007/08/29 19:08:49 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\??mantec) -- H:\Documents and Settings\Dustin Baker\My Documents\Ѕуmantec
[2007/08/29 19:08:49 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\??mantec) -- H:\Documents and Settings\Dustin Baker\My Documents\Ѕуmantec
[2007/08/22 19:32:34 | 00,000,000 | ---D | M](H:\WINDOWS\System32\?dobe) -- H:\WINDOWS\System32\Αdobe
[2007/08/14 17:13:48 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?icrosoft) -- H:\Documents and Settings\Dustin Baker\Application Data\Мicrosoft
[2007/08/14 17:13:48 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?icrosoft) -- H:\Documents and Settings\Dustin Baker\Application Data\Мicrosoft
[2007/07/29 04:28:09 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\??crosoft) -- H:\Documents and Settings\Dustin Baker\My Documents\Μіcrosoft
[2007/07/29 04:28:09 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\??crosoft) -- H:\Documents and Settings\Dustin Baker\My Documents\Μіcrosoft
[2007/07/26 14:13:09 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\T?sks) -- H:\Documents and Settings\Dustin Baker\Application Data\Tаsks
[2007/07/26 14:13:09 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\T?sks) -- H:\Documents and Settings\Dustin Baker\Application Data\Tаsks
[2007/07/26 14:13:09 | 00,000,000 | ---D | C](H:\WINDOWS\System32\?dobe) -- H:\WINDOWS\System32\Αdobe
[2007/07/19 23:09:00 | 00,000,000 | ---D | M](H:\Program Files\Common Files\F?nts) -- H:\Program Files\Common Files\Fοnts
[2007/07/19 23:09:00 | 00,000,000 | ---D | M](H:\Program Files\Common Files\F?nts) -- H:\Program Files\Common Files\Fοnts
[2007/07/15 05:47:19 | 00,000,000 | ---D | M](H:\WINDOWS\?ssembly) -- H:\WINDOWS\аssembly
[2007/07/15 05:47:19 | 00,000,000 | ---D | C](H:\WINDOWS\?ssembly) -- H:\WINDOWS\аssembly
[2007/07/05 03:36:57 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?ymbols) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕymbols
[2007/07/05 03:36:57 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?ymbols) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕymbols
[2007/07/05 03:36:57 | 00,000,000 | ---D | C](H:\WINDOWS\s?curity) -- H:\WINDOWS\sеcurity
[2007/06/27 19:25:42 | 00,000,000 | ---D | M](H:\WINDOWS\??crosoft) -- H:\WINDOWS\Μіcrosoft
[2007/06/27 19:25:42 | 00,000,000 | ---D | C](H:\WINDOWS\??crosoft) -- H:\WINDOWS\Μіcrosoft
[2007/06/22 15:47:55 | 00,000,000 | ---D | M](H:\WINDOWS\?ppPatch) -- H:\WINDOWS\ΑppPatch
[2007/06/20 22:30:52 | 00,000,000 | ---D | M](H:\Program Files\?icrosoft) -- H:\Program Files\Μicrosoft
[2007/06/20 22:30:52 | 00,000,000 | ---D | M](H:\Program Files\?icrosoft) -- H:\Program Files\Μicrosoft
[2007/06/10 19:09:51 | 00,000,000 | ---D | M](H:\WINDOWS\??mbols) -- H:\WINDOWS\ѕуmbols
[2007/06/10 19:09:51 | 00,000,000 | ---D | C](H:\WINDOWS\?ppPatch) -- H:\WINDOWS\ΑppPatch
[2007/06/04 16:20:00 | 00,000,000 | ---D | M](H:\Program Files\?ssembly) -- H:\Program Files\аssembly
[2007/06/04 16:20:00 | 00,000,000 | ---D | M](H:\Program Files\?ssembly) -- H:\Program Files\аssembly
[2007/06/04 16:20:00 | 00,000,000 | ---D | C](H:\WINDOWS\??mbols) -- H:\WINDOWS\ѕуmbols
[2007/05/22 14:05:31 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\a?sembly) -- H:\Documents and Settings\Dustin Baker\My Documents\aѕsembly
[2007/05/22 14:05:31 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\a?sembly) -- H:\Documents and Settings\Dustin Baker\My Documents\aѕsembly
[2007/05/18 14:47:45 | 00,000,000 | ---D | M](H:\Program Files\??pPatch) -- H:\Program Files\АрpPatch
[2007/05/18 14:47:45 | 00,000,000 | ---D | M](H:\Program Files\??pPatch) -- H:\Program Files\АрpPatch
[2007/05/01 13:20:57 | 00,000,000 | ---D | M](H:\Program Files\M?crosoft.NET) -- H:\Program Files\Mіcrosoft.NET
[2007/05/01 13:20:57 | 00,000,000 | ---D | M](H:\Program Files\M?crosoft.NET) -- H:\Program Files\Mіcrosoft.NET
[2007/03/20 02:34:29 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\??sembly) -- H:\Documents and Settings\Dustin Baker\My Documents\аѕsembly
[2007/03/20 02:34:29 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\??sembly) -- H:\Documents and Settings\Dustin Baker\My Documents\аѕsembly
[2007/03/15 21:12:53 | 00,000,000 | ---D | M](H:\Program Files\F?nts) -- H:\Program Files\Fоnts
[2007/03/15 21:12:53 | 00,000,000 | ---D | M](H:\Program Files\F?nts) -- H:\Program Files\Fоnts
[2007/03/12 22:57:46 | 00,000,000 | ---D | M](H:\WINDOWS\??sembly) -- H:\WINDOWS\аѕsembly
[2007/03/06 18:58:44 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\M?crosoft.NET) -- H:\Documents and Settings\Dustin Baker\My Documents\Mіcrosoft.NET
[2007/03/03 22:10:31 | 00,000,000 | ---D | M](H:\Program Files\s?stem) -- H:\Program Files\sуstem
[2007/03/03 22:10:31 | 00,000,000 | ---D | M](H:\Program Files\s?stem) -- H:\Program Files\sуstem
[2007/03/03 22:10:31 | 00,000,000 | ---D | C](H:\WINDOWS\??sembly) -- H:\WINDOWS\аѕsembly
[2007/02/22 23:17:25 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\??stem) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕуstem
[2007/02/22 23:17:25 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\??stem) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕуstem
[2007/02/13 22:07:41 | 00,000,000 | ---D | M](H:\WINDOWS\W?nSxS) -- H:\WINDOWS\WіnSxS
[2007/02/13 22:07:41 | 00,000,000 | ---D | C](H:\WINDOWS\W?nSxS) -- H:\WINDOWS\WіnSxS
[2007/01/26 23:57:09 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\s?stem) -- H:\Documents and Settings\Dustin Baker\Application Data\sуstem
[2007/01/26 23:57:09 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\s?stem) -- H:\Documents and Settings\Dustin Baker\Application Data\sуstem
[2007/01/26 15:06:37 | 00,000,000 | ---D | M](H:\Program Files\Common Files\s?curity) -- H:\Program Files\Common Files\sеcurity
[2007/01/26 15:06:37 | 00,000,000 | ---D | M](H:\Program Files\Common Files\s?curity) -- H:\Program Files\Common Files\sеcurity
[2007/01/18 22:50:12 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\??crosoft) -- H:\Documents and Settings\Dustin Baker\Application Data\Міcrosoft
[2007/01/18 22:50:12 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\??crosoft) -- H:\Documents and Settings\Dustin Baker\Application Data\Міcrosoft
[2007/01/18 22:50:12 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\M?crosoft.NET) -- H:\Documents and Settings\Dustin Baker\My Documents\Mіcrosoft.NET
[2007/01/14 23:56:39 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?ssembly) -- H:\Documents and Settings\Dustin Baker\Application Data\аssembly
[2007/01/14 23:56:39 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?ssembly) -- H:\Documents and Settings\Dustin Baker\Application Data\аssembly
[2007/01/12 22:10:24 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\W?nSxS) -- H:\Documents and Settings\Dustin Baker\Application Data\WіnSxS
[2007/01/12 22:10:24 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\W?nSxS) -- H:\Documents and Settings\Dustin Baker\Application Data\WіnSxS
[2007/01/05 15:10:31 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?ystem) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕystem
[2007/01/05 15:10:31 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?ystem) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕystem
[2006/12/28 21:49:55 | 00,000,000 | ---D | M](H:\WINDOWS\s?stem) -- H:\WINDOWS\sуstem
[2006/12/27 21:58:05 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?ystem32) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕystem32
[2006/12/27 21:58:05 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\?ystem32) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕystem32
[2006/12/26 14:08:26 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\?ystem32) -- H:\Documents and Settings\Dustin Baker\My Documents\ѕystem32
[2006/12/26 14:08:26 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\?ystem32) -- H:\Documents and Settings\Dustin Baker\My Documents\ѕystem32
[2006/12/22 16:26:09 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\F?nts) -- H:\Documents and Settings\Dustin Baker\Application Data\Fоnts
[2006/12/22 16:26:09 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\F?nts) -- H:\Documents and Settings\Dustin Baker\Application Data\Fоnts
[2006/12/22 16:26:09 | 00,000,000 | ---D | C](H:\WINDOWS\s?stem) -- H:\WINDOWS\sуstem
[2006/12/15 16:14:30 | 00,000,000 | ---D | M](H:\WINDOWS\System32\?dobe) -- H:\WINDOWS\System32\Аdobe
[2006/12/13 17:35:54 | 00,000,000 | ---D | M](H:\WINDOWS\A?pPatch) -- H:\WINDOWS\AрpPatch
[2006/12/13 17:35:54 | 00,000,000 | ---D | C](H:\WINDOWS\A?pPatch) -- H:\WINDOWS\AрpPatch
[2006/12/13 17:35:22 | 00,000,000 | ---D | M](H:\WINDOWS\?asks) -- H:\WINDOWS\Τasks
[2006/12/13 17:35:22 | 00,000,000 | ---D | C](H:\WINDOWS\?asks) -- H:\WINDOWS\Τasks
[2006/08/22 21:37:28 | 00,000,000 | ---D | M](H:\Program Files\Common Files\W?nSxS) -- H:\Program Files\Common Files\WіnSxS
[2006/08/22 21:37:28 | 00,000,000 | ---D | M](H:\Program Files\Common Files\W?nSxS) -- H:\Program Files\Common Files\WіnSxS
[2006/08/21 16:34:22 | 00,000,000 | ---D | C](H:\WINDOWS\System32\?dobe) -- H:\WINDOWS\System32\Аdobe
[2006/08/16 21:13:39 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\??curity) -- H:\Documents and Settings\Dustin Baker\My Documents\ѕеcurity
[2006/08/16 21:13:39 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\??curity) -- H:\Documents and Settings\Dustin Baker\My Documents\ѕеcurity
[2006/08/14 21:16:47 | 00,000,000 | ---D | M](H:\Program Files\Common Files\F?nts) -- H:\Program Files\Common Files\Fоnts
[2006/08/14 21:16:47 | 00,000,000 | ---D | M](H:\Program Files\Common Files\F?nts) -- H:\Program Files\Common Files\Fоnts
[2006/08/07 19:06:41 | 00,000,000 | ---D | M](H:\WINDOWS\F?nts) -- H:\WINDOWS\Fοnts
[2006/08/07 19:06:41 | 00,000,000 | ---D | C](H:\WINDOWS\F?nts) -- H:\WINDOWS\Fοnts
[2006/08/04 00:25:20 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\F?nts) -- H:\Documents and Settings\Dustin Baker\Application Data\Fοnts
[2006/08/04 00:25:20 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\Application Data\F?nts) -- H:\Documents and Settings\Dustin Baker\Application Data\Fοnts
[2006/08/03 19:26:39 | 00,000,000 | ---D | M](H:\Documents and Settings\Dustin Baker\My Documents\M?crosoft) -- H:\Documents and Settings\Dustin Baker\My Documents\Mіcrosoft
[2006/07/31 22:01:03 | 00,000,000 | ---D | C](H:\Documents and Settings\Dustin Baker\My Documents\M?crosoft) -- H:\Documents and Settings\Dustin Baker\My Documents\Mіcrosoft
[2006/07/31 22:00:42 | 00,000,000 | ---D | C](H:\WINDOWS\System32\M?crosoft) -- H:\WINDOWS\System32\Mіcrosoft
(H:\Program Files\s?stem) -- H:\Program Files\sуstem
(H:\Program Files\s?mbols) -- H:\Program Files\sуmbols
(H:\Program Files\s?curity) -- H:\Program Files\sеcurity
(H:\Program Files\M?crosoft.NET) -- H:\Program Files\Mіcrosoft.NET
(H:\Program Files\F?nts) -- H:\Program Files\Fоnts
(H:\Program Files\Common Files\W?nSxS) -- H:\Program Files\Common Files\WіnSxS
(H:\Program Files\Common Files\s?curity) -- H:\Program Files\Common Files\sеcurity
(H:\Program Files\Common Files\F?nts) -- H:\Program Files\Common Files\Fоnts
(H:\Program Files\Common Files\F?nts) -- H:\Program Files\Common Files\Fοnts
(H:\Program Files\Common Files\?ystem32) -- H:\Program Files\Common Files\ѕystem32
(H:\Program Files\Common Files\?racle) -- H:\Program Files\Common Files\Оracle
(H:\Program Files\Common Files\?icrosoft.NET) -- H:\Program Files\Common Files\Μicrosoft.NET
(H:\Program Files\Common Files\?icrosoft) -- H:\Program Files\Common Files\Μicrosoft
(H:\Program Files\Common Files\??sks) -- H:\Program Files\Common Files\Τаsks
(H:\Program Files\Common Files\??mantec) -- H:\Program Files\Common Files\Ѕуmantec
(H:\Program Files\Common Files\??crosoft.NET) -- H:\Program Files\Common Files\Міcrosoft.NET
(H:\Program Files\?ssembly) -- H:\Program Files\аssembly
(H:\Program Files\?ppPatch) -- H:\Program Files\ΑppPatch
(H:\Program Files\?icrosoft) -- H:\Program Files\Μicrosoft
(H:\Program Files\?ecurity) -- H:\Program Files\ѕecurity
(H:\Program Files\?asks) -- H:\Program Files\Тasks
(H:\Program Files\??pPatch) -- H:\Program Files\АрpPatch
(H:\Documents and Settings\Dustin Baker\Application Data\W?nSxS) -- H:\Documents and Settings\Dustin Baker\Application Data\WіnSxS
(H:\Documents and Settings\Dustin Baker\Application Data\T?sks) -- H:\Documents and Settings\Dustin Baker\Application Data\Tаsks
(H:\Documents and Settings\Dustin Baker\Application Data\s?stem32) -- H:\Documents and Settings\Dustin Baker\Application Data\sуstem32
(H:\Documents and Settings\Dustin Baker\Application Data\s?stem) -- H:\Documents and Settings\Dustin Baker\Application Data\sуstem
(H:\Documents and Settings\Dustin Baker\Application Data\S?mantec) -- H:\Documents and Settings\Dustin Baker\Application Data\Sуmantec
(H:\Documents and Settings\Dustin Baker\Application Data\F?nts) -- H:\Documents and Settings\Dustin Baker\Application Data\Fоnts
(H:\Documents and Settings\Dustin Baker\Application Data\F?nts) -- H:\Documents and Settings\Dustin Baker\Application Data\Fοnts
(H:\Documents and Settings\Dustin Baker\Application Data\a?sembly) -- H:\Documents and Settings\Dustin Baker\Application Data\aѕsembly
(H:\Documents and Settings\Dustin Baker\Application Data\?ystem32) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕystem32
(H:\Documents and Settings\Dustin Baker\Application Data\?ystem) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕystem
(H:\Documents and Settings\Dustin Baker\Application Data\?ymbols) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕymbols
(H:\Documents and Settings\Dustin Baker\Application Data\?ssembly) -- H:\Documents and Settings\Dustin Baker\Application Data\аssembly
(H:\Documents and Settings\Dustin Baker\Application Data\?icrosoft.NET) -- H:\Documents and Settings\Dustin Baker\Application Data\Μicrosoft.NET
(H:\Documents and Settings\Dustin Baker\Application Data\?icrosoft) -- H:\Documents and Settings\Dustin Baker\Application Data\Мicrosoft
(H:\Documents and Settings\Dustin Baker\Application Data\?icrosoft) -- H:\Documents and Settings\Dustin Baker\Application Data\Μicrosoft
(H:\Documents and Settings\Dustin Baker\Application Data\?dobe) -- H:\Documents and Settings\Dustin Baker\Application Data\Аdobe
(H:\Documents and Settings\Dustin Baker\Application Data\?dobe) -- H:\Documents and Settings\Dustin Baker\Application Data\Αdobe
(H:\Documents and Settings\Dustin Baker\Application Data\?asks) -- H:\Documents and Settings\Dustin Baker\Application Data\Τasks
(H:\Documents and Settings\Dustin Baker\Application Data\??stem) -- H:\Documents and Settings\Dustin Baker\Application Data\ѕуstem
(H:\Documents and Settings\Dustin Baker\Application Data\??sembly) -- H:\Documents and Settings\Dustin Baker\Application Data\аѕsembly
(H:\Documents and Settings\Dustin Baker\Application Data\??pPatch) -- H:\Documents and Settings\Dustin Baker\Application Data\АрpPatch
(H:\Documents and Settings\Dustin Baker\Application Data\??crosoft.NET) -- H:\Documents and Settings\Dustin Baker\Application Data\Μіcrosoft.NET
(H:\Documents and Settings\Dustin Baker\Application Data\??crosoft) -- H:\Documents and Settings\Dustin Baker\Application Data\Міcrosoft

========== Alternate Data Streams ==========

@Alternate Data Stream - 523 bytes -> H:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 112 bytes -> H:\Documents and Settings\All Users\Application Data\TEMP:B63300D1
@Alternate Data Stream - 102 bytes -> H:\Documents and Settings\All Users\Application Data\TEMP:A11F741D
< End of report >


*** OTL LOG EXTRAS ***

OTL Extras logfile created on: 1/25/2010 12:03:25 AM - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = H:\Documents and Settings\Dustin Baker\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 81.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): H:\pagefile.sys 1149 1500 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
C: Drive not present or media not loaded
Drive D: | 306.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 111.78 Gb Total Space | 66.14 Gb Free Space | 59.17% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: JBAK-COMPUTER
Current User Name: Dustin Baker
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- H:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- H:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.js [@ = JSFile] -- H:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe (Macromedia, Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- H:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "H:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "H:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "H:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [print] -- "H:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "H:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "H:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
InternetShortcut [open] -- "H:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
jsfile [open] -- "H:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "H:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "H:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"28900:TCP" = 28900:TCP:*:Enabled:Download Manager
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"H:\Program Files\MSN Messenger\msnmsgr.exe" = H:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"H:\Program Files\MSN Messenger\livecall.exe" = H:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"H:\Program Files\uTorrent\utorrent.exe" = H:\Program Files\uTorrent\utorrent.exe:*:Disabled:µTorrent -- (BitTorrent, Inc.)
"H:\Documents and Settings\Dustin Baker\Local Settings\Temp\Rar$EX01.719\20080602-AoC-Live-US.exe" = H:\Documents and Settings\Dustin Baker\Local Settings\Temp\Rar$EX01.719\20080602-AoC-Live-US.exe:*:Disabled:Age of Conan Downloader -- File not found
"H:\Documents and Settings\Dustin Baker\Local Settings\Temp\Rar$EX00.219\20080602-AoC-Live-US.exe" = H:\Documents and Settings\Dustin Baker\Local Settings\Temp\Rar$EX00.219\20080602-AoC-Live-US.exe:*:Disabled:Age of Conan Downloader -- File not found
"H:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd" = H:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd:*:Disabled:Age of Empires II Expansion -- (Microsoft Corporation)
"H:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe" = H:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Disabled:Age of Empires II Expansion -- (Microsoft Corporation)
"H:\Program Files\AIM7\aim.exe" = H:\Program Files\AIM7\aim.exe:*:Disabled:AIM -- File not found
"H:\Program Files\AIM\aim.exe" = H:\Program Files\AIM\aim.exe:*:Disabled:AOL Instant Messenger -- File not found
"H:\Program Files\Azureus\Azureus.exe" = H:\Program Files\Azureus\Azureus.exe:*:Disabled:Azureus -- File not found
"H:\Program Files\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe" = H:\Program Files\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Disabled:BattlefrontII -- File not found
"H:\Program Files\Cyanide\Blood Bowl\BB.exe" = H:\Program Files\Cyanide\Blood Bowl\BB.exe:*:Disabled:Blood Bowl -- File not found
"H:\Program Files\Cyanide\Blood Bowl\Autorun\Exe\Autorun.exe" = H:\Program Files\Cyanide\Blood Bowl\Autorun\Exe\Autorun.exe:*:Disabled:Blood Bowl - AutoRun -- File not found
"H:\Program Files\Electronic Arts\EADM\Core.exe" = H:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found
"H:\WINDOWS\system32\dplaysvr.exe" = H:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"H:\Program Files\Skype\Phone\Skype.exe" = H:\Program Files\Skype\Phone\Skype.exe:*:Disabled:Skype -- File not found
"H:\Program Files\MSN Messenger\msnmsgr.exe" = H:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1 -- File not found
"H:\Program Files\MSN Messenger\livecall.exe" = H:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone) -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" USB Card Reader Driver" = USB Card Reader Driver v1.9b
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1EC60864-A294-44BF-984A-3E8867D74EA2}" = Adobe After Effects 6.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25EDCA0E-D174-4E81-A61D-857E55BE4130}" = XP Repair Pro 2007
"{2E861EC9-FCB8-11D3-939A-00A0C9BA5A55}" = Intel® Active Monitor
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{412033BC-44CF-48D9-B813-4B835101F4D3}" = Adobe Illustrator 10
"{5BDAEFB5-1FF6-45DA-AD07-910CD7F4B5EF}" = Microsoft DirectX SDK (April 2007)
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{66A9D30D-1464-4C7F-B2F3-507DADAF2595}" = Microsoft IntelliPoint 6.3
"{69E6A869-8B59-4619-A9E9-58DDFA7C05B8}" = 3ds max 6
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AE}" = URGE
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C05A0-C76C-4724-A9A2-11D5D1355729}" = iTunes
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.7
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2004
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8478F4-79C2-44F3-BE72-BC0D590F3C82}" = Port Scanner
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6414CC7-F215-467F-88B1-546ED863F35B}" = CC_ccStart
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{F09FB343-2806-4F48-846D-705352D30334}" = Diskeeper Lite
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"AC Tool 4.6.2 Install" = AC Tool 4.6.2 Install
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Advanced Port Scanner v1.3" = Advanced Port Scanner v1.3
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"avast5" = avast! Internet Security
"AVI Movie Player" = AVI Movie Player
"BitTornado" = BitTornado 0.2.0
"Download Manager" = Download Manager 2.3.7
"EADM" = EA Download Manager
"Envy24HF Setup Program" = UnInstall Envy24 Family Audio Device Driver
"ESPN RunTime" = ESPN RunTime
"FastSum_is1" = FastSum 1.8
"Fraps" = Fraps (remove only)
"GameSpy Arcade" = GameSpy Arcade
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GoogleVideoPlayer" = Google Video Player
"Graphical Enhancement Resources" = Graphical Enhancement Resources 2.5
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD-Maker 6 Standard
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.90 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mount&Blade" = Mount&Blade
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MP3 WAV Converter 2.68" = MP3 WAV Converter 2.68
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OneTouch Version 3.0" = OneTouch Version 3.0
"PaperPort 6.5" = PaperPort 6.5
"PE Explorer_is1" = PE Explorer 1.95
"PocketRAR" = Pocket RAR documentation
"RealAlt_is1" = Real Alternative 1.50
"RealPlayer 6.0" = RealPlayer
"ST6UNST #1" = VNP Exam Prep for COMPTIA A+
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Tweak UI 2.10" = Tweak UI
"uTorrent" = µTorrent
"Vidmex" = Vidmex 1.3
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinMX" = WinMX
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/26/2009 6:21:26 PM | Computer Name = JBAK-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/10/2010 1:30:18 PM | Computer Name = JBAK-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/12/2010 8:41:26 PM | Computer Name = JBAK-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/16/2010 3:30:27 AM | Computer Name = JBAK-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application age2_x1.exe, version 0.7.26.809, faulting module
dinput.dll, version 5.3.2600.5512, fault address 0x00011498.

Error - 1/16/2010 3:31:59 AM | Computer Name = JBAK-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application age2_x1.exe, version 0.7.26.809, faulting module
dinput.dll, version 5.3.2600.5512, fault address 0x00011498.

Error - 1/24/2010 7:11:07 PM | Computer Name = JBAK-COMPUTER | Source = MsiInstaller | ID = 1008
Description = The installation of H:\WINDOWS\Installer\3b5610.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 1/24/2010 7:11:10 PM | Computer Name = JBAK-COMPUTER | Source = MsiInstaller | ID = 1008
Description = The installation of H:\WINDOWS\Installer\3b5610.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 1/24/2010 9:16:17 PM | Computer Name = JBAK-COMPUTER | Source = Google Update | ID = 20
Description =

Error - 1/25/2010 12:15:47 AM | Computer Name = JBAK-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/25/2010 12:16:36 AM | Computer Name = JBAK-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.1.26.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 1/25/2010 12:07:58 AM | Computer Name = JBAK-COMPUTER | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 1/25/2010 12:07:58 AM | Computer Name = JBAK-COMPUTER | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%2

Error - 1/25/2010 12:07:58 AM | Computer Name = JBAK-COMPUTER | Source = Service Control Manager | ID = 7000
Description = The SIODRV service failed to start due to the following error: %%20

Error - 1/25/2010 12:07:58 AM | Computer Name = JBAK-COMPUTER | Source = Service Control Manager | ID = 7001
Description = The Intel® Active Monitor service depends on the SIODRV service
which failed to start because of the following error: %%20

Error - 1/25/2010 12:08:02 AM | Computer Name = JBAK-COMPUTER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep SAVRTPEL

Error - 1/25/2010 12:20:40 AM | Computer Name = JBAK-COMPUTER | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 1/25/2010 12:20:40 AM | Computer Name = JBAK-COMPUTER | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%2

Error - 1/25/2010 12:20:40 AM | Computer Name = JBAK-COMPUTER | Source = Service Control Manager | ID = 7000
Description = The SIODRV service failed to start due to the following error: %%20

Error - 1/25/2010 12:20:40 AM | Computer Name = JBAK-COMPUTER | Source = Service Control Manager | ID = 7001
Description = The Intel® Active Monitor service depends on the SIODRV service
which failed to start because of the following error: %%20

Error - 1/25/2010 12:20:41 AM | Computer Name = JBAK-COMPUTER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep SAVRTPEL


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP