Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

XPS 400 freezing problem [Solved]

Started by MEUNCFREE , May 09 2010 10:56 AM

  • This topic is locked This topic is locked

#16
emeraldnzl
Posted 13 May 2010 - 06:37 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Okay then, it may just be a glitch in ComboFix.

Just tell it to proceed. :)

Tell me if you still have difficulties with it.
  • 0

Advertisements

#17
MEUNCFREE
Posted 13 May 2010 - 07:09 PM

MEUNCFREE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
here's my latest log and thanks for being so patient with me.

ComboFix 10-05-13.02 - MICHAEL ELLIOTT 05/13/2010 20:50:45.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.637 [GMT -4:00]
Running from: c:\documents and settings\MICHAEL ELLIOTT\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\MICHAEL ELLIOTT\Desktop\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Viewpoint

.
((((((((((((((((((((((((( Files Created from 2010-04-14 to 2010-05-14 )))))))))))))))))))))))))))))))
.

2010-05-10 22:24 . 2010-05-10 22:24 -------- dc----w- C:\_OTL
2010-05-08 19:16 . 2010-05-08 19:16 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\FlyWheelGames
2010-05-05 22:24 . 2010-05-05 22:24 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Fugazo
2010-05-05 00:23 . 2010-05-05 21:45 0 ----a-w- c:\documents and settings\ADRIENNE ELLIOTT\Local Settings\Application Data\prvlcl.dat
2010-05-04 00:04 . 2010-05-04 00:04 -------- d-----w- c:\documents and settings\ADRIENNE ELLIOTT\Application Data\iolo
2010-05-03 23:19 . 2010-05-03 23:19 -------- d-----w- c:\documents and settings\ADRIENNE ELLIOTT\Application Data\Malwarebytes
2010-05-03 22:56 . 2010-05-03 22:56 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-03 13:58 . 2010-05-03 13:58 -------- d-----w- c:\documents and settings\REGINA ELLIOTT\Application Data\iolo
2010-04-30 04:02 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-30 04:02 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-30 04:02 . 2010-05-02 23:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-29 21:21 . 2010-04-29 21:21 -------- d-----w- c:\documents and settings\LocalService\Application Data\iolo
2010-04-29 21:19 . 2010-04-21 18:46 93096 ----a-w- c:\windows\system32\IncContxMenu.dll
2010-04-29 21:19 . 2010-04-21 18:46 2316712 ----a-w- c:\windows\system32\Incinerator.dll
2010-04-29 21:17 . 2010-01-28 22:13 30208 ----a-w- c:\windows\system32\iolobtdfg.exe
2010-04-29 21:17 . 2010-01-28 22:13 12288 ----a-w- c:\windows\system32\smrgdf.exe
2010-04-29 21:16 . 2010-04-29 21:16 -------- d-----w- c:\program files\iolo
2010-04-29 21:14 . 2010-04-29 21:14 74703 ----a-w- c:\windows\system32\mfc45.dll
2010-04-29 21:12 . 2010-05-01 22:14 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\iolo
2010-04-29 21:12 . 2010-04-29 21:25 -------- d-----w- c:\documents and settings\All Users\Application Data\iolo
2010-04-29 16:10 . 2004-08-04 02:41 11868 ------w- c:\windows\system32\drivers\mdmxsdk.sys
2010-04-29 16:10 . 2004-08-04 02:41 1041536 ------w- c:\windows\system32\drivers\hsfdpsp2.sys
2010-04-29 16:10 . 2004-08-04 02:41 685056 ------w- c:\windows\system32\drivers\hsfcxts2.sys
2010-04-29 16:10 . 2004-08-04 02:41 220032 ------w- c:\windows\system32\drivers\hsfbs2s2.sys
2010-04-29 15:37 . 2009-12-31 16:50 353792 ------w- c:\windows\system32\dllcache\srv.sys
2010-04-29 15:37 . 2010-02-24 13:11 455680 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2010-04-29 15:35 . 2009-06-25 08:25 730112 ------w- c:\windows\system32\dllcache\lsasrv.dll
2010-04-29 15:35 . 2009-02-09 12:10 714752 ------w- c:\windows\system32\dllcache\ntdll.dll
2010-04-29 15:35 . 2010-02-16 14:08 2146304 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-04-29 15:35 . 2010-02-17 13:10 2189952 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-04-29 15:35 . 2010-02-16 13:25 2024448 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-04-29 15:34 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2010-04-29 15:34 . 2008-04-11 19:04 691712 ------w- c:\windows\system32\dllcache\inetcomm.dll
2010-04-29 15:32 . 2008-10-15 16:34 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2010-04-28 20:42 . 2010-04-28 20:43 -------- d-----w- c:\program files\SIW
2010-04-27 17:27 . 2010-04-27 17:27 -------- d-----w- c:\documents and settings\Administrator\Application Data\PlayFirst
2010-04-27 13:37 . 2010-04-27 13:37 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-04-27 02:20 . 2010-04-27 02:29 -------- d-----w- c:\program files\WhatsRunning
2010-04-27 02:04 . 2010-04-27 02:04 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-04-27 02:03 . 2010-04-27 02:03 -------- d-----w- c:\program files\Common Files\Windows Live
2010-04-26 18:54 . 2010-05-06 20:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-26 18:54 . 2010-05-06 20:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-26 18:54 . 2010-05-06 20:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-26 18:54 . 2010-05-06 20:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-26 18:54 . 2010-05-06 20:33 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-26 18:54 . 2010-05-06 20:33 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-26 18:54 . 2010-05-06 20:33 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-26 18:53 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-26 18:53 . 2010-04-14 16:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-26 18:53 . 2010-04-26 18:53 -------- d-----w- c:\program files\Alwil Software
2010-04-26 18:53 . 2010-04-26 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-04-25 19:54 . 2010-04-25 19:54 -------- d-----w- c:\program files\Common Files\supportsoft
2010-04-25 02:20 . 2010-04-29 21:52 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\System Tweaker
2010-04-24 21:25 . 2010-04-24 21:25 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\JoyBits
2010-04-18 22:43 . 2010-04-18 22:43 -------- dc----w- C:\Intel
2010-04-18 22:41 . 2010-04-18 22:52 -------- dc----w- C:\HP Universal Print Driver PCL5 v5.0.1
2010-04-18 22:40 . 2010-04-18 22:40 -------- dc----w- C:\Compaq
2010-04-18 22:39 . 2010-04-18 22:39 -------- dc----w- C:\IBMTOOLS
2010-04-18 22:20 . 2010-04-19 03:44 -------- d-----w- c:\program files\MouseWare
2010-04-18 22:19 . 2010-04-18 22:19 -------- dc----w- C:\SWSetup
2010-04-18 22:15 . 2010-04-18 22:15 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\DeviceDoctorSoftware
2010-04-18 22:15 . 2010-04-18 22:15 -------- d-----w- c:\program files\Device Doctor
2010-04-16 21:58 . 2010-05-08 21:57 -------- d-----w- c:\windows\system32\NtmsData

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-14 01:00 . 2006-01-14 16:42 -------- d-----w- c:\program files\CyberPower PowerPanel Personal Edition
2010-05-13 22:09 . 2005-12-30 21:05 61456 ----a-w- c:\documents and settings\MICHAEL ELLIOTT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-13 21:35 . 2005-08-16 10:41 89787 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-08 19:17 . 2007-04-15 21:06 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-05-08 19:13 . 2006-11-19 19:01 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-08 18:26 . 2009-10-01 22:35 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\ERS G-Studio
2010-05-07 22:16 . 2009-08-13 21:23 -------- d-----w- c:\program files\LeeGTs Games
2010-05-05 21:45 . 2009-12-11 00:18 0 ----a-w- c:\documents and settings\MICHAEL ELLIOTT\Local Settings\Application Data\prvlcl.dat
2010-05-05 21:45 . 2009-12-03 21:18 0 ----a-w- c:\documents and settings\REGINA ELLIOTT\Local Settings\Application Data\prvlcl.dat
2010-05-01 03:20 . 2006-01-02 22:38 -------- d-----w- c:\program files\Shockwave.com
2010-05-01 02:41 . 2005-12-29 01:01 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-30 19:27 . 2010-04-29 23:42 1543 ----a-w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\iolo\restore.bat
2010-04-30 15:25 . 2008-07-24 02:34 -------- d-----w- c:\program files\Windows Desktop Search
2010-04-30 15:15 . 2008-07-12 21:38 -------- d-----w- c:\program files\Windows Live Safety Center
2010-04-30 00:34 . 2010-04-30 00:34 518 ----a-w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\iolo\Registry\Last\restore.bat
2010-04-29 21:52 . 2007-12-17 18:06 -------- d-----w- c:\program files\FlashGet
2010-04-29 21:52 . 2006-03-01 03:06 -------- d-----w- c:\program files\Support Tools
2010-04-29 21:52 . 2006-02-20 01:07 -------- d-----w- c:\program files\UHS
2010-04-26 21:06 . 2010-04-29 21:13 19552856 ----a-w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\iolo\Installers\SystemMechanic.exe
2010-04-26 20:16 . 2008-09-06 00:59 -------- d-----w- c:\program files\CCleaner
2010-04-26 00:11 . 2009-04-16 20:14 117760 ----a-w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-25 19:56 . 2010-04-10 22:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Dell
2010-04-25 19:54 . 2010-04-10 22:03 -------- d-----w- c:\program files\Dell Support Center
2010-04-21 00:11 . 2006-02-20 02:29 3350 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-04-21 00:11 . 2006-04-02 19:13 88 --sh--r- c:\windows\system32\8901B2EDF5.sys
2010-04-19 03:44 . 2010-04-19 03:44 -------- d-----w- c:\program files\Common Files\Logitech
2010-04-18 22:44 . 2005-12-29 01:01 -------- d-----w- c:\program files\Intel
2010-04-17 20:10 . 2007-05-23 02:23 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2010-04-17 19:54 . 2010-02-06 18:19 -------- d-----w- c:\program files\Games
2010-04-12 02:42 . 2009-06-05 22:51 -------- d-----w- c:\program files\QuickTime
2010-04-12 02:40 . 2007-12-19 03:20 -------- d-----w- c:\program files\Common Files\Apple
2010-04-10 22:04 . 2010-04-10 22:04 -------- d-----w- c:\documents and settings\All Users\Application Data\SupportSoft
2010-04-10 22:04 . 2010-04-10 22:04 -------- d-----w- c:\documents and settings\All Users\Application Data\PCDr
2010-04-10 02:09 . 2010-04-10 02:09 -------- d-----w- c:\documents and settings\All Users\Application Data\AlawarWrapper
2010-04-10 00:06 . 2008-08-02 16:19 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\PlayFirst
2010-04-10 00:03 . 2007-03-10 17:27 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\iWin
2010-04-10 00:02 . 2008-05-09 13:45 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Games
2010-04-10 00:01 . 2007-03-11 20:50 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\funkitron
2010-04-09 23:59 . 2008-02-23 20:24 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\dvdcss
2010-04-09 23:59 . 2008-10-16 22:20 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Dragon Altar Games
2010-04-09 23:58 . 2008-12-22 22:47 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Cat's Eye Games
2010-04-09 23:58 . 2009-01-24 20:58 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\BigFishv1002
2010-04-09 23:57 . 2008-11-16 22:28 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Artogon
2010-04-09 23:52 . 2009-04-11 20:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games
2010-04-09 23:50 . 2006-01-29 02:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Oberon Media
2010-04-09 23:44 . 2009-01-04 19:25 -------- d-----w- c:\documents and settings\All Users\Application Data\blg
2010-04-09 23:16 . 2008-06-17 17:34 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-09 01:25 . 2008-09-06 02:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-04-09 00:44 . 2010-04-07 18:49 1100 ----a-w- c:\windows\system32\d3d8caps.dat
2010-04-09 00:44 . 2010-04-09 00:44 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-04-07 22:00 . 2005-12-29 01:09 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-07 21:58 . 2005-12-29 01:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-04-07 19:55 . 2010-04-07 19:55 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Developer
2010-04-07 00:09 . 2010-03-30 21:39 -------- d-----w- c:\program files\AOL Toolbar
2010-04-07 00:09 . 2007-06-11 01:01 -------- d-----w- c:\program files\bfgclient
2010-04-05 22:57 . 2006-03-01 06:30 61456 ----a-w- c:\documents and settings\ADRIENNE ELLIOTT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-04 23:59 . 2005-12-30 20:42 61456 ----a-w- c:\documents and settings\REGINA ELLIOTT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-04 22:57 . 2010-04-04 22:57 -------- d-----w- c:\program files\Reference Assemblies
2010-04-04 21:24 . 2010-04-04 21:24 3584 ----a-r- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2010-04-04 21:24 . 2010-04-04 21:24 -------- d-----w- c:\program files\Windows Installer Clean Up
2010-04-04 21:24 . 2009-11-07 08:53 -------- d-----w- c:\program files\MSECache
2010-04-03 02:57 . 2010-04-03 02:57 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Malwarebytes
2010-04-03 02:56 . 2010-04-03 02:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-03 02:39 . 2010-03-06 04:46 52224 ----a-w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-02 22:18 . 2010-04-02 22:18 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Ghost Ship Studios
2010-03-30 21:39 . 2010-03-30 21:39 -------- d-----w- c:\program files\Common Files\Software Update Utility
2010-03-29 02:55 . 2010-01-24 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Particles
2010-03-29 02:55 . 2010-03-29 02:55 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Specialbit
2010-03-26 23:40 . 2010-03-26 23:40 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Mariaglorum
2010-03-25 22:11 . 2010-03-25 21:33 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Magic3
2010-03-20 21:18 . 2009-10-22 22:34 -------- d-----w- c:\documents and settings\MICHAEL ELLIOTT\Application Data\Merscom
2010-03-20 21:18 . 2009-10-22 22:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom
2010-03-12 23:06 . 2010-03-12 23:06 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-03-12 23:06 . 2010-03-12 23:06 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-03-12 23:06 . 2010-03-12 23:05 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-03-12 23:05 . 2010-03-12 23:05 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-03-12 23:05 . 2010-03-12 23:05 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-03-12 23:05 . 2010-03-12 23:05 300616 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-03-12 23:05 . 2010-03-12 23:05 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-03-12 23:05 . 2010-03-12 23:05 329312 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-03-12 21:47 . 2010-03-12 21:47 102400 ----a-w- c:\documents and settings\All Users\Application Data\AOL Toolbar\ieToolbar\resources\en-US\aoltbres.dll
2010-03-10 06:15 . 2005-08-16 10:18 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:24 . 2005-08-16 10:18 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 14:16 . 2009-10-03 01:37 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-24 13:11 . 2010-05-12 21:51 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-19 00:17 . 2010-02-19 00:17 27 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_6BBFDF96D153C8B4988D68D79C0D2A4A.dll
2010-02-19 00:17 . 2010-02-19 00:17 148 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_86F7CCC4734A95548A045F0E01399415.dll
2010-02-19 00:17 . 2010-02-19 00:17 122 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9D1D7EAC497396144BDD69A4BD5C43EE.dll
2010-02-19 00:17 . 2010-02-19 00:17 220 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_44858835406280C4F976D19D7CD05831.dll
2010-02-19 00:17 . 2010-02-19 00:17 594 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_1B902C5BBDD824645A3773B5595141BC.dll
2010-02-19 00:17 . 2010-02-19 00:17 58 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_211951C3B47555243B3E344B1F5D7306.dll
2010-02-19 00:17 . 2010-02-19 00:17 316 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0D756077321A70C3E844C138CE981581.dll
2010-02-19 00:17 . 2010-02-19 00:17 31 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_1881ED2242D918945BCCCEE7F9F2D425.dll
2010-02-19 00:17 . 2010-02-19 00:17 141 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_346CD36858D4637489C5E29E64C547AE.dll
2010-02-19 00:17 . 2010-02-19 00:17 139 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_1FBBCDDC3072CB6439B8CB8CA1E1AEAA.dll
2010-02-19 00:17 . 2010-02-19 00:17 423 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_00002109020090400000000000F01FEC.dll
2010-02-16 14:08 . 2010-05-12 21:51 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2010-05-12 21:51 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2008-03-09 18:07 . 2008-03-09 18:07 0 ----a-w- c:\program files\temp01
2006-07-01 21:52 . 2006-07-01 21:53 774144 ----a-w- c:\program files\RngInterstitial.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PowerPanel Personal Edition User Interaction"="c:\program files\CyberPower PowerPanel Personal Edition\pppeuser.exe" [2005-05-09 262144]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 71216]
"HostManager"="c:\program files\Common Files\AOL\1170456750\ee\AOLSoftware.exe" [2007-10-08 41824]
"Logitech Utility"="Logi_MwX.Exe" [2003-03-04 19968]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-07-08 7110656]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-06-10 249856]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleStartMenu"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-21 01:17 352256 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck smrgdf c:\documents and settings\MICHAEL ELLIOTT\Application Data\iolo

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^MICHAEL ELLIOTT^Start Menu^Programs^Startup^AOL Desktop.lnk]
backup=c:\windows\pss\AOL Desktop.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^MICHAEL ELLIOTT^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
backup=c:\windows\pss\Quicken Scheduled Updates.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2006-02-09 22:34 106496 ----a-w- c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2005-05-15 08:04 332800 ----a-w- c:\program files\Dell Support\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-04-28 18:34 53248 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2005-12-29 01:14 168448 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2007-12-11 17:10 267048 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
2006-09-18 18:46 8192 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
2006-09-18 18:46 110592 ----a-w- c:\program files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
2003-11-17 16:10 86016 ----a-w- c:\progra~1\MODEMO~1\moh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2005-07-08 22:57 7110656 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 01:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-06-14 23:33 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-12 23:03 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-10-19 00:05 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1170456750\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\1170456750\\ee\\AOLDesktop.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\ehome\\ehshell.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4/26/2010 2:54 PM 164048]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5/28/2008 10:33 AM 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/28/2008 10:33 AM 55024]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4/26/2010 2:54 PM 19024]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [4/29/2010 5:19 PM 704432]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [4/29/2010 5:19 PM 704432]
R3 Angel;Angel MPEG Device;c:\windows\system32\drivers\Angel.sys [12/28/2005 8:39 PM 375936]
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;\??\c:\documents and settings\MICHAEL ELLIOTT\My Documents\My Videos\games\VMLaunch\BuddyVM.sys --> c:\documents and settings\MICHAEL ELLIOTT\My Documents\My Videos\games\VMLaunch\BuddyVM.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/28/2008 10:33 AM 7408]
.
Contents of the 'Scheduled Tasks' folder

2010-04-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-05-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1335557147-534332963-624509898-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 03:09]

2010-05-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1335557147-534332963-624509898-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 03:09]

2010-05-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1335557147-534332963-624509898-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 03:09]

2010-05-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1335557147-534332963-624509898-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 03:09]

2010-05-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1335557147-534332963-624509898-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 03:09]

2010-05-13 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1335557147-534332963-624509898-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 03:09]

2010-05-12 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1335557147-534332963-624509898-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 03:09]

2010-05-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1335557147-534332963-624509898-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 03:09]

2010-05-14 c:\windows\Tasks\User_Feed_Synchronization-{6DE32CB2-CAC5-4723-96B0-FA6C1388C9C5}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://my.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex}&startPage={startPage}
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AOL Toolbar Search
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
Trusted Zone: musicmatch.com\online
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game05.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\documents and settings\MICHAEL ELLIOTT\Application Data\Mozilla\Firefox\Profiles\kvnxm999.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\MICHAEL ELLIOTT\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, falsec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Explorer_Run-NoActiveDesktopChanges - (no file)
HKLM-Explorer_Run-NoActiveDesktop - (no file)
HKLM-Explorer_Run-NoSaveSettings - (no file)
HKLM-Explorer_Run-ClassicShell - (no file)
SafeBoot-MsMpSvc



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-13 21:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8659FB98]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf75d6f28
\Driver\ACPI -> ACPI.sys @ 0xf7469cb8
\Driver\atapi -> sfsync02.sys @ 0xf7822d60
\Driver\iaStor -> 0x8659fb98
IoDeviceObjectType -> ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Intel® PRO/1000 PL Network Connection -> SendCompleteHandler -> 0x85cd9330
PacketIndicateHandler -> NDIS.sys @ 0xf7216a21
SendHandler -> NDIS.sys @ 0xf71f487b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(584)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(1740)
c:\windows\system32\WININET.dll
c:\program files\Common Files\AOL\ACS\WLHook.dll
c:\program files\MouseWare\System\LgWndHk.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\system32\dllhost.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Intel\Intel Matrix Storage Manager\iaantmon.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\program files\CyberPower PowerPanel Personal Edition\ppped.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\wanmpsvc.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\MouseWare\system\em_exec.exe
c:\windows\stsystra.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-05-13 21:07:42 - machine was rebooted
ComboFix-quarantined-files.txt 2010-05-14 01:07
ComboFix2.txt 2010-05-13 22:43
ComboFix3.txt 2010-05-11 02:35
ComboFix4.txt 2010-05-10 22:56

Pre-Run: 47,509,733,376 bytes free
Post-Run: 47,479,529,472 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - A65162FA26CB1DF84485BDB608025977
  • 0

#18
emeraldnzl
Posted 13 May 2010 - 07:35 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello MEUNCFREE,
  • Double click on the OTL icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • Under the Custom Scan box paste this in:




    /md5start
    CLASSPNP.SYS
    ACPI.sys
    sfsync02.sys
    atapi.sys
    iaStor.sys
    disk.sys
    /md5stop

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open a notepad window, OTL.txt. This is saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of the file and paste it into your reply.
  • 0

#19
MEUNCFREE
Posted 13 May 2010 - 07:50 PM

MEUNCFREE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Here is OTL log, sir.

OTL logfile created on: 5/13/2010 9:42:28 PM - Run 3
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\MICHAEL ELLIOTT\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 532.00 Mb Available Physical Memory | 52.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 10000D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.08 Gb Total Space | 44.18 Gb Free Space | 41.26% Space Free | Partition Type: NTFS
Drive D: | 37.23 Gb Total Space | 5.73 Gb Free Space | 15.39% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ELLIOTT
Current User Name: MICHAEL ELLIOTT
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/08 20:44:28 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\OTL.exe
PRC - [2010/05/06 16:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/04/21 14:34:14 | 000,704,432 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2009/06/03 14:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/08 17:50:56 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1170456750\ee\aolsoftware.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2005/11/04 10:21:28 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2005/06/17 09:56:14 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2005/06/17 09:55:58 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2005/05/09 15:40:26 | 000,262,144 | ---- | M] () -- C:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe
PRC - [2005/05/06 16:12:22 | 000,466,944 | ---- | M] () -- C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
PRC - [2005/03/23 02:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2003/08/27 12:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2003/03/19 09:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\MouseWare\system\EM_EXEC.EXE


========== Modules (SafeList) ==========

MOD - [2010/05/08 20:44:28 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\OTL.exe
MOD - [2008/04/13 20:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2003/03/19 09:50:00 | 000,023,552 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL
MOD - [2003/03/19 09:50:00 | 000,006,144 | ---- | M] (Logitech Inc.) -- C:\Program Files\MouseWare\system\LgWndHk.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/21 14:34:14 | 000,704,432 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2010/04/21 14:34:14 | 000,704,432 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2009/11/13 16:13:04 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/03 14:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2005/11/04 10:21:28 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2005/06/17 09:55:58 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel®
SRV - [2005/05/06 16:12:22 | 000,466,944 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe -- (ppped)
SRV - [2003/08/27 12:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2003/03/09 16:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010/05/06 16:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 16:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/06 16:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 16:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/05/06 16:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/06 16:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/12/02 15:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2008/05/28 10:33:38 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/05/28 10:33:36 | 000,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/05/28 10:33:36 | 000,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 14:36:38 | 000,020,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidbatt.sys -- (HidBatt)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/07/30 13:29:03 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2005/11/04 10:20:40 | 000,303,735 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/08/18 19:22:30 | 000,110,080 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005/07/08 18:57:00 | 003,198,304 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/06/17 14:33:40 | 000,872,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iastor.sys -- (iastor)
DRV - [2005/06/15 00:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2005/05/31 06:33:00 | 000,100,605 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2005/05/31 06:33:00 | 000,098,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2005/05/31 06:33:00 | 000,086,876 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2005/05/31 06:33:00 | 000,034,845 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2005/05/31 06:33:00 | 000,025,725 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2005/05/31 06:33:00 | 000,015,069 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2005/05/31 06:33:00 | 000,006,365 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2005/05/31 06:33:00 | 000,004,125 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2005/05/31 06:33:00 | 000,002,241 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2005/05/17 04:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/05/13 11:37:28 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2005/05/13 11:37:20 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2005/04/22 04:22:00 | 000,088,352 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2005/04/21 03:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2005/04/01 01:04:52 | 000,180,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2005/02/25 02:20:02 | 000,375,936 | ---- | M] (Emuzed, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Angel.sys -- (Angel)
DRV - [2004/11/29 14:14:30 | 000,019,648 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004/11/25 12:41:08 | 000,046,080 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004/10/28 06:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/10 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/06/16 05:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 12:12:44 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/06 06:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 06:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 06:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/03/04 02:50:00 | 000,073,134 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/03/04 02:50:00 | 000,037,804 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsb.sys -- (LHidUsb)
DRV - [2003/03/04 02:50:00 | 000,025,214 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003/03/04 02:50:00 | 000,014,348 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LCcfltr.sys -- (LCcfltr)
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 15:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...age={startPage}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.2
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.9
FF - prefs.js..extensions.enabledItems: {7affbfae-c4e2-4915-8c0f-00fa3ec610a1}:5.74.1.5341
FF - prefs.js..network.proxy.type: 4


FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/12 19:05:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/29 13:24:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/29 13:24:37 | 000,000,000 | ---D | M]

[2009/09/05 14:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\Mozilla\Extensions
[2010/05/13 19:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\Mozilla\Firefox\Profiles\kvnxm999.default\extensions
[2009/09/05 16:30:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\Mozilla\Firefox\Profiles\kvnxm999.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/17 20:32:43 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\Mozilla\Firefox\Profiles\kvnxm999.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/03/30 17:39:36 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\Mozilla\Firefox\Profiles\kvnxm999.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2010/03/26 20:23:50 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\Mozilla\Firefox\Profiles\kvnxm999.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/03/17 19:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\Mozilla\Firefox\Profiles\kvnxm999.default\extensions\[email protected]
[2010/03/30 17:41:08 | 000,002,341 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\Mozilla\Firefox\Profiles\kvnxm999.default\searchplugins\aol-search.xml
[2010/04/04 19:25:04 | 000,001,820 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\Mozilla\Firefox\Profiles\kvnxm999.default\searchplugins\bing.xml
[2010/05/13 19:19:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/05/13 21:00:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - No CLSID value found.
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1170456750\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [PowerPanel Personal Edition User Interaction] C:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - Reg Error: Key error. File not found
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} http://support.f-sec...m/ols/fscax.cab (F-Secure Online Scanner 3.1)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (YInstStarter Class)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} https://fixit.suppor...FixItClient.CAB (FixItClient Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1136063441875 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...ctDetection.cab (GMNRev Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://www.shockwave...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.h...nosticsxp2k.cab (DDRevision Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game05.zylom....gamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540022} http://download.macr...ash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.178.162.3 24.177.176.38 24.217.0.5
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\MICHAEL ELLIOTT\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\MICHAEL ELLIOTT\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 06:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\iolo) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/05/13 17:49:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/05/13 17:26:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/05/12 17:52:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2010/05/12 17:52:45 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\secedit.exe
[2010/05/12 17:52:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2010/05/12 17:52:43 | 002,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2010/05/12 17:52:43 | 001,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2010/05/12 17:52:43 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/05/12 17:52:43 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2010/05/12 17:52:43 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2010/05/12 17:52:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2010/05/12 17:52:43 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2010/05/12 17:52:43 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2010/05/12 17:52:43 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2010/05/12 17:52:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2010/05/12 17:52:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2010/05/12 17:52:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/05/12 17:52:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/05/12 17:52:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprpres.dll
[2010/05/12 17:52:42 | 000,848,384 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir41_32.ax
[2010/05/12 17:52:42 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2010/05/12 17:52:42 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2010/05/12 17:52:42 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2010/05/12 17:52:42 | 000,199,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iac25_32.ax
[2010/05/12 17:52:42 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2010/05/12 17:52:42 | 000,154,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ivfsrc.ax
[2010/05/12 17:52:42 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2010/05/12 17:52:42 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2010/05/12 17:52:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2010/05/12 17:52:42 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2010/05/12 17:52:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2010/05/12 17:52:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2010/05/12 17:52:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2010/05/12 17:52:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2010/05/12 17:52:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2010/05/12 17:52:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2010/05/12 17:52:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2010/05/12 17:52:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2010/05/12 17:52:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2010/05/12 17:52:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2010/05/12 17:52:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2010/05/12 17:52:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2010/05/12 17:52:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2010/05/12 17:52:41 | 001,647,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2010/05/12 17:52:41 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2010/05/12 17:52:41 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010/05/12 17:52:41 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2010/05/12 17:52:41 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2010/05/12 17:52:41 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/05/12 17:52:41 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2010/05/12 17:52:41 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2010/05/12 17:52:41 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2010/05/12 17:52:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/05/12 17:52:41 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2010/05/12 17:52:41 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2010/05/12 17:52:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010/05/12 17:52:41 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2010/05/12 17:52:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2010/05/12 17:52:41 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2010/05/12 17:52:37 | 000,144,384 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2010/05/12 17:52:37 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2010/05/12 17:52:36 | 002,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2010/05/12 17:52:36 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpcdll.dll
[2010/05/12 17:52:36 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010/05/12 17:52:36 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pidgen.dll
[2010/05/12 17:52:35 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2010/05/12 17:52:34 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2010/05/12 17:52:33 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2010/05/12 17:52:33 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2010/05/12 17:52:33 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2010/05/12 17:52:33 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2010/05/12 17:52:33 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2010/05/12 17:52:33 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010/05/12 17:52:32 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\appmgr.dll
[2010/05/12 17:52:32 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2010/05/12 17:52:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bootcfg.exe
[2010/05/12 17:52:32 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fde.dll
[2010/05/12 17:52:32 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsnw.dll
[2010/05/12 17:52:32 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventtriggers.exe
[2010/05/12 17:52:32 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2010/05/12 17:52:32 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fdeploy.dll
[2010/05/12 17:52:32 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\driverquery.exe
[2010/05/12 17:52:32 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getmac.exe
[2010/05/12 17:52:32 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cipher.exe
[2010/05/12 17:52:32 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventcreate.exe
[2010/05/12 17:52:32 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_fmt.exe
[2010/05/12 17:52:32 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\efsadu.dll
[2010/05/12 17:52:31 | 001,200,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe
[2010/05/12 17:52:31 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsecedit.dll
[2010/05/12 17:52:31 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpedit.dll
[2010/05/12 17:52:31 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracerpt.exe
[2010/05/12 17:52:31 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gptext.dll
[2010/05/12 17:52:31 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
[2010/05/12 17:52:31 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpresult.exe
[2010/05/12 17:52:31 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsnotify.exe
[2010/05/12 17:52:31 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe
[2010/05/12 17:52:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2010/05/12 17:52:31 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\taskkill.exe
[2010/05/12 17:52:31 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\systeminfo.exe
[2010/05/12 17:52:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\openfiles.exe
[2010/05/12 17:52:31 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwapi32.dll
[2010/05/12 17:52:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntadmn.exe
[2010/05/12 17:52:31 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2010/05/12 17:52:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2010/05/12 17:52:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsvrp.dll
[2010/05/12 17:52:23 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/05/12 17:52:17 | 001,033,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2010/05/12 17:52:17 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe
[2010/05/12 17:52:17 | 000,050,688 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twain_32.dll
[2010/05/12 17:52:16 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsnt.dll
[2010/05/12 17:52:16 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\activeds.dll
[2010/05/12 17:52:16 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/05/12 17:52:16 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldp.dll
[2010/05/12 17:52:16 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldpc.dll
[2010/05/12 17:52:16 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aclui.dll
[2010/05/12 17:52:16 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\actxprxy.dll
[2010/05/12 17:52:16 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/05/12 17:52:16 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsmsext.dll
[2010/05/12 17:52:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\actmovie.exe
[2010/05/12 17:52:15 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autofmt.exe
[2010/05/12 17:52:15 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asctrls.ocx
[2010/05/12 17:52:15 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2010/05/12 17:52:15 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll
[2010/05/12 17:52:15 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browsewm.dll
[2010/05/12 17:52:15 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asycfilt.dll
[2010/05/12 17:52:15 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browselc.dll
[2010/05/12 17:52:15 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cabinet.dll
[2010/05/12 17:52:15 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\basesrv.dll
[2010/05/12 17:52:15 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batmeter.dll
[2010/05/12 17:52:15 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2010/05/12 17:52:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bidispl.dll
[2010/05/12 17:52:15 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2010/05/12 17:52:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autolfn.exe
[2010/05/12 17:52:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atmadm.exe
[2010/05/12 17:52:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/05/12 17:52:14 | 002,091,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdosys.dll
[2010/05/12 17:52:14 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/05/12 17:52:14 | 000,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\certmgr.dll
[2010/05/12 17:52:14 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/05/12 17:52:14 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\certcli.dll
[2010/05/12 17:52:14 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capesnpn.dll
[2010/05/12 17:52:14 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cic.dll
[2010/05/12 17:52:14 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/05/12 17:52:14 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/05/12 17:52:14 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/05/12 17:52:14 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.dll
[2010/05/12 17:52:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ciodm.dll
[2010/05/12 17:52:14 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cleanmgr.exe
[2010/05/12 17:52:14 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\camocx.dll
[2010/05/12 17:52:14 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/05/12 17:52:14 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.rll
[2010/05/12 17:52:14 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2010/05/12 17:52:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgmgr32.dll
[2010/05/12 17:52:13 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/05/12 17:52:13 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/05/12 17:52:13 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdial32.dll
[2010/05/12 17:52:13 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\compstui.dll
[2010/05/12 17:52:13 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/05/12 17:52:13 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/05/12 17:52:13 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/05/12 17:52:13 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmstp.exe
[2010/05/12 17:52:13 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/05/12 17:52:13 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clusapi.dll
[2010/05/12 17:52:13 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmmon32.exe
[2010/05/12 17:52:13 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmutil.dll
[2010/05/12 17:52:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/05/12 17:52:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2010/05/12 17:52:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmcfg32.dll
[2010/05/12 17:52:12 | 001,179,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll
[2010/05/12 17:52:12 | 000,824,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll
[2010/05/12 17:52:12 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\confmsp.dll
[2010/05/12 17:52:12 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\datime.dll
[2010/05/12 17:52:12 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credui.dll
[2010/05/12 17:52:12 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\daxctle.ocx
[2010/05/12 17:52:12 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cscript.exe
[2010/05/12 17:52:12 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdlg.dll
[2010/05/12 17:52:12 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dataclen.dll
[2010/05/12 17:52:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2010/05/12 17:52:12 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdll.dll
[2010/05/12 17:52:12 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2010/05/12 17:52:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\davclnt.dll
[2010/05/12 17:52:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll
[2010/05/12 17:52:11 | 000,640,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbghelp.dll
[2010/05/12 17:52:11 | 000,379,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpmon.dll
[2010/05/12 17:52:11 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devmgr.dll
[2010/05/12 17:52:11 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll
[2010/05/12 17:52:11 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput8.dll
[2010/05/12 17:52:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diskpart.exe
[2010/05/12 17:52:11 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput.dll
[2010/05/12 17:52:11 | 000,124,416 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgui.dll
[2010/05/12 17:52:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnetlib.dll
[2010/05/12 17:52:11 | 000,105,472 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2010/05/12 17:52:11 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diantz.exe
[2010/05/12 17:52:11 | 000,082,944 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2010/05/12 17:52:11 | 000,039,424 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgsnap.dll
[2010/05/12 17:52:11 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dispex.dll
[2010/05/12 17:52:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeshare.exe
[2010/05/12 17:52:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnmpntw.dll
[2010/05/12 17:52:11 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll
[2010/05/12 17:52:11 | 000,025,088 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2010/05/12 17:52:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsrpcn.dll
[2010/05/12 17:52:11 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dciman32.dll
[2010/05/12 17:52:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/05/12 17:52:10 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2010/05/12 17:52:10 | 000,285,184 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdlgs.dll
[2010/05/12 17:52:10 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll
[2010/05/12 17:52:10 | 000,200,704 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdskmgr.dll
[2010/05/12 17:52:10 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll
[2010/05/12 17:52:10 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll
[2010/05/12 17:52:10 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll
[2010/05/12 17:52:10 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll
[2010/05/12 17:52:10 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll
[2010/05/12 17:52:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll
[2010/05/12 17:52:10 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2010/05/12 17:52:10 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll
[2010/05/12 17:52:10 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2010/05/12 17:52:10 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2010/05/12 17:52:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll
[2010/05/12 17:52:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll
[2010/05/12 17:52:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll
[2010/05/12 17:52:10 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2010/05/12 17:52:10 | 000,015,872 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
[2010/05/12 17:52:10 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2010/05/12 17:52:10 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2010/05/12 17:52:09 | 001,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll
[2010/05/12 17:52:09 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll
[2010/05/12 17:52:09 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll
[2010/05/12 17:52:09 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\duser.dll
[2010/05/12 17:52:09 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll
[2010/05/12 17:52:09 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll
[2010/05/12 17:52:09 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2010/05/12 17:52:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprop.dll
[2010/05/12 17:52:09 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dssenh.dll
[2010/05/12 17:52:09 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll
[2010/05/12 17:52:09 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dskquota.dll
[2010/05/12 17:52:09 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2010/05/12 17:52:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll
[2010/05/12 17:52:09 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll
[2010/05/12 17:52:09 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll
[2010/05/12 17:52:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dvdupgrd.exe
[2010/05/12 17:52:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ds32gt.dll
[2010/05/12 17:52:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drprov.dll
[2010/05/12 17:52:08 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2010/05/12 17:52:08 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll
[2010/05/12 17:52:08 | 001,082,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent.dll
[2010/05/12 17:52:08 | 000,380,445 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\expsrv.dll
[2010/05/12 17:52:08 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\filemgmt.dll
[2010/05/12 17:52:08 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2010/05/12 17:52:08 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\els.dll
[2010/05/12 17:52:08 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\exts.dll
[2010/05/12 17:52:08 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fldrclnr.dll
[2010/05/12 17:52:08 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2010/05/12 17:52:08 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faultrep.dll
[2010/05/12 17:52:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventlog.dll
[2010/05/12 17:52:08 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\findstr.exe
[2010/05/12 17:52:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\extrac32.exe
[2010/05/12 17:52:08 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\feclient.dll
[2010/05/12 17:52:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2010/05/12 17:52:08 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\framebuf.dll
[2010/05/12 17:52:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2010/05/12 17:52:07 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h323msp.dll
[2010/05/12 17:52:07 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsst.dll
[2010/05/12 17:52:07 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhctrl.ocx
[2010/05/12 17:52:07 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsapi.dll
[2010/05/12 17:52:07 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsxp32.dll
[2010/05/12 17:52:07 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxstiff.dll
[2010/05/12 17:52:07 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscomex.dll
[2010/05/12 17:52:07 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h323.tsp
[2010/05/12 17:52:07 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxst30.dll
[2010/05/12 17:52:07 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe
[2010/05/12 17:52:07 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxswzrd.dll
[2010/05/12 17:52:07 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hdwwiz.cpl
[2010/05/12 17:52:07 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsui.dll
[2010/05/12 17:52:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2010/05/12 17:52:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\glu32.dll
[2010/05/12 17:52:07 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscom.dll
[2010/05/12 17:52:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsevent.dll
[2010/05/12 17:52:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\grpconv.exe
[2010/05/12 17:52:07 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsdrv.dll
[2010/05/12 17:52:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsmon.dll
[2010/05/12 17:52:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsext32.dll
[2010/05/12 17:52:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2010/05/12 17:52:07 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsperf.dll
[2010/05/12 17:52:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsres.dll
[2010/05/12 17:52:06 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/05/12 17:52:06 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetcfg.dll
[2010/05/12 17:52:06 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/05/12 17:52:06 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icm32.dll
[2010/05/12 17:52:06 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hotplug.dll
[2010/05/12 17:52:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ifmon.dll
[2010/05/12 17:52:06 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\idq.dll
[2010/05/12 17:52:06 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasrad.dll
[2010/05/12 17:52:06 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iexpress.exe
[2010/05/12 17:52:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/05/12 17:52:06 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/05/12 17:52:06 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hlink.dll
[2010/05/12 17:52:06 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/05/12 17:52:06 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\htui.dll
[2010/05/12 17:52:06 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhsetup.dll
[2010/05/12 17:52:06 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidphone.tsp
[2010/05/12 17:52:06 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hid.dll
[2010/05/12 17:52:06 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/05/12 17:52:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\igmpagnt.dll
[2010/05/12 17:52:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icmp.dll
[2010/05/12 17:52:05 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsmsnap.dll
[2010/05/12 17:52:05 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsecsnp.dll
[2010/05/12 17:52:05 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ippromon.dll
[2010/05/12 17:52:05 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprtrmgr.dll
[2010/05/12 17:52:05 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipmontr.dll
[2010/05/12 17:52:05 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\itircl.dll
[2010/05/12 17:52:05 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\initpki.dll
[2010/05/12 17:52:05 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\intl.cpl
[2010/05/12 17:52:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\input.dll
[2010/05/12 17:52:05 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iphlpapi.dll
[2010/05/12 17:52:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/05/12 17:52:05 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetpp.dll
[2010/05/12 17:52:05 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\joy.cpl
[2010/05/12 17:52:05 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6mon.dll
[2010/05/12 17:52:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2010/05/12 17:52:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ixsso.dll
[2010/05/12 17:52:05 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2010/05/12 17:52:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/05/12 17:52:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetmib1.dll
[2010/05/12 17:52:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxroute.exe
[2010/05/12 17:52:05 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxwan.dll
[2010/05/12 17:52:05 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconf.tsp
[2010/05/12 17:52:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetppui.dll
[2010/05/12 17:52:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec.dll
[2010/05/12 17:52:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2010/05/12 17:52:04 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licdll.dll
[2010/05/12 17:52:04 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localsec.dll
[2010/05/12 17:52:04 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2010/05/12 17:52:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\keymgr.dll
[2010/05/12 17:52:04 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdminst.dll
[2010/05/12 17:52:04 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\loadperf.dll
[2010/05/12 17:52:04 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciavi32.dll
[2010/05/12 17:52:04 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2010/05/12 17:52:04 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/05/12 17:52:04 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2010/05/12 17:52:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mf3216.dll
[2010/05/12 17:52:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmddsp.tsp
[2010/05/12 17:52:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciwave.dll
[2010/05/12 17:52:04 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciseq.dll
[2010/05/12 17:52:04 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcsubs.dll
[2010/05/12 17:52:04 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcastmib.dll
[2010/05/12 17:52:04 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localui.dll
[2010/05/12 17:52:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lprhelp.dll
[2010/05/12 17:52:04 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kd1394.dll
[2010/05/12 17:52:03 | 001,872,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcndmgr.dll
[2010/05/12 17:52:03 | 001,414,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2010/05/12 17:52:03 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mlang.dll
[2010/05/12 17:52:03 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4ds32.ax
[2010/05/12 17:52:03 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\moricons.dll
[2010/05/12 17:52:03 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcbase.dll
[2010/05/12 17:52:03 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\modemui.dll
[2010/05/12 17:52:03 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miglibnt.dll
[2010/05/12 17:52:03 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/05/12 17:52:03 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mimefilt.dll
[2010/05/12 17:52:03 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/05/12 17:52:03 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\more.com
[2010/05/12 17:52:02 | 002,843,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msi.dll
[2010/05/12 17:52:02 | 000,997,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msgina.dll
[2010/05/12 17:52:02 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/05/12 17:52:02 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/05/12 17:52:02 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msadds32.ax
[2010/05/12 17:52:02 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2010/05/12 17:52:02 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/05/12 17:52:02 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdart.dll
[2010/05/12 17:52:02 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/05/12 17:52:02 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprapi.dll
[2010/05/12 17:52:02 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscms.dll
[2010/05/12 17:52:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msacm32.dll
[2010/05/12 17:52:02 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/05/12 17:52:02 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msctfp.dll
[2010/05/12 17:52:02 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/05/12 17:52:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpxl32.dll
[2010/05/12 17:52:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdatsrc.tlb
[2010/05/12 17:52:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpx32r.dll
[2010/05/12 17:52:02 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msafd.dll
[2010/05/12 17:52:01 | 000,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimsg.dll
[2010/05/12 17:52:01 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/05/12 17:52:01 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msihnd.dll
[2010/05/12 17:52:01 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/05/12 17:52:01 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimtf.dll
[2010/05/12 17:52:01 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorcl32.dll
[2010/05/12 17:52:01 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx
[2010/05/12 17:52:01 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/05/12 17:52:01 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscds32.ax
[2010/05/12 17:52:01 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msident.dll
[2010/05/12 17:52:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msprivs.dll
[2010/05/12 17:52:01 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspatcha.dll
[2010/05/12 17:52:01 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorc32r.dll
[2010/05/12 17:52:01 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msisip.dll
[2010/05/12 17:52:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msidle.dll
[2010/05/12 17:52:00 | 001,384,479 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvbvm60.dll
[2010/05/12 17:52:00 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2010/05/12 17:52:00 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msutb.dll
[2010/05/12 17:52:00 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvfw32.dll
[2010/05/12 17:52:00 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstlsapi.dll
[2010/05/12 17:52:00 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/05/12 17:52:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msw3prt.dll
[2010/05/12 17:52:00 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxclu.dll
[2010/05/12 17:52:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrt40.dll
[2010/05/12 17:52:00 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcirt.dll
[2010/05/12 17:52:00 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ndptsp.tsp
[2010/05/12 17:52:00 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2010/05/12 17:52:00 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncobjapi.dll
[2010/05/12 17:52:00 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/05/12 17:52:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/05/12 17:52:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddenb32.dll
[2010/05/12 17:52:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapi.dll
[2010/05/12 17:52:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/05/12 17:52:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2010/05/12 17:52:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/05/12 17:51:59 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netcfgx.dll
[2010/05/12 17:51:59 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netlogon.dll
[2010/05/12 17:51:59 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2010/05/12 17:51:59 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\newdev.dll
[2010/05/12 17:51:59 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui1.dll
[2010/05/12 17:51:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netid.dll
[2010/05/12 17:51:59 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2010/05/12 17:51:59 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nlhtml.dll
[2010/05/12 17:51:59 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2010/05/12 17:51:59 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui0.dll
[2010/05/12 17:51:59 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2010/05/12 17:51:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2010/05/12 17:51:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/05/12 17:51:59 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netrap.dll
[2010/05/12 17:51:58 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\objsel.dll
[2010/05/12 17:51:58 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll
[2010/05/12 17:51:58 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nusrmgr.cpl
[2010/05/12 17:51:58 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32.dll
[2010/05/12 17:51:58 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsdba.dll
[2010/05/12 17:51:58 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.dll
[2010/05/12 17:51:58 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2010/05/12 17:51:58 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ocmanage.dll
[2010/05/12 17:51:58 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\npptools.dll
[2010/05/12 17:51:58 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlanman.dll
[2010/05/12 17:51:58 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsapi.dll
[2010/05/12 17:51:58 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.cpl
[2010/05/12 17:51:58 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2010/05/12 17:51:58 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcbcp.dll
[2010/05/12 17:51:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32gt.dll
[2010/05/12 17:51:58 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdmd.dll
[2010/05/12 17:51:57 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\opengl32.dll
[2010/05/12 17:51:57 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pdh.dll
[2010/05/12 17:51:57 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcjt32.dll
[2010/05/12 17:51:57 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2010/05/12 17:51:57 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offfilt.dll
[2010/05/12 17:51:57 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbctrac.dll
[2010/05/12 17:51:57 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oledlg.dll
[2010/05/12 17:51:57 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oleprn.dll
[2010/05/12 17:51:57 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.dll
[2010/05/12 17:51:57 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcint.dll
[2010/05/12 17:51:57 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecli32.dll
[2010/05/12 17:51:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pautoenr.dll
[2010/05/12 17:51:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.dll
[2010/05/12 17:51:57 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccu32.dll
[2010/05/12 17:51:57 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccr32.dll
[2010/05/12 17:51:57 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2010/05/12 17:51:57 | 000,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcji32.dll
[2010/05/12 17:51:57 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfdisk.dll
[2010/05/12 17:51:57 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odtext32.dll
[2010/05/12 17:51:57 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oddbse32.dll
[2010/05/12 17:51:57 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odpdx32.dll
[2010/05/12 17:51:57 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odfox32.dll
[2010/05/12 17:51:57 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odexl32.dll
[2010/05/12 17:51:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcp32r.dll
[2010/05/12 17:51:56 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.cpl
[2010/05/12 17:51:56 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2010/05/12 17:51:56 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\polstore.dll
[2010/05/12 17:51:56 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psbase.dll
[2010/05/12 17:51:56 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\proctexe.ocx
[2010/05/12 17:51:56 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2010/05/12 17:51:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorec.dll
[2010/05/12 17:51:56 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pid.dll
[2010/05/12 17:51:56 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfproc.dll
[2010/05/12 17:51:56 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorsvc.dll
[2010/05/12 17:51:56 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\profmap.dll
[2010/05/12 17:51:56 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfos.dll
[2010/05/12 17:51:56 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2010/05/12 17:51:56 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfnet.dll
[2010/05/12 17:51:56 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powrprof.dll
[2010/05/12 17:51:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2010/05/12 17:51:56 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pjlmon.dll
[2010/05/12 17:51:55 | 001,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\query.dll
[2010/05/12 17:51:55 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasppp.dll
[2010/05/12 17:51:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll
[2010/05/12 17:51:55 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/05/12 17:51:55 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcbdyctl.dll
[2010/05/12 17:51:55 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/05/12 17:51:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll
[2010/05/12 17:51:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/05/12 17:51:55 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/05/12 17:51:55 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2010/05/12 17:51:55 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2010/05/12 17:51:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/05/12 17:51:55 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2010/05/12 17:51:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2010/05/12 17:51:55 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/05/12 17:51:55 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/05/12 17:51:55 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/05/12 17:51:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rassapi.dll
[2010/05/12 17:51:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/05/12 17:51:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasadhlp.dll
[2010/05/12 17:51:54 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\riched20.dll
[2010/05/12 17:51:54 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsaenh.dll
[2010/05/12 17:51:54 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2010/05/12 17:51:54 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotesp.tsp
[2010/05/12 17:51:54 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\resutils.dll
[2010/05/12 17:51:54 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regapi.dll
[2010/05/12 17:51:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/05/12 17:51:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtutils.dll
[2010/05/12 17:51:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/05/12 17:51:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtipxmib.dll
[2010/05/12 17:51:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/05/12 17:51:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmps.dll
[2010/05/12 17:51:54 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2010/05/12 17:51:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2010/05/12 17:51:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2010/05/12 17:51:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2010/05/12 17:51:53 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scesrv.dll
[2010/05/12 17:51:53 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scecli.dll
[2010/05/12 17:51:53 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrobj.dll
[2010/05/12 17:51:53 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc_os.dll
[2010/05/12 17:51:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2010/05/12 17:51:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scarddlg.dll
[2010/05/12 17:51:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/05/12 17:51:53 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2010/05/12 17:51:53 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sendcmsg.dll
[2010/05/12 17:51:53 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2010/05/12 17:51:53 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2010/05/12 17:51:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sensapi.dll
[2010/05/12 17:51:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\security.dll
[2010/05/12 17:51:53 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.dll
[2010/05/12 17:51:52 | 001,614,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfcfiles.dll
[2010/05/12 17:51:52 | 000,549,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shdoclc.dll
[2010/05/12 17:51:52 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shgina.dll
[2010/05/12 17:51:52 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shfolder.dll
[2010/05/12 17:51:51 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/05/12 17:51:51 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.dll
[2010/05/12 17:51:51 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogcfg.dll
[2010/05/12 17:51:51 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/05/12 17:51:51 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpsnap.dll
[2010/05/12 17:51:51 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/05/12 17:51:51 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.rll
[2010/05/12 17:51:51 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\sl_anet.acm
[2010/05/12 17:51:51 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2010/05/12 17:51:51 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolss.dll
[2010/05/12 17:51:51 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2010/05/12 17:51:51 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2010/05/12 17:51:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2010/05/12 17:51:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2010/05/12 17:51:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2010/05/12 17:51:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpapi.dll
[2010/05/12 17:51:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simpdata.tlb
[2010/05/12 17:51:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigtab.dll
[2010/05/12 17:51:50 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sxs.dll
[2010/05/12 17:51:50 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2010/05/12 17:51:50 | 000,679,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2010/05/12 17:51:50 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2010/05/12 17:51:50 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2010/05/12 17:51:50 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysmon.ocx
[2010/05/12 17:51:50 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti_ci.dll
[2010/05/12 17:51:50 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti.dll
[2010/05/12 17:51:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/05/12 17:51:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2010/05/12 17:51:50 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2010/05/12 17:51:50 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssdpapi.dll
[2010/05/12 17:51:50 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2010/05/12 17:51:50 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2010/05/12 17:51:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2010/05/12 17:51:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stdole2.tlb
[2010/05/12 17:51:50 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2010/05/12 17:51:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2010/05/12 17:51:49 | 000,858,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi3.dll
[2010/05/12 17:51:49 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termmgr.dll
[2010/05/12 17:51:49 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tourstart.exe
[2010/05/12 17:51:49 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdm.tsp
[2010/05/12 17:51:49 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi32.dll
[2010/05/12 17:51:49 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2010/05/12 17:51:49 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2010/05/12 17:51:49 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\txflog.dll
[2010/05/12 17:51:49 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\timedate.cpl
[2010/05/12 17:51:49 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/05/12 17:51:49 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2010/05/12 17:51:49 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmon.dll
[2010/05/12 17:51:49 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\umandlg.dll
[2010/05/12 17:51:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\udhisapi.dll
[2010/05/12 17:51:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmib.dll
[2010/05/12 17:51:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tree.com
[2010/05/12 17:51:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2010/05/12 17:51:49 | 000,012,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsddd.dll
[2010/05/12 17:51:48 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\upnp.dll
[2010/05/12 17:51:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdmat.dll
[2010/05/12 17:51:48 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmredir.dll
[2010/05/12 17:51:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2010/05/12 17:51:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2010/05/12 17:51:48 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.dll
[2010/05/12 17:51:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmdbg.dll
[2010/05/12 17:51:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbmon.dll
[2010/05/12 17:51:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\upnpcont.exe
[2010/05/12 17:51:48 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniplat.dll
[2010/05/12 17:51:47 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winntbbu.dll
[2010/05/12 17:51:47 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadefui.dll
[2010/05/12 17:51:47 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaacmgr.exe
[2010/05/12 17:51:47 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wavemsp.dll
[2010/05/12 17:51:47 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\webvw.dll
[2010/05/12 17:51:47 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadss.dll
[2010/05/12 17:51:47 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiavideo.dll
[2010/05/12 17:51:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2010/05/12 17:51:47 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winipsec.dll
[2010/05/12 17:51:47 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\watchdog.sys
[2010/05/12 17:51:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll
[2010/05/12 17:51:46 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8ds32.ax
[2010/05/12 17:51:46 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2010/05/12 17:51:46 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wow32.dll
[2010/05/12 17:51:46 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvds32.ax
[2010/05/12 17:51:46 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe.dll
[2010/05/12 17:51:46 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winscard.dll
[2010/05/12 17:51:46 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winsta.dll
[2010/05/12 17:51:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshcon.dll
[2010/05/12 17:51:46 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpabaln.exe
[2010/05/12 17:51:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wship6.dll
[2010/05/12 17:51:46 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnpinst.exe
[2010/05/12 17:51:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmi.dll
[2010/05/12 17:51:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winver.exe
[2010/05/12 17:51:45 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcdlg.dll
[2010/05/12 17:51:45 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshom.ocx
[2010/05/12 17:51:45 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactsrv.dll
[2010/05/12 17:51:45 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcsapi.dll
[2010/05/12 17:51:45 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2010/05/12 17:51:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsnmp32.dll
[2010/05/12 17:51:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xcopy.exe
[2010/05/12 17:51:45 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsock32.dll
[2010/05/12 17:51:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshtcpip.dll
[2010/05/12 17:51:45 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wtsapi32.dll
[2010/05/12 17:51:45 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/05/12 17:51:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshrm.dll
[2010/05/12 17:51:44 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autoconv.exe
[2010/05/12 17:51:44 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2010/05/12 17:51:44 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\desk.cpl
[2010/05/12 17:51:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2010/05/12 17:51:44 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2010/05/12 17:51:43 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2010/05/12 17:51:43 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2010/05/12 17:51:43 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll
[2010/05/12 17:51:43 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwprovau.dll
[2010/05/12 17:51:43 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntprint.dll
[2010/05/12 17:51:43 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2010/05/12 17:51:43 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2010/05/12 17:51:43 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecnv32.dll
[2010/05/12 17:51:43 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\format.com
[2010/05/12 17:51:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mgmtapi.dll
[2010/05/12 17:51:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlsapi.dll
[2010/05/12 17:51:42 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdlg.dll
[2010/05/12 17:51:42 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\samsrv.dll
[2010/05/12 17:51:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasapi32.dll
[2010/05/12 17:51:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasman.dll
[2010/05/12 17:51:42 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rastapi.dll
[2010/05/12 17:51:42 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfctrs.dll
[2010/05/12 17:51:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2010/05/12 17:51:41 | 001,850,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2010/05/12 17:51:41 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll
[2010/05/12 17:51:41 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\untfs.dll
[2010/05/12 17:51:41 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ulib.dll
[2010/05/12 17:51:41 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010/05/12 17:51:41 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32spl.dll
[2010/05/12 17:51:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmonui.dll
[2010/05/12 17:51:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys
[2010/05/12 17:51:40 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys
[2010/05/12 17:51:40 | 000,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys
[2010/05/12 17:51:40 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys
[2010/05/12 17:51:40 | 000,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys
[2010/05/12 17:51:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys
[2010/05/12 17:51:40 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys
[2010/05/12 17:51:40 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbatt.sys
[2010/05/12 17:51:40 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys
[2010/05/12 17:51:40 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2010/05/12 17:51:39 | 000,202,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2010/05/12 17:51:39 | 000,088,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys
[2010/05/12 17:51:39 | 000,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys
[2010/05/12 17:51:38 | 000,226,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2010/05/12 17:51:38 | 000,096,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys
[2010/05/12 17:51:38 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys
[2010/05/12 17:51:38 | 000,025,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys
[2010/05/12 17:51:38 | 000,019,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys
[2010/05/12 17:51:38 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys
[2010/05/12 17:51:37 | 000,081,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys
[2010/05/12 17:51:37 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys
[2010/05/12 17:51:37 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys
[2010/05/12 17:51:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys
[2010/05/12 17:51:37 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2010/05/12 17:51:36 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2010/05/12 17:51:36 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2010/05/12 17:51:36 | 000,134,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\HAL.DLL
[2010/05/10 18:36:13 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/05/10 18:33:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/05/10 18:33:03 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/05/10 18:33:03 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/05/10 18:32:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/10 18:32:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/10 18:24:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/08 20:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\computer error info
[2010/05/08 20:44:28 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\OTL.exe
[2010/05/08 15:16:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\FlyWheelGames
[2010/05/05 18:24:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\Fugazo
[2010/04/30 00:02:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/30 00:02:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/30 00:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/29 17:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2010/04/29 17:19:49 | 000,093,096 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll
[2010/04/29 17:16:40 | 000,000,000 | ---D | C] -- C:\Program Files\iolo
[2010/04/29 17:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\iolo
[2010/04/29 17:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iolo
[2010/04/29 12:11:43 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010/04/29 12:11:43 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010/04/29 12:11:43 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010/04/29 12:11:43 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010/04/29 12:11:43 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010/04/29 12:11:43 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010/04/29 12:11:30 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010/04/29 12:11:30 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010/04/29 12:11:30 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010/04/29 12:11:30 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010/04/29 12:11:26 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010/04/29 12:11:24 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010/04/29 12:11:18 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010/04/29 12:11:15 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010/04/29 12:11:15 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010/04/29 12:11:15 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010/04/29 12:11:14 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010/04/29 12:05:52 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010/04/29 12:05:52 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010/04/29 12:05:52 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010/04/29 12:05:52 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010/04/29 12:05:52 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010/04/29 12:05:52 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010/04/29 12:05:52 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010/04/29 12:05:52 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010/04/29 12:05:51 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2010/04/29 12:05:51 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010/04/29 12:05:51 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010/04/29 12:05:51 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010/04/29 12:05:51 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010/04/29 12:05:51 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010/04/29 12:05:51 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010/04/29 12:05:51 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010/04/29 12:05:50 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010/04/29 12:05:50 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010/04/29 12:05:50 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010/04/29 12:05:50 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010/04/29 12:05:50 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010/04/29 12:05:50 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010/04/29 11:37:19 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010/04/29 11:37:11 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/04/29 11:35:45 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/04/29 11:35:43 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/04/29 11:35:42 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/04/29 11:35:40 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/04/29 11:34:16 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/04/29 11:32:52 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010/04/28 16:42:52 | 000,000,000 | ---D | C] -- C:\Program Files\SIW
[2010/04/27 13:21:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2010/04/26 22:20:49 | 000,000,000 | ---D | C] -- C:\Program Files\WhatsRunning
[2010/04/26 22:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/04/26 14:54:15 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/04/26 14:54:15 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/04/26 14:54:15 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/04/26 14:54:15 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/04/26 14:54:14 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/04/26 14:54:14 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/04/26 14:54:14 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/04/26 14:53:55 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/04/26 14:53:55 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/04/26 14:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/04/26 14:53:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/04/25 15:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportsoft
[2010/04/24 22:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\System Tweaker
[2010/04/24 17:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\JoyBits
[2010/04/18 23:44:18 | 000,098,304 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LGUICOM.DLL
[2010/04/18 23:44:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2010/04/18 23:44:17 | 000,104,960 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\COMNCTR.DLL
[2010/04/18 23:44:17 | 000,016,896 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\LMOUSE32.DLL
[2010/04/18 23:44:17 | 000,003,568 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\LMOUSE16.DLL
[2010/04/18 23:44:16 | 000,152,064 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\lmoufrc.dll
[2010/04/18 23:44:16 | 000,023,372 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\LCOINST.DLL
[2010/04/18 23:44:16 | 000,019,968 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE
[2010/04/18 23:44:15 | 000,073,134 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LMouFlt2.Sys
[2010/04/18 23:44:15 | 000,053,870 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\L8042PR2.SYS
[2010/04/18 23:44:15 | 000,037,804 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LHidUsb.sys
[2010/04/18 23:44:15 | 000,025,214 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LHidFlt2.Sys
[2010/04/18 23:44:15 | 000,014,348 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LCcfltr.sys
[2010/04/18 18:43:21 | 000,000,000 | ---D | C] -- C:\Intel
[2010/04/18 18:41:14 | 000,000,000 | ---D | C] -- C:\HP Universal Print Driver PCL5 v5.0.1
[2010/04/18 18:40:35 | 000,000,000 | ---D | C] -- C:\Compaq
[2010/04/18 18:39:38 | 000,000,000 | ---D | C] -- C:\IBMTOOLS
[2010/04/18 18:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\MouseWare
[2010/04/18 18:19:50 | 000,000,000 | ---D | C] -- C:\SWSetup
[2010/04/18 18:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\DeviceDoctorSoftware
[2010/04/18 18:15:17 | 000,000,000 | ---D | C] -- C:\Program Files\Device Doctor
[2010/04/16 17:58:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/05/13 21:42:09 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1335557147-534332963-624509898-1005.job
[2010/05/13 21:42:09 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1335557147-534332963-624509898-1005.job
[2010/05/13 21:42:00 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6DE32CB2-CAC5-4723-96B0-FA6C1388C9C5}.job
[2010/05/13 21:08:34 | 014,680,064 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\ntuser.dat
[2010/05/13 21:01:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/13 21:01:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/13 21:00:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/05/13 21:00:28 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1335557147-534332963-624509898-1007.job
[2010/05/13 21:00:28 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1335557147-534332963-624509898-1006.job
[2010/05/13 21:00:28 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1335557147-534332963-624509898-500.job
[2010/05/13 21:00:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/13 21:00:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/13 21:00:05 | 1071,804,416 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/13 20:59:03 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\ntuser.ini
[2010/05/13 20:58:58 | 011,254,386 | -H-- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Local Settings\Application Data\IconCache.db
[2010/05/13 18:24:25 | 000,230,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/13 18:17:49 | 000,001,485 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Windows Explorer.lnk
[2010/05/13 18:09:48 | 000,061,456 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/05/13 18:01:02 | 003,688,738 | R--- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\ComboFix.exe
[2010/05/13 17:53:52 | 000,527,436 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/13 17:53:52 | 000,444,216 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/13 17:53:52 | 000,073,274 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/13 17:50:50 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/05/13 17:30:13 | 000,250,048 | ---- | M] () -- C:\ntldr
[2010/05/13 15:38:42 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1335557147-534332963-624509898-1006.job
[2010/05/12 18:42:02 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/05/12 18:42:02 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/05/11 21:08:27 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1335557147-534332963-624509898-1007.job
[2010/05/11 13:25:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1335557147-534332963-624509898-500.job
[2010/05/09 23:13:20 | 000,242,176 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/08 20:44:28 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\OTL.exe
[2010/05/08 15:46:05 | 000,000,144 | ---- | M] () -- C:\WINDOWS\wwwbatch.ini
[2010/05/08 15:39:28 | 000,001,996 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100508_153919.reg
[2010/05/08 15:13:12 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/07 18:18:39 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Brunhilda BETA.lnk
[2010/05/07 18:16:59 | 000,001,161 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Master Wu and the Glory of the Ten Powers.lnk
[2010/05/07 18:16:22 | 000,001,013 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\MysteryCruise.exe.lnk
[2010/05/07 18:12:26 | 000,000,970 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Escape The Lost Kingdom.lnk
[2010/05/07 18:09:45 | 000,001,107 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Tiger Eye - Curse of the Riddle Box.lnk
[2010/05/06 22:18:51 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/05/06 16:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/05/06 16:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/05/06 16:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/05/06 16:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/05/06 16:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/05/06 16:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/05/06 16:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/05/06 16:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/05/05 18:23:52 | 000,001,150 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Fiction_Fixers_-_Adventures_in_Wonderland_Premium.exe.lnk
[2010/05/05 17:45:28 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Local Settings\Application Data\prvlcl.dat
[2010/05/04 17:43:07 | 000,059,775 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\AKD-7366109967.pdf
[2010/05/04 17:40:03 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\ShoppingList.xls
[2010/05/03 17:56:26 | 000,000,521 | ---- | M] () -- C:\hpfr3420.xml
[2010/05/01 22:09:40 | 000,338,329 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\bookmarks-2010-05-01.json
[2010/05/01 17:19:34 | 011,411,702 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\dell owners manual.pdf
[2010/04/30 11:34:02 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113400.reg
[2010/04/30 11:33:30 | 000,000,414 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113322.reg
[2010/04/30 11:33:07 | 000,002,786 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113304.reg
[2010/04/30 11:32:43 | 000,001,038 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113237.reg
[2010/04/30 11:31:02 | 000,000,082 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113101.reg
[2010/04/30 11:30:31 | 000,002,552 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113015.reg
[2010/04/30 11:29:38 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_112928.reg
[2010/04/30 11:28:51 | 000,001,226 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_112835.reg
[2010/04/30 00:02:41 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/29 21:11:06 | 000,000,000 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/29 17:22:43 | 000,000,406 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2010/04/29 17:20:30 | 000,001,699 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\System Mechanic.lnk
[2010/04/29 17:14:52 | 000,074,703 | ---- | M] () -- C:\WINDOWS\System32\mfc45.dll
[2010/04/29 17:10:51 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\iolo technologies receipt.doc
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/28 20:13:43 | 001,580,024 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\HPPDU.exe
[2010/04/28 16:43:06 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\SIW.lnk
[2010/04/26 22:21:03 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\What's Running.lnk
[2010/04/26 16:16:30 | 000,001,558 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\CCleaner.lnk
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/26 15:32:50 | 000,000,210 | RHS- | M] () -- C:\boot.ini
[2010/04/26 14:54:15 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/04/25 15:43:34 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\AzadaAdventures.exe.lnk
[2010/04/25 15:33:23 | 000,061,456 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/24 22:28:51 | 000,060,918 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\AKD-7365989984.pdf
[2010/04/24 22:14:17 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\GOOD PASSWORD LIST.doc
[2010/04/24 17:24:46 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Bigfoot.exe.lnk
[2010/04/21 14:46:38 | 000,093,096 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll
[2010/04/21 14:46:28 | 002,316,712 | ---- | M] () -- C:\WINDOWS\System32\Incinerator.dll
[2010/04/20 20:11:27 | 000,003,350 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/04/20 20:11:24 | 000,000,088 | RHS- | M] () -- C:\WINDOWS\System32\8901B2EDF5.sys
[2010/04/20 15:40:40 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\american express letter.doc
[2010/04/18 18:15:20 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Device Doctor.lnk
[2010/04/17 15:55:48 | 000,001,437 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Escape from Frankensteins Castle.exe.lnk
[2010/04/16 19:40:05 | 000,001,063 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\dominic.exe.lnk
[2010/04/16 19:39:25 | 000,002,069 | ---- | M] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Crime and Punishment Who Framed Raskolnikov.lnk
[2010/04/14 12:47:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/12 17:52:11 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2010/05/12 17:51:58 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2010/05/12 17:51:37 | 000,250,048 | ---- | C] () -- C:\ntldr
[2010/05/10 22:11:33 | 000,000,443 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\mbr.log
[2010/05/10 18:33:03 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/05/10 18:33:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/05/10 18:33:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/05/10 18:33:03 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/05/10 18:33:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/05/10 18:31:07 | 003,688,738 | R--- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\ComboFix.exe
[2010/05/08 20:45:01 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\gmer.exe
[2010/05/08 16:46:34 | 000,001,881 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\computer issues.txt
[2010/05/08 15:46:05 | 000,000,144 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2010/05/08 15:39:20 | 000,001,996 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100508_153919.reg
[2010/05/07 18:18:39 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Brunhilda BETA.lnk
[2010/05/07 18:16:59 | 000,001,161 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Master Wu and the Glory of the Ten Powers.lnk
[2010/05/07 18:16:22 | 000,001,013 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\MysteryCruise.exe.lnk
[2010/05/07 18:12:26 | 000,000,970 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Escape The Lost Kingdom.lnk
[2010/05/07 18:09:45 | 000,001,107 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Tiger Eye - Curse of the Riddle Box.lnk
[2010/05/05 18:23:52 | 000,001,150 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Fiction_Fixers_-_Adventures_in_Wonderland_Premium.exe.lnk
[2010/05/04 17:43:07 | 000,059,775 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\AKD-7366109967.pdf
[2010/05/03 17:53:50 | 014,680,064 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\ntuser.dat
[2010/05/01 22:09:40 | 000,338,329 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\bookmarks-2010-05-01.json
[2010/05/01 17:19:17 | 011,411,702 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\dell owners manual.pdf
[2010/04/30 11:34:01 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113400.reg
[2010/04/30 11:33:24 | 000,000,414 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113322.reg
[2010/04/30 11:33:05 | 000,002,786 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113304.reg
[2010/04/30 11:32:38 | 000,001,038 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113237.reg
[2010/04/30 11:31:02 | 000,000,082 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113101.reg
[2010/04/30 11:30:16 | 000,002,552 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_113015.reg
[2010/04/30 11:29:30 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_112928.reg
[2010/04/30 11:28:42 | 000,001,226 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\cc_20100430_112835.reg
[2010/04/30 00:02:41 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/29 20:55:51 | 1071,804,416 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/29 17:22:43 | 000,000,406 | ---- | C] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2010/04/29 17:20:30 | 000,001,699 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\System Mechanic.lnk
[2010/04/29 17:19:46 | 002,316,712 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll
[2010/04/29 17:17:39 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\iolobtdfg.exe
[2010/04/29 17:17:39 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\smrgdf.exe
[2010/04/29 17:14:51 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/04/29 17:10:50 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\iolo technologies receipt.doc
[2010/04/29 12:11:16 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/04/29 12:10:16 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/04/29 12:05:52 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/04/28 20:13:37 | 001,580,024 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\HPPDU.exe
[2010/04/28 16:43:06 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\SIW.lnk
[2010/04/27 13:24:47 | 000,000,302 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1335557147-534332963-624509898-500.job
[2010/04/27 13:24:47 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1335557147-534332963-624509898-500.job
[2010/04/27 10:09:07 | 000,000,559 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\uniblue.txt
[2010/04/26 22:21:03 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\What's Running.lnk
[2010/04/26 14:54:15 | 000,001,710 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/04/25 15:43:34 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\AzadaAdventures.exe.lnk
[2010/04/24 22:28:51 | 000,060,918 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\AKD-7365989984.pdf
[2010/04/24 17:24:46 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Bigfoot.exe.lnk
[2010/04/20 15:40:38 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\american express letter.doc
[2010/04/18 18:15:20 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Device Doctor.lnk
[2010/04/17 15:55:48 | 000,001,437 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Escape from Frankensteins Castle.exe.lnk
[2010/04/16 19:40:05 | 000,001,063 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\dominic.exe.lnk
[2010/04/16 19:39:25 | 000,002,069 | ---- | C] () -- C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\Crime and Punishment Who Framed Raskolnikov.lnk
[2010/04/08 20:19:12 | 000,004,441 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/02/07 13:52:59 | 000,000,030 | ---- | C] () -- C:\WINDOWS\sav.ini
[2009/11/21 14:49:27 | 000,000,169 | ---- | C] () -- C:\WINDOWS\settings.ini
[2009/08/28 19:16:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ResortingToDanger.INI
[2008/12/13 10:25:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Curses.INI
[2008/10/22 11:10:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CastleMalloy.INI
[2008/10/17 18:02:22 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/12/26 20:30:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\game.INI
[2007/11/10 15:43:04 | 000,000,362 | ---- | C] () -- C:\WINDOWS\ACTIVEJP.INI
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/01/23 18:51:56 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2007/01/23 18:20:54 | 000,000,121 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/01/23 18:20:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2007/01/23 18:20:36 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/10/16 17:50:07 | 000,000,019 | ---- | C] () -- C:\WINDOWS\CustomerPOIManager.INI
[2006/10/01 20:54:23 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2006/10/01 19:36:49 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006/04/02 15:13:52 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\8901B2EDF5.sys
[2006/03/23 23:29:00 | 000,205,312 | R--- | C] () -- C:\WINDOWS\patchw32.dll
[2006/03/23 23:26:45 | 000,205,312 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2006/02/19 22:29:36 | 000,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/01/30 22:37:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2006/01/24 14:08:29 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/01/14 15:18:48 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/12/30 19:46:51 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\F5EDB20189.sys
[2005/12/30 19:44:45 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\MyCamUnInstall.dll
[2005/12/30 19:44:14 | 000,000,892 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2005/12/30 19:44:06 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/12/30 19:43:57 | 000,000,021 | ---- | C] () -- C:\WINDOWS\vi_setup.ini
[2005/12/30 19:38:40 | 001,294,336 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2A6.dll
[2005/12/30 19:38:40 | 001,261,568 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M6.dll
[2005/12/30 19:38:40 | 001,228,800 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M5.dll
[2005/12/30 19:38:40 | 001,105,920 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P6.dll
[2005/12/30 19:38:39 | 001,052,672 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P5.dll
[2005/12/30 19:38:16 | 000,000,002 | ---- | C] () -- C:\WINDOWS\PhotoSuite.ini
[2005/12/30 19:38:13 | 001,093,632 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2PX.dll
[2005/12/30 19:38:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2.dll
[2005/12/30 19:38:13 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\CPUINF32.DLL
[2005/12/30 19:38:12 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\JPEGLIB.DLL
[2005/12/30 19:38:12 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EnrouteStitch.dll
[2005/12/30 19:37:55 | 000,332,800 | ---- | C] () -- C:\WINDOWS\System32\FPXLIB.DLL
[2005/12/30 18:49:44 | 000,000,227 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/12/30 18:32:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/28 21:19:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/12/28 21:10:33 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2005/12/28 20:39:10 | 000,102,480 | ---- | C] () -- C:\WINDOWS\System32\EzRating.dll
[2005/12/28 20:39:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\EzdCoIns.dll
[2005/12/28 20:38:28 | 000,000,387 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/04 10:21:48 | 000,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2005/11/04 10:21:24 | 000,189,480 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2005/08/16 06:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/12 17:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/08/05 16:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/19 19:05:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/03/09 16:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[1998/06/14 04:53:26 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll

========== Custom Scans ==========



< MD5 for: ACPI.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:ACPI.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:ACPI.sys
[2010/05/12 17:51:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:ACPI.sys
[2010/05/12 17:51:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:ACPI.sys
[2010/05/12 17:51:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:ACPI.sys
[2008/04/13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) MD5=8FD99680A539792A30E97944FDAECF17 -- C:\WINDOWS\ServicePackFiles\i386\acpi.sys
[2008/04/13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) MD5=8FD99680A539792A30E97944FDAECF17 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\acpi.sys
[2008/04/13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) MD5=8FD99680A539792A30E97944FDAECF17 -- C:\WINDOWS\system32\drivers\acpi.sys
[2004/08/10 07:00:00 | 000,187,776 | ---- | M] (Microsoft Corporation) MD5=A10C7534F7223F4A73A948967D00E69B -- C:\i386\acpi.sys
[2004/08/10 07:00:00 | 000,187,776 | ---- | M] (Microsoft Corporation) MD5=A10C7534F7223F4A73A948967D00E69B -- C:\WINDOWS\$NtServicePackUninstall$\acpi.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/05/12 17:51:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010/05/12 17:51:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2010/05/12 17:51:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys

< MD5 for: CLASSPNP.SYS >
[2004/08/10 07:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=D86173B401470F06D9810F7962969DDF -- C:\i386\classpnp.sys
[2004/08/10 07:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=D86173B401470F06D9810F7962969DDF -- C:\WINDOWS\$NtServicePackUninstall$\classpnp.sys
[2008/04/13 15:16:22 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=FE47DD8FE6D7768FF94EBEC6C74B2719 -- C:\WINDOWS\ServicePackFiles\i386\classpnp.sys
[2008/04/13 15:16:22 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=FE47DD8FE6D7768FF94EBEC6C74B2719 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\classpnp.sys
[2008/04/13 15:16:22 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=FE47DD8FE6D7768FF94EBEC6C74B2719 -- C:\WINDOWS\system32\drivers\classpnp.sys

< MD5 for: DISK.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2010/05/12 17:51:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2010/05/12 17:51:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2010/05/12 17:51:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:disk.sys
[2004/08/10 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/10 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: IASTOR.SYS >
[2010/04/18 18:40:03 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\Downloads\drivers\Intel_RAIDAHCI_XPVistaWin7\Intel_RAIDAHCI_XPVistaWin7\Driver\Intel\Win7\64bit\IaStor.sys
[2010/04/18 18:40:04 | 000,407,064 | ---- | M] (Intel Corporation) MD5=8EACF469269FB1509561961A3188F670 -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\Downloads\drivers\Intel_RAIDAHCI_XPVistaWin7\Intel_RAIDAHCI_XPVistaWin7\Driver\Intel\XP_Vista\64bit\IaStor.sys
[2005/06/17 14:33:40 | 000,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\drivers\storage\sata\onboard\iastor.sys
[2005/06/17 14:33:40 | 000,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\i386\iaStor.sys
[2005/06/17 14:33:40 | 000,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2010/04/18 18:40:04 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\Downloads\drivers\Intel_RAIDAHCI_XPVistaWin7\Intel_RAIDAHCI_XPVistaWin7\Driver\Intel\XP_Vista\32bit\IaStor.sys
[2010/04/18 18:40:03 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Documents and Settings\MICHAEL ELLIOTT\My Documents\Downloads\drivers\Intel_RAIDAHCI_XPVistaWin7\Intel_RAIDAHCI_XPVistaWin7\Driver\Intel\Win7\32bit\IaStor.sys

< MD5 for: SFSYNC02.SYS >
[2004/11/29 14:14:30 | 000,019,648 | ---- | M] (Protection Technology) MD5=D14D5C9C11998DA690FA75460F4F1CF3 -- C:\WINDOWS\system32\drivers\sfsync02.sys
< End of report >
  • 0

#20
emeraldnzl
Posted 13 May 2010 - 08:04 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello MEUNCFREE,

The results from that log are inconclusive. We need to have a look at a rootkit scan.

If you don't have it on your machine anymore please download the GMER Rootkit Scanner. Unzip it to your Desktop.

If you do still have it on your machine, please just follow the instructions below.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!

Posted Image

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
  • Click NO then use the following settings for a more complete scan..
  • In the right of the panel, you will see a list of boxes that have been checked ... Ensure the following are un-checked.
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)

    Posted Image
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in GMER.txt
  • Save it where you can easily find it, such as your desktop.
Post the contents of GMER.txt in your next reply.
  • 0

#21
MEUNCFREE
Posted 13 May 2010 - 08:41 PM

MEUNCFREE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Ok, at least I'm not boring...While running the scan, I got a BSoD that said it was caused by the file "FWLDAPOB.SYS. I also go this other information:

Address B19c1c3E base at B19C1000,

Stop: 0x00000050 (0xE6F5E000, 0X00000000, 0xB19E1C3E, 0x00000001)

Page_fault_in_nonpaged_area

the system then rebooted and things seem to be ok at the moment. I haven't restarted the scan yet. thought I'd wait on you, the expert, to direct me from here.

I'm heading for bedtime and will check again in the morning. Please know that I appreciate your patience and your assistance.
  • 0

#22
emeraldnzl
Posted 13 May 2010 - 08:54 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello MEUNCFREE,

I'm heading for bedtime and will check again in the morning.


Good idea, look forward to catching up with you tomorrow.

When you come back we will leave the GMER one for now (we may need to come back to it) and try this one

Please download HAMeb_check.exe to your desktop.

  • Double click on the icon to run
  • when it completes its job it will open a log
  • post the contents back here
Note: The log is temporary - it will not be saved when closed, so please be sure to copy the content so that you can paste back here before you close the log
  • 0

#23
MEUNCFREE
Posted 13 May 2010 - 08:59 PM

MEUNCFREE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Ok, I lied, this is my last post tonight. Here is the log HAMeb:

C:\Documents and Settings\MICHAEL ELLIOTT\Desktop\HAMeb_check.exe
Thu 05/13/2010 at 22:57:24.17

Account active No
Local Group Memberships

~~ Checking profile list ~~

No HelpAssistant profile in registry

~~ Checking for HelpAssistant directories ~~

none found

~~ Checking mbr ~~

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86684A78]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\iaStor -> 0x86684a78
NDIS: Intel® PRO/1000 PL Network Connection -> SendCompleteHandler -> 0x85cba330
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use "Recovery Console" command "fixmbr" to clear infection !

~~ Checking for termsrv32.dll ~~

termsrv32.dll was not found


HKEY_LOCAL_MACHINE\system\currentcontrolset\services\termservice\parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\termsrv.dll

~~ Checking firewall ports ~~

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]


~~ EOF ~~
  • 0

#24
emeraldnzl
Posted 13 May 2010 - 09:14 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello MEUNCFREE,

You may wish to leave this until tomorrow. :)

We want to run a command from the Recovery Console. To do this we need to get the RC installed on your machine.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Go to Microsoft's website => http://support.microsoft.com/kb/310994

Scroll down to Step 1, and select the download that's appropriate for your Operating System. Download the file & save it as it's originally named.

Note: If you have SP3, use the SP2 package.

Tell me once this is done and I will give you some more instructions.
  • 0

#25
emeraldnzl
Posted 13 May 2010 - 09:18 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hi MEUNCFREE,

Hold on that last instruction. I have just checked that link I included and I am not sure that is what we want. Let me check it out and get back to you.
  • 0

Advertisements

#26
emeraldnzl
Posted 13 May 2010 - 09:38 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Well things have got a bit more complicated since I last used that link.

I am thinking the quickest way to get the Recovery Console on you computer is to use ComboFix.

Please delete your version of ComboFix, including the folders C:\Qoobox and C:\Combofix, and download a new version of Combofix. This time allow it to install the Recovery Console. Come back and tell me if there is a problem.

Note: Let it run and post the log back. :)

Download ComboFix from one of these locations:

Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#27
MEUNCFREE
Posted 14 May 2010 - 03:40 PM

MEUNCFREE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Ok, a new day, a new sense of adventure. I deleted the old Combofix and installed the new one via the first link you provided. Saved it to my desktop. Attempted to run it and it gave me the boot.ini error. I went to the link you gave me on the first page of the session and studied it but it appears I have to have an installation disk to do what it is asking. When I boot up, it doesn't ask me if i want to go to recovery. I see the page where it says hit F8 to go to setup, but no blue screens like in the examples on that link. Is there any other way to fix boot.ini without installation disks? my computer came preinstalled.
  • 0

#28
MEUNCFREE
Posted 14 May 2010 - 03:57 PM

MEUNCFREE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
upon doing a windows search, I did find a file Boot.ini.backup in the director C:\windows\pss. can that be reinstalled to the proper file? when I go to systems property and click Edit inside startup and recovery, the .txt screen comes up blank. (doing some research to gain information but not changing or doing anything without you telling me to do so.)
  • 0

#29
emeraldnzl
Posted 14 May 2010 - 04:40 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Well, I think you need technical help to fix that.

Meantime let's try a work around.

If you go to the link below you will find a way to burn a CD (edge20022 signature) to access the recovery console.

http://www.geekstogo...72#entry1565972

Tell me how you go. :)
  • 0

#30
MEUNCFREE
Posted 14 May 2010 - 08:24 PM

MEUNCFREE

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Ok, I downloaded and burned the iso file to a cd using the program that link recommended. I have checked that there are indeed files on the cd and it is in my cd drive. However, when i reboot the computer, it doesn't go to the recovery screen. Is there something else i have to do to make it access the cd?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP