Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Comp slow, did the cleaning guide

Started by superman659 , Jun 02 2010 12:10 AM

Please log in to reply

#1
superman659

Posted 02 June 2010 - 12:10 AM

Member

Member
37 posts

Hello,

I did the malware cleaning guide. I did steps 1-5 and it still seems to be running a little slower than my comp should be.

I have step 4 ready to be posted which is ark.txt

and step 5 ready to be posted which is OTL.txt and Extras.txt

It said in the forum to inform the people on that site rather than just starting a topic and posting the .txt's. So please let me know if I'm in the right direction. Thank you. =)

#2
RKinner

Posted 04 June 2010 - 11:05 PM

Malware Expert

Expert
24,625 posts

Go ahead and copy and paste your logs.

Also run combofix as follows:

Download but do not yet run ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html

Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on george to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Re-activate your anti-virus program at this time :!:

Ron

#3
superman659

Posted 08 June 2010 - 10:30 PM

Member

Topic Starter
Member
37 posts

Hey sorry for being so slow to post but my power supply went out. But here is the logs and I will be running combo fix after I post this.

OTL:

OTL logfile created on: 6/1/2010 2:49:44 PM - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Documents and Settings\Errol Santos\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 166.22 Gb Free Space | 55.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 232.88 Gb Total Space | 117.54 Gb Free Space | 50.47% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ERROLSCOMP
Current User Name: Errol Santos
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/01 14:48:26 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Errol Santos\Desktop\OTL.exe
PRC - [2010/05/06 13:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/26 12:22:42 | 000,081,997 | ---- | M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe
PRC - [2006/08/01 18:26:00 | 001,839,104 | ---- | M] (Voyetra Turtle Beach, Inc.) -- C:\Program Files\Turtle Beach\Turtle Beach USB MIDI 1x1\TBUM11.exe
PRC - [2005/07/27 00:52:32 | 000,057,344 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/07/19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005/06/08 15:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 14:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\FxSvr2.exe
PRC - [2003/12/25 19:53:08 | 000,270,336 | ---- | M] () -- C:\Program Files\NETGEAR GA311 Adapter\GA311.exe

========== Modules (SafeList) ==========

MOD - [2010/06/01 14:48:26 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Errol Santos\Desktop\OTL.exe
MOD - [2008/04/14 05:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

========== Driver Services (SafeList) ==========

DRV - [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 13:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/06 13:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/04/02 11:59:24 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/18 08:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 08:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/14 05:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/14 05:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/14 03:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/10/01 17:20:40 | 000,032,160 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2006/08/24 14:44:14 | 000,477,696 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2006/08/24 11:37:50 | 004,374,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/07/27 10:55:00 | 001,314,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/05/27 09:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/01/31 11:20:04 | 000,211,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2003/12/25 19:53:10 | 000,067,456 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GA311ND5.SYS -- (RTL8023)
DRV - [2003/12/25 19:53:10 | 000,008,440 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LANPkt.sys -- (LANPkt)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/09/02 12:25:48 | 000,011,266 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\diag69xp.sys -- (Diag69xp)
DRV - [2003/03/06 10:26:26 | 000,013,824 | ---- | M] (Voyetra Turtle Beach, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tbu11.sys -- (TBU11)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/14 09:57:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/23 14:51:26 | 000,000,000 | ---D | M]

[2010/05/14 03:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\Mozilla\Extensions
[2010/05/14 03:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Errol Santos\Application Data\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2010/06/01 00:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\Mozilla\Firefox\Profiles\z4ndqjew.default\extensions
[2010/04/01 12:03:21 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Errol Santos\Application Data\Mozilla\Firefox\Profiles\z4ndqjew.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/06/01 03:53:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2008/04/14 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [2Wire Wireless Manager] C:\Program Files\2Wire Wireless Manager\2Wire.exe (2Wire)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [DiagAP8169] C:\Program Files\MSI\LAN Utility\DiagAP8169.exe ()
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Turtle Beach USB MIDI 1x1] C:\Program Files\Turtle Beach\Turtle Beach USB MIDI 1x1\TBUM11.exe (Voyetra Turtle Beach, Inc.)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON Stylus CX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [ManyCam] C:\Program Files\ManyCam 2.4\ManyCam.exe (ManyCam LLC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GA311 Smart Wizard Utility.lnk = C:\Program Files\NETGEAR GA311 Adapter\GA311.exe ()
O4 - Startup: C:\Documents and Settings\Errol Santos\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Errol Santos\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: com ([www.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/30 18:50:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{da2e64b0-4153-11df-9e51-00247e1f39ce}\Shell\AutoRun\command - "" = AUTORUN.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/03/30 10:12:02 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co....hors/VA012897/)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\LVCodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010/06/01 14:48:25 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Errol Santos\Desktop\OTL.exe
[2010/06/01 11:11:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/01 04:12:44 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/06/01 04:12:44 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/06/01 04:12:43 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/06/01 04:12:42 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/06/01 04:12:41 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/06/01 04:12:41 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/06/01 04:12:40 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/06/01 04:12:30 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/06/01 04:12:30 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/06/01 04:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/06/01 04:12:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/06/01 04:07:54 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/05/24 22:16:44 | 000,526,184 | ---- | C] (Xceed Software Inc (450) 442-2626 [email protected] www.xceedsoft.com) -- C:\WINDOWS\System32\XceedCry.dll
[2010/05/24 22:16:42 | 000,135,168 | ---- | C] (Pro-Softnet Corporation) -- C:\WINDOWS\System32\LogMail.dll
[2010/05/24 22:16:41 | 000,143,360 | ---- | C] (Herman & Associates) -- C:\WINDOWS\System32\HLButton.ocx
[2010/05/24 22:16:41 | 000,086,016 | ---- | C] (Streamnet India) -- C:\WINDOWS\System32\IBwinUtil.ocx
[2010/05/24 22:16:41 | 000,028,672 | ---- | C] (Checks Unlimited) -- C:\WINDOWS\System32\Disable_X.ocx
[2010/05/24 22:16:41 | 000,024,576 | ---- | C] (Streamnet India) -- C:\WINDOWS\System32\IBcalendarser.ocx
[2010/05/24 22:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\IDrive
[2010/05/14 21:47:38 | 000,311,296 | ---- | C] (Koyote Soft - http://www.koyotesoft.com) -- C:\WINDOWS\System32\TubeFinder.exe
[2010/05/14 21:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\FreeFLVConverter
[2010/05/14 21:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\Free FLV Converter
[2010/05/14 03:43:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\Google
[2010/05/14 03:43:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Google
[2010/05/14 02:39:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Get Rich Selling Beats
[2010/05/10 01:11:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\gegl-0.0
[2010/05/06 18:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Malwarebytes
[2010/05/06 18:33:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/06 18:33:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/06 18:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/06 18:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/06 01:40:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Errol Santos\PrivacIE
[2010/05/06 01:26:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Errol Santos\My Documents\My Pictures
[2010/05/06 01:26:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Errol Santos\IETldCache
[2010/05/06 01:24:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/05/06 01:24:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/05/06 01:23:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/05/06 01:15:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\FriendBlasterPro
[2010/05/06 01:15:10 | 000,000,000 | ---D | C] -- C:\FBPUpdate
[2010/05/06 01:15:03 | 000,245,760 | ---- | C] (LansSoft Studio) -- C:\WINDOWS\System32\aUpdateNow.ocx
[2010/05/06 01:15:03 | 000,241,664 | ---- | C] (Namtuk.com) -- C:\WINDOWS\System32\MyFramePanel.ocx
[2010/05/06 01:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\FriendBlasterPro
[2010/05/05 04:40:49 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR GA311 Adapter
[2010/05/05 04:40:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{B7A015B7-4802-4678-8CEC-700380BA9AFD}
[2010/05/05 03:29:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Errol Santos\My Documents\My Videos
[2010/05/04 00:59:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Errol Santos\My Documents\My Music
[2010/05/03 23:57:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/05/03 23:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/05/03 23:51:19 | 000,000,000 | ---D | C] -- C:\d7de3830a7f0c9560c173e6d5836cbd1
[2010/05/03 23:51:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/05/03 23:51:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/05/03 23:50:45 | 000,000,000 | ---D | C] -- C:\904efd54455bcc1391
[2010/05/01 21:59:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\EPSON
[2010/04/29 01:52:38 | 000,015,872 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\GTNDIS5.sys
[2010/04/28 16:26:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Digsby Logs
[2010/04/28 16:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\Digsby
[2010/04/28 16:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Digsby
[2010/04/28 16:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Digsby
[2010/04/28 07:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II Beta
[2010/04/28 07:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\StarCraft II Beta
[2010/04/28 07:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\Blizzard Entertainment
[2010/04/28 07:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010/04/28 05:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010/04/28 02:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II Beta enUS 13891 Installer
[2010/04/28 02:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010/04/28 02:11:10 | 002,765,618 | ---- | C] (Blizzard Entertainment) -- C:\Documents and Settings\Errol Santos\Desktop\StarCraft_2_Beta_enUS.exe
[2010/04/27 17:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Southgate Class of 1997 20 Years From Now
[2010/04/27 16:08:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\20 Years From Now
[2010/04/26 14:20:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\gtk-2.0
[2010/04/26 14:20:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\.thumbnails
[2010/04/26 14:19:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\.gimp-2.6
[2010/04/26 14:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010/04/24 01:15:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\Logitech-LS
[2010/04/24 01:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2010/04/24 01:11:18 | 000,029,795 | ---- | C] (Ingenient Technologies, Inc.) -- C:\WINDOWS\System32\ITIG726.acm
[2010/04/24 01:10:57 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010/04/23 14:53:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/04/23 14:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/04/23 14:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/04/23 14:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/04/23 14:50:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Sun
[2010/04/20 14:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\FLV Player
[2010/04/10 03:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/04/10 03:59:13 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/04/10 03:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/10 03:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/04/10 03:58:13 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/04/09 14:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Desktop\desktop
[2010/04/08 20:46:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\WMTools Downloaded Files
[2010/04/08 20:46:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/04/08 20:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\ManyCam 2.4
[2010/04/08 20:16:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\ManyCam
[2010/04/08 16:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/04/07 08:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\East West
[2010/04/04 07:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Apple Computer
[2010/04/04 03:59:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Blitware
[2010/04/03 01:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Youtube
[2010/04/03 01:42:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\The Streets Contest
[2010/04/03 01:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\tekken photo
[2010/04/03 01:42:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Seth Rock - Love Is Pain, Pain Is Love (2010)
[2010/04/03 01:41:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Paraliminals
[2010/04/03 01:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\OneNote Notebooks
[2010/04/03 01:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\One Note items
[2010/04/03 01:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Old
[2010/04/03 01:25:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Never Stop Dreaming Contest
[2010/04/03 01:25:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Layout October
[2010/04/03 01:25:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Katie
[2010/04/03 01:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Instrumentals
[2010/04/03 01:25:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Financial Statements 2009
[2010/04/03 01:25:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\ErrolBeatsLayoutFeb62010
[2010/04/03 01:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Errol Beats - [email protected] - 510-402-9025
[2010/04/03 01:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Enya - Lothlorien
[2010/04/03 01:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Donations 2010
[2010/04/03 01:23:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Desktop
[2010/04/03 01:22:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Customers 2009
[2010/04/03 01:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Carole Dore
[2010/04/03 01:21:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\AIW
[2010/04/03 01:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\AIMLogger
[2010/04/03 01:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\3 eBooks
[2010/04/03 00:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Myspace
[2010/04/03 00:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Desktop\Quick
[2010/04/02 17:27:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\DoctorWeb
[2010/04/02 15:26:53 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\SCUnin.exe
[2010/04/02 15:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft
[2010/04/02 12:11:34 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010/04/02 12:05:05 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments
[2010/04/02 11:59:14 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Pro
[2010/04/02 11:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\DAEMON Tools Pro
[2010/04/02 11:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010/04/01 12:04:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\dwhelper
[2010/03/31 23:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\ErrolLayoutApril01'10
[2010/03/31 21:16:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\PrimoPDF
[2010/03/31 21:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF
[2010/03/31 14:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\reFX
[2010/03/31 14:35:53 | 001,332,224 | ---- | C] (AD © 2009) -- C:\WINDOWS\System32\SYNSOEMU.DLL
[2010/03/31 14:19:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iZotope
[2010/03/31 14:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\iZotope
[2010/03/31 14:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign
[2010/03/31 14:17:09 | 000,000,000 | ---D | C] -- C:\Program Files\Edirol
[2010/03/31 14:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Pianoteq 2.3
[2010/03/31 14:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\BitTorrent
[2010/03/31 14:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2010/03/31 12:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\ASIO4ALL v2
[2010/03/31 12:22:44 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll
[2010/03/31 12:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\VstPlugins
[2010/03/31 12:22:30 | 000,000,000 | ---D | C] -- C:\Program Files\Outsim
[2010/03/31 12:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2010/03/31 04:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\acccore
[2010/03/31 04:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\AOL
[2010/03/31 04:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\AIM
[2010/03/31 04:25:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/03/31 04:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2010/03/31 04:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/03/31 04:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2010/03/31 04:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Syntrillium
[2010/03/31 04:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\coolpro2
[2010/03/31 03:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/03/31 03:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/03/31 03:30:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/03/31 03:30:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\Apple
[2010/03/31 03:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/03/31 03:30:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\Apple Computer
[2010/03/31 03:27:03 | 000,013,824 | ---- | C] (Voyetra Turtle Beach, Inc.) -- C:\WINDOWS\System32\drivers\tbu11.sys
[2010/03/31 03:27:02 | 000,000,000 | ---D | C] -- C:\Program Files\Turtle Beach
[2010/03/31 03:17:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Leadertech
[2010/03/31 03:17:40 | 000,000,000 | ---D | C] -- C:\EPSONREG
[2010/03/31 03:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\ArcSoft
[2010/03/31 03:16:17 | 000,011,776 | ---- | C] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys
[2010/03/31 03:16:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft
[2010/03/31 03:16:14 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL
[2010/03/31 03:16:08 | 000,126,976 | ---- | C] (ArcSoft Inc.) -- C:\WINDOWS\System32\PhotoImpression Slideshow.scr
[2010/03/31 03:15:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PhotoImpression Slideshow
[2010/03/31 03:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2010/03/31 03:15:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/03/31 03:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2010/03/31 03:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/31 03:01:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/03/31 03:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/03/31 03:01:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/03/31 03:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/03/31 03:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\Adobe
[2010/03/31 03:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/03/31 02:54:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/03/31 02:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/03/31 02:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/03/31 02:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/03/31 02:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/03/31 02:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/31 02:51:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/03/31 02:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\Microsoft Help
[2010/03/31 02:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/03/31 02:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/03/31 02:51:13 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/03/31 02:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\WinRAR
[2010/03/31 02:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/03/31 00:35:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\ApplicationHistory
[2010/03/31 00:21:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010/03/31 00:20:14 | 000,106,496 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2010/03/31 00:20:14 | 000,073,728 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2010/03/31 00:20:14 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2010/03/31 00:20:13 | 000,039,936 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2010/03/31 00:20:13 | 000,025,088 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2010/03/31 00:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010/03/30 23:53:55 | 000,000,000 | ---D | C] -- C:\Program Files\MultiRes
[2010/03/30 23:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010/03/30 23:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\USB TV
[2010/03/30 22:26:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/03/30 21:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Setup Files
[2010/03/30 20:23:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010/03/30 20:20:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/03/30 20:19:34 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/03/30 20:19:01 | 000,000,000 | ---D | C] -- C:\ATI
[2010/03/30 20:13:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Macromedia
[2010/03/30 20:13:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Adobe
[2010/03/30 20:10:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2010/03/30 20:10:42 | 000,358,944 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2010/03/30 20:10:41 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010/03/30 20:10:41 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2010/03/30 20:10:41 | 000,129,568 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2010/03/30 20:04:31 | 000,143,360 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\System32\IpLib.dll
[2010/03/30 20:04:31 | 000,011,266 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\diag69xp.sys
[2010/03/30 20:04:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2010/03/30 20:03:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\My Documents\Downloads
[2010/03/30 20:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/03/30 20:00:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2010/03/30 19:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\InstallShield
[2010/03/30 19:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/03/30 19:59:29 | 000,000,000 | ---D | C] -- C:\Intel
[2010/03/30 19:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Fetch
[2010/03/30 19:48:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/03/30 19:48:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/03/30 19:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\Mozilla
[2010/03/30 19:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Mozilla
[2010/03/30 19:45:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/30 19:43:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/03/30 19:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/03/30 19:39:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/30 19:39:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/03/30 19:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\ATI
[2010/03/30 19:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\ATI
[2010/03/30 19:37:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\2Wire
[2010/03/30 19:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\2Wire
[2010/03/30 19:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\2Wire Wireless Manager
[2010/03/30 19:36:10 | 000,477,696 | ---- | C] (ZyDAS Technology Corporation) -- C:\WINDOWS\System32\drivers\ZD1211BU.sys
[2010/03/30 19:36:10 | 000,081,920 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\ZDPN50.DLL
[2010/03/30 19:36:10 | 000,031,744 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\ZDPSp50a64.sys
[2010/03/30 19:36:10 | 000,029,184 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\BRGSp50a64.sys
[2010/03/30 19:36:10 | 000,020,608 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\BRGSp50.sys
[2010/03/30 19:36:10 | 000,017,664 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\ZDPSp50.sys
[2010/03/30 19:36:10 | 000,017,151 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\ZDPNDIS5.SYS
[2010/03/30 19:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\2WIRE, Inc
[2010/03/30 19:36:09 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/30 19:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/30 19:35:01 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/03/30 19:34:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/03/30 18:55:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Application Data\Identities
[2010/03/30 18:55:16 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/03/30 18:55:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Errol Santos\Application Data\Microsoft
[2010/03/30 18:55:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Errol Santos\SendTo
[2010/03/30 18:55:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Errol Santos\Recent
[2010/03/30 18:55:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Errol Santos\Application Data
[2010/03/30 18:55:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Errol Santos\Start Menu
[2010/03/30 18:55:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Errol Santos\My Documents
[2010/03/30 18:55:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Errol Santos\Favorites
[2010/03/30 18:55:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Errol Santos\Cookies
[2010/03/30 18:55:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Errol Santos\Templates
[2010/03/30 18:55:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Errol Santos\PrintHood
[2010/03/30 18:55:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Errol Santos\NetHood
[2010/03/30 18:55:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Errol Santos\Local Settings
[2010/03/30 18:55:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\Microsoft
[2010/03/30 18:55:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Errol Santos\Desktop
[2010/03/30 18:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/03/30 18:54:18 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/03/30 18:54:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/03/30 18:54:17 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/03/30 18:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/03/30 18:53:55 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/30 18:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/30 18:52:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/03/30 18:52:18 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/03/30 18:52:18 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/03/30 18:50:50 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/03/30 18:50:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/03/30 18:50:31 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/03/30 18:50:31 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/03/30 18:49:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/03/30 18:49:23 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/03/30 18:49:23 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/03/30 18:49:14 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/03/30 18:48:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/03/30 18:47:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/03/30 18:47:52 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/03/30 18:47:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/03/30 18:47:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/03/30 18:47:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/03/30 18:47:13 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/03/30 18:46:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/03/30 18:45:53 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/03/30 18:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/03/30 18:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/03/30 18:45:31 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/03/30 18:45:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/03/30 18:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/03/30 18:45:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/03/30 18:44:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/03/30 18:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/03/30 18:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/03/30 18:44:39 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/03/30 18:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/03/30 18:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/03/30 18:42:33 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010/03/30 18:42:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/03/30 18:42:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/03/30 18:42:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/03/30 18:42:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/03/30 10:35:36 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/03/30 10:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/03/30 10:35:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/03/30 10:35:24 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/03/30 10:35:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/03/30 10:35:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/03/30 10:34:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/03/30 10:34:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/03/30 10:34:24 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/03/30 10:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/03/30 10:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/03/30 10:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/03/30 10:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/03/30 10:32:16 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/03/30 10:32:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/03/30 10:30:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/03/30 10:30:56 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/30 10:08:45 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/03/30 10:08:45 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/03/30 10:08:45 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/03/30 10:08:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/03/30 10:08:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010/03/24 20:24:34 | 000,031,032 | ---- | C] (Your Corporation) -- C:\WINDOWS\System32\ntaccess_64.sys
[2010/03/24 20:24:28 | 000,025,400 | ---- | C] (Your Corporation) -- C:\WINDOWS\System32\Ntaccess.sys

========== Files - Modified Within 90 Days ==========

[2010/06/01 14:48:26 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Errol Santos\Desktop\OTL.exe
[2010/06/01 14:24:57 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Errol Santos\Desktop\gmer.zip
[2010/06/01 11:11:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/01 11:11:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/01 11:09:49 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\Errol Santos\NTUSER.DAT
[2010/06/01 11:09:49 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Errol Santos\ntuser.ini
[2010/06/01 04:12:41 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/06/01 04:08:06 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Errol Santos\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/29 18:55:56 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/27 10:54:26 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/26 17:10:12 | 000,000,610 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/26 17:10:12 | 000,000,257 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/24 09:56:36 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/24 09:56:10 | 000,474,348 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/24 09:56:10 | 000,403,858 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/24 09:56:10 | 000,063,334 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/22 19:14:03 | 000,045,665 | ---- | M] () -- C:\Documents and Settings\Errol Santos\.recently-used.xbel
[2010/05/16 03:59:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Driver Fetch.job
[2010/05/12 21:49:11 | 000,409,879 | ---- | M] () -- C:\Documents and Settings\Errol Santos\My Documents\get_rich_selling_beats.zip
[2010/05/06 13:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/05/06 13:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/05/06 13:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/05/06 13:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/05/06 13:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/05/05 04:40:50 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GA311 Smart Wizard Utility.lnk
[2010/05/03 23:55:26 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/05/03 23:55:26 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/05/03 23:51:58 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/05/03 23:51:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/04/30 09:27:14 | 004,286,184 | -H-- | M] () -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\IconCache.db
[2010/04/29 17:09:56 | 000,311,296 | ---- | M] (Koyote Soft - http://www.koyotesoft.com) -- C:\WINDOWS\System32\TubeFinder.exe
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/28 07:21:44 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II Beta.lnk
[2010/04/28 02:11:12 | 002,765,618 | ---- | M] (Blizzard Entertainment) -- C:\Documents and Settings\Errol Santos\Desktop\StarCraft_2_Beta_enUS.exe
[2010/04/26 14:21:41 | 000,517,861 | ---- | M] () -- C:\Documents and Settings\Errol Santos\My Documents\leileah.jpg
[2010/04/12 18:56:16 | 000,056,488 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/04/04 22:59:06 | 000,012,540 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010/04/04 07:57:19 | 000,011,079 | ---- | M] () -- C:\Documents and Settings\Errol Santos\My Documents\Master Cleanse.xlsx
[2010/04/02 15:26:54 | 000,035,382 | ---- | M] () -- C:\WINDOWS\scunin.dat
[2010/04/02 15:26:53 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\SCUnin.exe
[2010/04/02 15:26:53 | 000,000,967 | ---- | M] () -- C:\WINDOWS\ScUnin.pif
[2010/04/02 11:59:24 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/03/31 21:15:57 | 000,000,314 | ---- | M] () -- C:\WINDOWS\primopdf.ini
[2010/03/31 05:26:29 | 000,263,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/31 04:25:06 | 000,000,465 | -H-- | M] () -- C:\IPH.PH
[2010/03/31 04:16:49 | 000,156,910 | ---- | M] () -- C:\WINDOWS\WMSysPr8.prx
[2010/03/31 03:24:11 | 000,068,456 | ---- | M] () -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/31 03:19:48 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\Errol Santos\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/03/31 03:17:38 | 000,000,044 | ---- | M] () -- C:\WINDOWS\EPCX8400.ini
[2010/03/31 00:35:56 | 000,000,135 | ---- | M] () -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\fusioncache.dat
[2010/03/31 00:22:46 | 000,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ATI CATALYST System Tray.lnk
[2010/03/31 00:22:15 | 000,000,010 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2010/03/30 23:53:38 | 000,472,576 | ---- | M] () -- C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe
[2010/03/30 23:29:23 | 000,000,531 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk
[2010/03/30 20:23:58 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010/03/30 20:23:58 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010/03/30 19:45:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/03/30 18:53:57 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/30 18:52:52 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/03/30 18:50:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/03/30 18:50:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/30 18:50:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/03/30 18:50:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/30 18:50:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/30 18:50:04 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/30 18:49:23 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/30 18:49:23 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/30 18:45:28 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/30 18:45:16 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/03/30 18:45:16 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/03/30 18:41:05 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/03/30 10:39:33 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/03/26 02:38:53 | 000,249,258 | ---- | M] () -- C:\Documents and Settings\Errol Santos\My Documents\Ninja Beats.jpg
[2010/03/24 20:24:34 | 000,031,032 | ---- | M] (Your Corporation) -- C:\WINDOWS\System32\ntaccess_64.sys
[2010/03/24 20:24:28 | 000,025,400 | ---- | M] (Your Corporation) -- C:\WINDOWS\System32\Ntaccess.sys
[2010/03/21 17:09:12 | 036,478,692 | ---- | M] () -- C:\Documents and Settings\Errol Santos\My Documents\Demi_Lovato_17th_Birthday_Party.flv
[2010/03/07 00:35:48 | 000,177,023 | ---- | M] () -- C:\Documents and Settings\Errol Santos\My Documents\frogger.JPG
[2010/03/04 13:51:18 | 000,491,649 | ---- | M] () -- C:\Documents and Settings\Errol Santos\My Documents\Eye Prescription.jpg

========== Files Created - No Company Name ==========

[2010/06/01 14:25:27 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Errol Santos\Desktop\gmer.exe
[2010/06/01 14:24:56 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Errol Santos\Desktop\gmer.zip
[2010/06/01 04:08:06 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Errol Santos\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/24 22:16:42 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2010/05/24 22:16:42 | 000,000,730 | ---- | C] () -- C:\WINDOWS\System32\rootcert.pem
[2010/05/24 22:16:41 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\IBColIml.ocx
[2010/05/22 19:14:03 | 000,045,665 | ---- | C] () -- C:\Documents and Settings\Errol Santos\.recently-used.xbel
[2010/05/14 21:47:37 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\PropertyGrid.ocx
[2010/05/14 21:47:37 | 000,208,500 | ---- | C] () -- C:\WINDOWS\System32\ReyXpBasics.tlb
[2010/05/14 21:47:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ControlSubX.ocx
[2010/05/14 02:38:56 | 000,409,879 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\get_rich_selling_beats.zip
[2010/05/05 04:40:50 | 000,001,710 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GA311 Smart Wizard Utility.lnk
[2010/05/03 23:51:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/04/29 01:52:38 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2010/04/29 01:52:38 | 000,031,930 | ---- | C] () -- C:\WINDOWS\System32\GTNDIS3.VXD
[2010/04/28 07:18:54 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II Beta.lnk
[2010/04/26 14:21:41 | 000,517,861 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\leileah.jpg
[2010/04/24 01:11:25 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2010/04/24 01:11:22 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/04/12 18:56:16 | 000,056,488 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/04/09 20:39:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Errol Santos\dxva_sig.txt
[2010/04/08 20:46:47 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/03 01:43:57 | 000,040,513 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Thanks.rtf
[2010/04/03 01:43:56 | 026,770,473 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\T.I. - Dead And Gone Piano Tutorial.wmv
[2010/04/03 01:43:51 | 080,533,669 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\T.I. - Dead And Gone Piano Tutorial.mp4
[2010/04/03 01:43:50 | 022,210,693 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Selena Gomez - Naturally.mp4
[2010/04/03 01:43:50 | 000,194,985 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Publishing Company Directory.pdf
[2010/04/03 01:43:50 | 000,010,285 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Paraliminals.xlsx
[2010/04/03 01:43:49 | 007,858,272 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Only Hope Piano.flv
[2010/04/03 01:43:49 | 001,667,862 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Paraliminals.pdf
[2010/04/03 01:43:41 | 102,985,201 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\NO FEAR Manny 'Pacman' Pacquiao HL by Hero1.wmv
[2010/04/03 01:43:41 | 000,249,258 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Ninja Beats.jpg
[2010/04/03 01:43:41 | 000,056,417 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\ninjabeats2.pdf
[2010/04/03 01:43:41 | 000,037,590 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\ninjabeats1.pdf
[2010/04/03 01:43:41 | 000,019,689 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\MFHG Time_Sheet.pdf
[2010/04/03 01:43:38 | 030,303,165 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\maestro3pxcloserx808kit.zip
[2010/04/03 01:43:38 | 001,677,754 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\img080.jpg
[2010/04/03 01:43:38 | 000,104,194 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Letting Go Errol.flp
[2010/04/03 01:43:38 | 000,046,662 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\I Love Errol Beats.jpg
[2010/04/03 01:43:38 | 000,010,551 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Lease Prices.xlsx
[2010/04/03 01:43:38 | 000,007,207 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\intelligence test.png
[2010/04/03 01:43:38 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\LOGANTHAPRODUCER MIXING TECHNIQUES.rtf
[2010/04/03 01:43:38 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Lisa Lampanelli.mp4
[2010/04/03 01:43:26 | 052,960,971 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\How_to_play_Halo_by_Beyonce_on_Piano.wmv
[2010/04/03 01:43:08 | 389,512,028 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\HOLLYWOOD_STRINGS_EXT3.mov
[2010/04/03 01:43:08 | 002,643,524 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\friendblasterpro_v10_6_8.zip
[2010/04/03 01:43:08 | 000,491,649 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Eye Prescription.jpg
[2010/04/03 01:43:08 | 000,177,023 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\frogger.JPG
[2010/04/03 01:43:08 | 000,138,675 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\facebook tag.jpg
[2010/04/03 01:43:08 | 000,103,445 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Errol Beats - Marnie.mp3
[2010/04/03 01:43:08 | 000,019,095 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Emil 1-8 spring.docx
[2010/04/03 01:43:08 | 000,010,583 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\excuse.docx
[2010/04/03 01:43:08 | 000,009,396 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Fat.xlsx
[2010/04/03 01:43:07 | 006,649,486 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Diddy Bop.mp3
[2010/04/03 01:43:07 | 000,115,413 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\DuganFire.xcf
[2010/04/03 01:43:05 | 036,478,692 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Demi_Lovato_17th_Birthday_Party.flv
[2010/04/03 01:43:01 | 049,357,954 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\COMPUTER MUSIC SPECIAL - FIX YOUR MIX [2010].pdf
[2010/04/03 01:43:01 | 000,140,001 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\0399 - Life Isn't Fair.flp
[2010/04/03 01:43:01 | 000,044,138 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\bookmarks.html
[2010/04/03 01:43:01 | 000,034,976 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\002.jpg
[2010/04/03 01:43:01 | 000,034,546 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\001.jpg
[2010/04/03 01:43:01 | 000,033,535 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\005.jpg
[2010/04/03 01:43:01 | 000,031,148 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\004.jpg
[2010/04/03 01:43:01 | 000,030,138 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\003.jpg
[2010/04/03 01:43:01 | 000,011,591 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Cheri Poem.docx
[2010/04/03 00:45:39 | 000,011,079 | ---- | C] () -- C:\Documents and Settings\Errol Santos\My Documents\Master Cleanse.xlsx
[2010/04/02 15:20:28 | 000,035,382 | ---- | C] () -- C:\WINDOWS\scunin.dat
[2010/04/02 15:20:28 | 000,000,967 | ---- | C] () -- C:\WINDOWS\ScUnin.pif
[2010/04/02 11:59:24 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/03/31 21:15:57 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/03/31 14:18:49 | 000,510,976 | ---- | C] () -- C:\WINDOWS\System32\synsoacc.dll
[2010/03/31 05:25:09 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/03/31 05:25:09 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/03/31 04:24:49 | 000,000,465 | -H-- | C] () -- C:\IPH.PH
[2010/03/31 04:16:49 | 000,156,910 | ---- | C] () -- C:\WINDOWS\WMSysPr8.prx
[2010/03/31 03:19:48 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Errol Santos\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/03/31 03:14:45 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/03/31 03:14:44 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/03/31 03:14:44 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/03/31 03:14:44 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/03/31 03:14:44 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/03/31 03:14:44 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/03/31 03:14:44 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/03/31 03:14:44 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/03/31 03:14:44 | 000,012,669 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_EN.cfg
[2010/03/31 03:14:44 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/03/31 03:14:44 | 000,006,366 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_CF.cfg
[2010/03/31 03:14:44 | 000,006,226 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_ES.cfg
[2010/03/31 03:14:44 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/03/31 03:14:44 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/03/31 03:14:44 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/03/31 03:14:44 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/03/31 03:14:44 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/03/31 03:14:44 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/03/31 03:14:44 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/03/31 03:14:43 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_PT.cfg
[2010/03/31 03:14:43 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_BP.cfg
[2010/03/31 03:14:43 | 000,006,366 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_FR.cfg
[2010/03/31 03:13:10 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPCX8400.ini
[2010/03/31 00:50:21 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010/03/31 00:35:56 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Errol Santos\Local Settings\Application Data\fusioncache.dat
[2010/03/31 00:22:46 | 000,001,851 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ATI CATALYST System Tray.lnk
[2010/03/31 00:20:14 | 000,524,850 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2010/03/31 00:20:14 | 000,058,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2010/03/31 00:20:14 | 000,022,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2010/03/31 00:20:14 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2010/03/31 00:20:13 | 000,104,361 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/03/31 00:20:13 | 000,005,496 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2010/03/30 23:53:38 | 000,472,576 | ---- | C] () -- C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe
[2010/03/30 23:29:23 | 000,000,531 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk
[2010/03/30 21:43:11 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010/03/30 20:23:58 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010/03/30 20:23:58 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010/03/30 19:49:39 | 000,000,354 | ---- | C] () -- C:\WINDOWS\tasks\Driver Fetch.job
[2010/03/30 19:48:21 | 000,012,540 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010/03/30 19:45:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/03/30 19:39:11 | 000,076,277 | ---- | C] () -- C:\Documents and Settings\Errol Santos\CCCInstall_201003301939111718.log
[2010/03/30 19:36:10 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2010/03/30 19:36:10 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[2010/03/30 19:36:10 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2010/03/30 18:55:06 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\Errol Santos\ntuser.dat.LOG
[2010/03/30 18:55:06 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Errol Santos\ntuser.ini
[2010/03/30 18:55:05 | 004,194,304 | -H-- | C] () -- C:\Documents and Settings\Errol Santos\NTUSER.DAT
[2010/03/30 18:53:57 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/03/30 18:52:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/30 18:52:46 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/03/30 18:52:14 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/03/30 18:52:14 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/03/30 18:52:12 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/03/30 18:52:01 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/03/30 18:52:00 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/03/30 18:51:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/03/30 18:51:32 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/03/30 18:51:28 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/03/30 18:51:14 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/03/30 18:51:07 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/03/30 18:51:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/03/30 18:50:55 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/03/30 18:50:49 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/03/30 18:50:49 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/03/30 18:50:49 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/03/30 18:50:49 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/03/30 18:50:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/03/30 18:50:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/03/30 18:50:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/03/30 18:50:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/03/30 18:50:48 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/03/30 18:50:48 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/03/30 18:50:48 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/03/30 18:50:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/03/30 18:50:47 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/03/30 18:50:47 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/03/30 18:50:47 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/03/30 18:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/03/30 18:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/03/30 18:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/03/30 18:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/03/30 18:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/03/30 18:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/03/30 18:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/03/30 18:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/03/30 18:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/03/30 18:50:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/03/30 18:50:46 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/03/30 18:50:46 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/03/30 18:50:46 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/03/30 18:50:46 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/03/30 18:50:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/03/30 18:50:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/03/30 18:50:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/03/30 18:50:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/03/30 18:50:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/03/30 18:50:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/03/30 18:50:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/03/30 18:50:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/03/30 18:50:45 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/03/30 18:50:45 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/03/30 18:50:45 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/03/30 18:50:45 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/03/30 18:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/03/30 18:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/03/30 18:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/03/30 18:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/03/30 18:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/03/30 18:50:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/03/30 18:50:44 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/03/30 18:50:44 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/03/30 18:50:16 | 000,002,626 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/30 18:50:16 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/03/30 18:50:16 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/03/30 18:50:16 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/03/30 18:50:16 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/03/30 18:50:13 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/30 18:50:13 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/03/30 18:50:12 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/03/30 18:49:23 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/03/30 18:49:23 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/03/30 18:49:18 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/03/30 18:49:00 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/03/30 18:48:20 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/03/30 18:48:20 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/03/30 18:48:04 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/03/30 18:46:06 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/03/30 18:45:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/03/30 18:43:41 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/03/30 18:43:41 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/03/30 18:43:40 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/03/30 18:43:40 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/03/30 18:43:40 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/03/30 18:43:39 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/03/30 18:43:39 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/03/30 18:43:39 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/03/30 18:43:39 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/03/30 18:43:39 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/03/30 18:43:38 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/03/30 18:43:38 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/03/30 18:43:38 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/03/30 18:43:37 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/03/30 18:43:37 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/03/30 18:43:37 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/03/30 18:43:37 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/03/30 18:43:36 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/03/30 18:43:36 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/03/30 18:43:32 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/03/30 18:43:31 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/03/30 18:43:27 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/03/30 18:42:59 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/03/30 10:39:33 | 000,005,208 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/03/30 10:35:38 | 000,004,566 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/03/30 10:35:31 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/03/30 10:35:30 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/03/30 10:35:29 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/03/30 10:35:27 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/03/30 10:35:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010/03/30 10:35:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/03/30 10:35:18 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010/03/30 10:35:18 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/03/30 10:35:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010/03/30 10:35:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/03/30 10:35:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010/03/30 10:35:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/03/30 10:35:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010/03/30 10:35:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/03/30 10:35:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010/03/30 10:35:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/03/30 10:35:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010/03/30 10:35:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/03/30 10:35:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010/03/30 10:35:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/03/30 10:35:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010/03/30 10:35:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/03/30 10:35:04 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010/03/30 10:35:04 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/03/30 10:35:04 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010/03/30 10:35:04 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/03/30 10:35:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010/03/30 10:35:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/03/30 10:35:00 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010/03/30 10:35:00 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/03/30 10:35:00 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010/03/30 10:35:00 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/03/30 10:35:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010/03/30 10:35:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/03/30 10:34:55 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2010/03/30 10:34:55 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/03/30 10:34:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010/03/30 10:34:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/03/30 10:34:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010/03/30 10:34:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/03/30 10:34:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010/03/30 10:34:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/03/30 10:34:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010/03/30 10:34:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/03/30 10:34:36 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/03/30 10:32:45 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/03/30 10:32:45 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/03/30 10:32:45 | 000,171,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2010/03/30 10:32:45 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/03/30 10:32:45 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/03/30 10:32:45 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/03/30 10:32:45 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/03/30 10:32:45 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/03/30 10:32:45 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/03/30 10:32:45 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/03/30 10:32:45 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/03/30 10:32:45 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/03/30 10:32:45 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/03/30 10:32:45 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/03/30 10:32:44 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/03/30 10:32:44 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/03/30 10:32:44 | 000,402,264 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/03/30 10:30:56 | 000,263,024 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/30 10:29:40 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010/03/30 10:29:36 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/07/30 18:58:42 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2008/02/01 08:18:14 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys

========== LOP Check ==========

[2010/03/30 19:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2Wire
[2010/03/31 04:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/06/01 04:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/04/02 11:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010/03/31 03:15:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/03/30 22:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/04/10 03:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/05/05 04:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{B7A015B7-4802-4678-8CEC-700380BA9AFD}
[2010/03/30 19:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\2Wire
[2010/03/31 04:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\acccore
[2010/04/07 16:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\BitTorrent
[2010/04/04 03:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\Blitware
[2010/04/02 12:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\DAEMON Tools Pro
[2010/05/01 21:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\EPSON
[2010/05/14 21:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\FreeFLVConverter
[2010/05/22 19:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\gtk-2.0
[2010/03/31 03:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\Leadertech
[2010/04/08 20:20:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\ManyCam
[2010/05/31 19:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Errol Santos\Application Data\PrimoPDF
[2010/05/16 03:59:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Fetch.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/03/30 18:50:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/30 18:41:05 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/03/30 18:50:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/30 18:50:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/31 04:25:06 | 000,000,465 | -H-- | M] () -- C:\IPH.PH
[2010/05/06 18:34:08 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2010/03/30 18:50:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 05:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/01 11:10:49 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/03/30 10:29:39 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/03/30 10:29:39 | 001,064,960 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/03/30 10:29:39 | 000,937,984 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< End of report >

#4
superman659

Posted 08 June 2010 - 10:31 PM

Member

Topic Starter
Member
37 posts

Extras:

OTL Extras logfile created on: 6/1/2010 2:49:44 PM - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Documents and Settings\Errol Santos\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 166.22 Gb Free Space | 55.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 232.88 Gb Total Space | 117.54 Gb Free Space | 50.47% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ERROLSCOMP
Current User Name: Errol Santos
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"6112:TCP" = 6112:TCP:*:Enabled:Blizzard Downloader
"1119:TCP" = 1119:TCP:*:Enabled:Blizzard Downloader
"1120:TCP" = 1120:TCP:*:Enabled:Blizzard Downloader

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Starcraft\StarCraft.exe" = C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft -- (Blizzard Entertainment)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\StarCraft II Beta\StarCraft II.exe" = C:\Program Files\StarCraft II Beta\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\StarCraft II Beta\Support\BlizzardDownloader.exe" = C:\Program Files\StarCraft II Beta\Support\BlizzardDownloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}" = ArcSoft Print Creations
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24ADC0E4-8D3E-40C4-9106-F2DE5E9112F1}" = EPSON Stylus CX8400 Series Scanner Driver Update
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Driver
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3546340D-0D9B-4719-AA0B-906FB48FEBF9}" = ATI Catalyst Control Center
"{3CE11B98-C61C-4692-9E0E-59934761C3BE}" = 2Wire Wireless Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{581CE7EA-A30D-0000-1211-088635773309}" = 2WIRE Wireless LAN - USB Driver
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6C89B82E-AD76-7715-43EA-C37E563E83BB}" = ATI Catalyst Install Manager
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{74B0050D-709E-4BD4-A5F4-5A7819F324FA}" = Turtle Beach USB MIDI 1x1
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D03E7B00-CA85-4684-9321-1888873C34BD}" = ArcSoft PhotoImpression 6
"{DBD40476-78A4-4738-86B4-A5FB8807946D}" = NETGEAR GA311 Gigabit Adapter
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB15BACA-8F2E-421C-A214-F9065EA15A92}" = LAN Utility
"69083DC58646DE46A09847A522A1CC487F918039" = Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
"9722CA1E8F72F362E93CBEC75A707FDABFC8D880" = Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_7" = AIM 7
"All ATI Software" = ATI - Software Uninstall Utility
"ASIO4ALL" = ASIO4ALL
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"East West Colossus" = East West Colossus
"Edirol HQ Orchestral v1.01" = Edirol HQ Orchestral v1.01
"Edirol Super Quartet v1.52 TALiO" = Edirol Super Quartet v1.52 TALiO
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ERUNT_is1" = ERUNT 1.1j
"FL Studio 9" = FL Studio 9
"FLV Player" = FLV Player 2.0 (build 25)
"Free FLV Converter_is1" = Free FLV Converter V 6.7.8
"FriendBlasterPro_is1" = FriendBlasterPro
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"InstallShield_{DBD40476-78A4-4738-86B4-A5FB8807946D}" = NETGEAR GA311 Smart Wizard Utility
"iZotope Ozone 3_is1" = iZotope Ozone 3
"LinPlug_Albino_VSTi_v2.2-PLZ" = LinPlug_Albino_VSTi_v2.2-PLZ
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MultiRes (remove only)" = MultiRes (remove only)
"Native Instruments Absynth 3" = Native Instruments Absynth 3
"Pianoteq23" = Pianoteq v2.3.0
"PoiZone" = PoiZone
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"QcDrv" = Logitech® Camera Driver
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Sawer" = Sawer
"Silent Package Run-Time Sample" = EPSON CX8400 User's Guide
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Starcraft" = Starcraft
"StarCraft II Beta" = StarCraft II Beta
"Steinberg Hypersonic v1.0" = Steinberg Hypersonic v1.0
"Sylenth1_is1" = Sylenth1 v2.0
"Toxic Biohazard" = Toxic Biohazard
"Unlocker" = Unlocker 1.8.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/3/2010 7:09:34 AM | Computer Name = ERROLSCOMP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 25672

Error - 5/3/2010 10:44:59 AM | Computer Name = ERROLSCOMP | Source = Application Error | ID = 1000
Description = Faulting application stdrt.exe, version 1.2.2008.0, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x00010a19.

Error - 5/4/2010 2:41:53 PM | Computer Name = ERROLSCOMP | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.2.3743, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x0001b21a.

Error - 5/15/2010 1:24:17 AM | Computer Name = ERROLSCOMP | Source = Application Error | ID = 1000
Description = Faulting application moviemk.exe, version 2.1.4027.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 5/22/2010 11:44:23 AM | Computer Name = ERROLSCOMP | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(BZDN1780156926-QkxaMDAwMjk1MDZERjE2OzZDOTkxOjFEMTR7T0VCMDQ=._bzdn._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 5/22/2010 11:45:08 AM | Computer Name = ERROLSCOMP | Source = Bonjour Service | ID = 100
Description = 264: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 5/26/2010 2:11:56 PM | Computer Name = ERROLSCOMP | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module kernel32.dll, version 5.1.2600.5781, fault address 0x0000a93b.

Error - 5/26/2010 2:12:01 PM | Computer Name = ERROLSCOMP | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 5/26/2010 11:59:45 PM | Computer Name = ERROLSCOMP | Source = Application Hang | ID = 1002
Description = Hanging application FriendBlasterPro.exe, version 10.9.0.3, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/1/2010 2:11:21 PM | Computer Name = ERROLSCOMP | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

< End of report >

#5
superman659

Posted 08 June 2010 - 11:09 PM

Member

Topic Starter
Member
37 posts

Hey, I did all the steps for combofix. It got stuck for a really long time at one part and it said something like "Log being created, do not open any other programs" There was more to it than that but it was stuck there for a really long time so I just forced shut off the comp...Should I try again?

#6
superman659

Posted 08 June 2010 - 11:33 PM

Member

Topic Starter
Member
37 posts

I forgot I missed one. This is titled "ark"

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-01 14:48:15
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\ERROLS~1\LOCALS~1\Temp\pwtdrkog.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB021EC7A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xB021EB36]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteKey [0xB021F0EA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB021F014]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xB021E70C]
SSDT spve.sys ZwEnumerateKey [0xB9ECDDA4]
SSDT spve.sys ZwEnumerateValueKey [0xB9ECE132]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xB021EC10]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xB021E64C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xB021E6B0]
SSDT spve.sys ZwQueryKey [0xB9ECE20A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB021ED30]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRenameKey [0xB021F1B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB021ECF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB021EE70]

INT 0x63 ? 8A1D2F00
INT 0x73 ? 8A3A3BF8
INT 0x73 ? 8A3A3BF8
INT 0x73 ? 8A3A3BF8
INT 0x73 ? 8A3A3BF8
INT 0x73 ? 8A1D2F00
INT 0x73 ? 8A3A3BF8
INT 0x83 ? 8A3A3BF8
INT 0x83 ? 8A3A3BF8
INT 0x83 ? 8A1D2F00
INT 0x83 ? 8A3A3BF8
INT 0x94 ? 8A1D2F00
INT 0xB4 ? 8A1D2F00

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2CCC 80504568 4 Bytes JMP 66B021F0
? spve.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload B97CD8AC 5 Bytes JMP 8A1D24E0
.text a6fjh9ei.SYS B970C386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a6fjh9ei.SYS B970C3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a6fjh9ei.SYS B970C3C4 3 Bytes [00, 80, 02]
.text a6fjh9ei.SYS B970C3C9 1 Byte [30]
.text a6fjh9ei.SYS B970C3C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[3892] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A3A21F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \FileSystem\Fastfat \FatCdrom 89DCE500

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbuhci \Device\USBPDO-0 8A1D11F8
Device \Driver\usbuhci \Device\USBPDO-1 8A1D11F8
Device \Driver\usbehci \Device\USBPDO-2 8A1A81F8
Device \Driver\usbuhci \Device\USBPDO-3 8A1D11F8
Device \Driver\usbuhci \Device\USBPDO-4 8A1D11F8

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbuhci \Device\USBPDO-5 8A1D11F8
Device \Driver\usbehci \Device\USBPDO-6 8A1A81F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A4141F8
Device \Driver\Cdrom \Device\CdRom0 8A1911F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A4141F8
Device \Driver\Cdrom \Device\CdRom1 8A1911F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort4 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort5 [B9E2FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBt_Wins_Export 89E2B500
Device \Driver\USBSTOR \Device\00000085 89DAF500
Device \Driver\NetBT \Device\NetbiosSmb 89E2B500
Device \Driver\PCI_PNP0544 \Device\0000004c spve.sys

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\NetBT \Device\NetBT_Tcpip_{1DFB9210-CB97-494B-9EE9-4DC1EF0BC4D7} 89E2B500
Device \Driver\usbuhci \Device\USBFDO-0 8A1D11F8
Device \Driver\usbuhci \Device\USBFDO-1 8A1D11F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89ED0500
Device \Driver\USBSTOR \Device\0000007b 89DAF500
Device \Driver\usbehci \Device\USBFDO-2 8A1A81F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 89ED0500
Device \Driver\usbuhci \Device\USBFDO-3 8A1D11F8
Device \Driver\usbuhci \Device\USBFDO-4 8A1D11F8
Device \Driver\sptd \Device\3060819294 spve.sys
Device \Driver\Ftdisk \Device\FtControl 8A4141F8
Device \Driver\usbuhci \Device\USBFDO-5 8A1D11F8
Device \Driver\usbehci \Device\USBFDO-6 8A1A81F8
Device \Driver\a6fjh9ei \Device\Scsi\a6fjh9ei1 8A1411F8
Device \Driver\a6fjh9ei \Device\Scsi\a6fjh9ei1Port6Path0Target0Lun0 8A1411F8
Device \FileSystem\Fastfat \Fat 89DCE500

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \FileSystem\Cdfs \Cdfs 89D70500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x23 0x64 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xE0 0x06 0x38 0x73 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xBB 0xE1 0x41 0xD5 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x42 0xC8 0xB2 0xC2 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x23 0x64 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xE0 0x06 0x38 0x73 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xBB 0xE1 0x41 0xD5 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x42 0xC8 0xB2 0xC2 ...

---- EOF - GMER 1.0.15 ----

#7
RKinner

Posted 09 June 2010 - 12:17 AM

Malware Expert

Expert
24,625 posts

First look in C:\Combofix.txt to see if there is a log. If not run it again.

1. Double-click My Computer, and then right-click the hard disk that you want to check.
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, and then restart your computer to start the disk check.

Check for a bad program:
Start Run, msconfig, OK
Go to Services tab and click on the box to hide Microsoft Services then uncheck
everything that remains. Go to Startup tab and uncheck everything. OK and
reboot. If it doesn't run faster then go back into msconfig and recheck the
things you turned off. If it helps then go back and turn on a few items each
time until you find the culprit.

Ron

#8
superman659

Posted 09 June 2010 - 08:18 PM

Member

Topic Starter
Member
37 posts

Hey, before my Power Supply broke, my comp was running slow. But now that I have replaced it with a new one. My comp seems to be running normal. And I can actually hear my fan running now and I didn't notice it wasn't working earlier. But could the bad Power Supply be the cause of the comp running slow?

#9
RKinner

Posted 09 June 2010 - 08:34 PM

Malware Expert

Expert
24,625 posts

Depends on what was wrong with the power supply. If it was weak and not putting out enough voltage then yes it could be why things were slow. Also if your fan doesn't run and it gets hot the cpu will slow down to keep things from melting down.

Your logs also show that "{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour is having major problems. You might want to uninstall it. It is something from Apple. I think it looks for other apple products on your network so if you want it you can get it from them and reinstall.

Ron

#10
superman659

Posted 11 June 2010 - 10:47 PM

Member

Topic Starter
Member
37 posts

hmm, how do i figure out what it is. I think the only apple product I use is an ipod. So maybe it's iTunes? Is there a way to figure it out for sure?

#11
superman659

Posted 11 June 2010 - 10:50 PM

Member

Topic Starter
Member
37 posts

there is no combofix log. So do I run george.exe first before I do the error checkign in "my computer"?

#12
RKinner

Posted 11 June 2010 - 11:51 PM

Malware Expert

Expert
24,625 posts

http://support.apple.com/kb/ht1923

Should help with your apple stuff.

Run combofix again and let's see if it works this time. Remember to pause the antivirus. It may be causing the problem when you reboot.

Ron