Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

cant open desktop programs

Started by decosta , Jul 08 2010 12:40 PM

  • Please log in to reply

#1
decosta
Posted 08 July 2010 - 12:40 PM

decosta

    New Member

  • Member
  • Pip
  • 1 posts
so on my desktop in can not open certon programs such as Mbam and i need to open this and when i try to down load new programs and have them on the desk top i can not extract them from the file please help this is the OTL, Extras and ark.txt and im not good with computers so do not talk computer talk to me

OTL logfile created on: 7/10/2001 2:07:53 PM - Run 1
OTL by OldTimer - Version 3.2.8.1 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 302.00 Mb Available Physical Memory | 59.00% Memory free
670.00 Mb Paging File | 517.00 Mb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 192 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.64 Gb Total Space | 13.38 Gb Free Space | 71.80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: EXAMPC2
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2004/01/06 15:47:06 | 000,327,792 | ---- | M] (Executive Software International, Inc.) -- C:\Program Files\Executive Software\Diskeeper\DkService.exe
PRC - [2003/10/24 17:01:50 | 000,077,824 | ---- | M] (Symantec Corporation) -- C:\Program Files\NavNT\vptray.exe
PRC - [2003/01/10 16:55:14 | 000,036,915 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\CBA\XFR.EXE
PRC - [2003/01/10 16:54:56 | 000,032,819 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\CBA\PDS.EXE
PRC - [2003/01/10 16:54:12 | 000,028,729 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\MSGSYS.EXE
PRC - [2002/08/29 03:00:00 | 001,004,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001/07/10 12:30:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe


========== Modules (SafeList) ==========

MOD - [2002/08/29 03:00:00 | 000,106,547 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2001/07/10 12:30:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\xmlprov.dll -- (xmlprov)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wuauserv.dll -- (wuauserv)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\wscsvc.dll -- (wscsvc)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\qagentrt.dll -- (napagent)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\kmsvc.dll -- (hkmsvc)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\eapsvc.dll -- (EapHost)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\dot3svc.dll -- (Dot3svc)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec\pcAnywhere\awhost32.exe -- (awhost32)
SRV - [2004/01/06 15:47:06 | 000,327,792 | ---- | M] (Executive Software International, Inc.) [Auto | Running] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2003/10/24 16:48:46 | 000,491,520 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\NavNT\rtvscan.exe -- (Norton AntiVirus Server)
SRV - [2003/10/24 16:43:14 | 000,032,768 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\NavNT\defwatch.exe -- (DefWatch)
SRV - [2003/10/08 03:08:00 | 000,540,672 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2003/01/10 16:55:14 | 000,036,915 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\WINDOWS\system32\CBA\XFR.EXE -- (Intel File Transfer)
SRV - [2003/01/10 16:54:56 | 000,032,819 | ---- | M] (Intel® Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\CBA\PDS.EXE -- (Intel PDS)
SRV - [2002/08/29 03:00:00 | 000,066,560 | --S- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\adsldpcs.exe -- (WmdmPmSNFastUserSwitchingCompatibility)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\mssmbios.sys -- (mssmbios)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ip6fw.sys -- (ip6fw)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\HTTP.sys -- (HTTP)
DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2003/10/24 16:01:46 | 000,018,688 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\NavNT\Navapel.sys -- (NAVAPEL)
DRV - [2003/10/24 10:53:08 | 000,016,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AW_HOST5.sys -- (AW_HOST)
DRV - [2003/09/07 02:50:00 | 000,013,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2003/04/21 15:08:44 | 000,010,901 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\awlegacy.sys -- (awlegacy)
DRV - [2003/04/21 14:00:32 | 000,013,898 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\GERNUWA.sys -- (Gernuwa)
DRV - [2002/08/29 00:16:30 | 000,891,711 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2002/08/29 00:16:18 | 000,327,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtaa.sys -- (ati2mtaa)
DRV - [2002/04/22 15:53:10 | 000,089,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1000nt5.sys -- (E1000) Intel®
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:58:02 | 000,027,648 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2001/08/17 14:58:02 | 000,026,112 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:49:58 | 000,018,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wvchntxx.sys -- (iAimFP4)
DRV - [2001/08/17 13:49:54 | 000,012,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wsiintxx.sys -- (iAimFP3)
DRV - [2001/08/17 13:49:50 | 000,023,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wch7xxnt.sys -- (iAimTV4)
DRV - [2001/08/17 13:49:46 | 000,031,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv04nt.sys -- (iAimTV3)
DRV - [2001/08/17 13:49:42 | 000,044,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv03nt.sys -- (iAimTV2)
DRV - [2001/08/17 13:49:36 | 000,019,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv02nt.sys -- (iAimTV1)
DRV - [2001/08/17 13:49:34 | 000,029,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv01nt.sys -- (iAimTV0)
DRV - [2001/08/17 13:49:32 | 000,012,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv05nt.sys -- (iAimFP2)
DRV - [2001/08/17 13:49:26 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv02nt.sys -- (iAimFP1)
DRV - [2001/08/17 13:49:22 | 000,012,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv01nt.sys -- (iAimFP0)
DRV - [2001/08/17 13:49:18 | 000,138,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2001/08/17 13:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel® 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/17 09:47:22 | 000,009,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm)
DRV - [2001/08/17 08:49:00 | 000,075,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atimpae.sys -- (atirage3)
DRV - [2001/08/17 08:19:28 | 000,072,832 | ---- | M] (Crystal Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cwbwdm.sys -- (cwbwdm_device)
DRV - [2001/08/17 08:19:26 | 000,003,072 | ---- | M] (Crystal Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cwbmidi.sys -- (cwbmidi_device)
DRV - [2001/08/17 08:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://intranet.spherion.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.interim.com;*.spherion.com;10.*;*.centra.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=httpproxy.spherion.com:80;https=secureproxy.spherion.com:80;ftp=ftpproxy.sp
herion.com:80



O1 HOSTS File: ([2002/08/29 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vptray] C:\Program Files\NavNT\vptray.exe (Symantec Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 11\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office 11\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe File not found
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.10.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\System32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()
O20 - Winlogon\Notify\PCANotify: DllName - PCANotify.dll - C:\WINDOWS\System32\PCANotify.dll (Symantec Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/28 17:13:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: napagent - C:\WINDOWS\System32\qagentrt.dll File not found
NetSvcs: hkmsvc - C:\WINDOWS\System32\kmsvc.dll File not found
NetSvcs: xmlprov - C:\WINDOWS\System32\xmlprov.dll File not found
NetSvcs: wscsvc - C:\WINDOWS\System32\wscsvc.dll File not found
NetSvcs: wuauserv - C:\WINDOWS\System32\wuauserv.dll File not found

Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (51805006466121728)

========== Files/Folders - Created Within 90 Days ==========

[2010/03/03 21:20:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\New Folder
[2009/11/05 11:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Gradekeeper
[2009/11/05 11:31:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Gradekeeper
[2009/11/05 11:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Gradekeeper
[2004/06/07 09:57:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ms
[2004/06/07 09:57:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CCM
[2004/06/01 15:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InterVideo
[2004/06/01 15:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.jpi_cache
[2004/06/01 15:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.java
[2004/06/01 15:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2004/05/25 11:12:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2004/05/25 11:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2004/05/25 11:11:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Messenger_5.0.0482
[2004/05/25 11:09:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2004/02/19 17:02:43 | 000,000,000 | RH-D | C] -- C:\My Documents
[2004/02/19 16:11:58 | 000,008,704 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\PCANotify.dll
[2004/02/17 16:59:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.javaws
[2004/02/17 16:59:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java Web Start
[2004/02/17 16:58:59 | 000,229,487 | ---- | C] (Sun Microsystems) -- C:\WINDOWS\System32\jpicpl32.cpl
[2004/02/17 16:58:54 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2004/02/17 16:55:31 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2004/02/17 16:55:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2004/02/17 12:03:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2004/02/17 11:47:05 | 000,000,000 | ---D | C] -- C:\Program Files\OfficeUpdate11
[2004/02/13 14:37:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AdobeUM
[2004/02/13 14:37:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2004/02/13 14:37:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My eBooks
[2004/02/13 14:37:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2004/02/13 14:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2004/02/13 12:39:40 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo
[2004/02/12 14:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2004/02/12 14:38:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2004/02/10 11:50:18 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\drivers\mraid35x.sys
[2004/02/10 11:50:18 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2004/02/10 11:46:02 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\sparrow.sys
[2004/02/10 11:46:02 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2004/02/09 12:29:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\L&H
[2004/02/09 12:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2004/02/09 12:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2004/02/09 12:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2004/02/09 12:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2004/02/09 12:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2004/02/09 12:20:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2004/02/09 12:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 11
[2004/02/02 12:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Aventail
[2004/02/02 12:16:52 | 000,000,000 | ---D | C] -- C:\temp
[2004/01/29 17:17:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Attachmate
[2004/01/29 17:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Attachmate Shared
[2004/01/29 17:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Attachmate
[2004/01/29 16:29:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Help
[2004/01/29 16:29:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Help
[2004/01/29 16:26:18 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2004/01/29 16:26:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WINDOWS
[2004/01/29 16:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Symantec
[2004/01/29 15:49:49 | 000,053,248 | ---- | C] (GFi FAX & VOICE) -- C:\WINDOWS\System32\gfimntr.dll
[2004/01/29 15:49:40 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2004/01/29 15:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Symantec
[2004/01/29 15:22:16 | 000,083,208 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2004/01/29 15:22:16 | 000,073,496 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2004/01/29 15:21:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CBA
[2004/01/29 15:21:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2004/01/29 15:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2004/01/29 15:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\NavNT
[2004/01/29 15:20:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2004/01/29 15:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My Received Files
[2004/01/29 14:49:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2004/01/29 14:48:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2004/01/29 14:47:45 | 000,000,000 | ---D | C] -- C:\Program Files\Executive Software
[2004/01/29 12:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2004/01/28 18:20:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\VPCache
[2004/01/28 18:01:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2004/01/28 17:39:17 | 000,000,000 | ---D | C] -- C:\WUTemp
[2004/01/28 17:38:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\BITS
[2004/01/28 17:36:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ccmsetup
[2004/01/28 17:36:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Spherion Logs
[2004/01/28 17:34:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\UserData
[2004/01/28 17:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\WindowsUpdate
[2004/01/28 17:32:50 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2004/01/28 17:29:18 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2004/01/28 17:26:41 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2004/01/28 17:26:29 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2004/01/28 17:26:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2004/01/28 17:26:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2004/01/28 17:26:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2004/01/28 17:26:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2004/01/28 17:26:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies
[2004/01/28 17:26:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2004/01/28 17:26:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2004/01/28 17:26:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2004/01/28 17:26:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2004/01/28 17:26:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2004/01/28 17:26:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates
[2004/01/28 17:26:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2004/01/28 17:26:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2004/01/28 17:26:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2004/01/28 17:26:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2004/01/28 17:26:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2004/01/28 17:26:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SchCache
[2004/01/28 17:26:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2004/01/28 17:25:30 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2004/01/28 17:25:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2004/01/28 17:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2004/01/28 17:25:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2004/01/28 17:25:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2004/01/28 17:25:18 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2004/01/28 17:21:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2004/01/28 17:21:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2004/01/28 17:17:02 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2004/01/28 17:15:17 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2004/01/28 17:15:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2004/01/28 17:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\msn gaming zone
[2004/01/28 17:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2004/01/28 17:08:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2004/01/28 17:07:42 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2004/01/28 17:07:41 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2004/01/28 17:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2004/01/28 17:05:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2004/01/28 17:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2004/01/28 17:05:20 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2004/01/28 17:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2004/01/28 17:05:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2004/01/28 17:05:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2004/01/28 17:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2004/01/28 17:05:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2004/01/28 17:05:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2004/01/28 17:05:05 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2004/01/28 17:05:04 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2004/01/28 17:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2004/01/28 17:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2004/01/28 17:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2004/01/28 17:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2004/01/28 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2004/01/28 17:02:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2004/01/28 17:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2004/01/28 17:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2004/01/28 17:02:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2004/01/28 17:02:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2004/01/28 17:01:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2004/01/28 17:01:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\msmq
[2004/01/28 11:47:51 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\cwbwdm.sys
[2004/01/28 11:47:51 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\cwbase.sys
[2004/01/28 11:47:45 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\cwbmidi.sys
[2004/01/28 11:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2004/01/28 11:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2004/01/28 11:43:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2004/01/28 11:43:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2004/01/28 11:42:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2004/01/28 11:42:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2004/01/28 11:42:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2004/01/28 11:42:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2004/01/28 11:42:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2004/01/28 11:42:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2004/01/28 11:42:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2004/01/28 11:42:19 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2004/01/28 11:42:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2004/01/28 11:41:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2004/01/28 11:39:50 | 000,000,000 | R--D | C] -- C:\Program Files
[2004/01/28 11:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\WINZIP
[2004/01/28 11:39:47 | 000,000,000 | ---D | C] -- C:\Printer Drivers
[2004/01/28 11:39:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\XUTIL
[2004/01/28 11:39:41 | 000,000,000 | ---D | C] -- C:\DRIVERS
[2004/01/28 11:39:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\CCCUTILS
[2004/01/28 11:34:54 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2004/01/28 11:34:54 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2004/01/28 11:34:54 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2004/01/28 11:34:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2004/01/28 11:34:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2003/08/11 17:27:36 | 000,236,117 | ---- | C] (Executive Software International, Inc.) -- C:\WINDOWS\System32\AutoFAT.exe
[2003/08/11 16:57:06 | 000,185,344 | ---- | C] (Executive Software International, Inc.) -- C:\WINDOWS\System32\AutoNTFS.exe
[2003/05/05 17:43:34 | 000,016,984 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\AW_HOST5.sys
[2003/04/21 15:10:12 | 000,002,747 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\awddi5.dll
[2003/04/21 15:08:44 | 000,010,901 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\AWLEGACY.sys
[2003/04/21 14:00:32 | 000,013,898 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\GERNUWA.sys
[2001/08/15 21:10:38 | 000,011,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\awmon.dll
[2001/07/10 12:30:54 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2001/07/01 09:58:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2001/07/01 09:58:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2001/07/01 09:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2001/07/01 09:55:33 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2001/07/01 09:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2001/07/01 09:53:52 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2001/07/01 09:53:33 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2001/07/01 09:34:49 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2001/06/30 10:03:09 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\Desktop\HJTInstall.exe
[2001/06/29 05:46:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2001/06/29 05:28:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2001/06/29 05:28:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2001/06/29 05:28:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2001/06/29 05:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2001/06/29 05:28:07 | 000,000,000 | ---D | C] -- C:\Program Files\msn
[2001/06/29 05:28:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2001/06/29 05:28:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2001/06/29 05:14:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2001/06/29 05:06:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2001/06/29 04:55:13 | 000,193,024 | ---- | C] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\spra0419.dll
[2001/06/29 04:53:00 | 000,272,896 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2001/06/29 04:52:57 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2001/06/29 04:49:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2001/06/29 04:49:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2001/06/29 04:42:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2001/06/29 04:22:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Western Digital
[2001/06/29 04:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2001/06/26 06:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital Corporation
[2001/06/26 06:22:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent

========== Files - Modified Within 90 Days ==========

[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/18 14:53:24 | 000,192,598 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\CNA grades.grk
[2010/03/11 12:24:13 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\LPN CORE STUDENTS, NOV 09.xls
[2010/03/11 12:24:13 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Copy of LPN CORE STUDENTS, NOV 09.xls
[2010/03/10 14:44:15 | 000,244,382 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Body structure and function.grk
[2010/03/04 16:00:08 | 000,255,630 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Foundamental of nsg 2.grk
[2010/03/04 16:00:02 | 000,250,006 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MEDSURGICAL1.grk
[2010/03/04 13:29:34 | 000,255,630 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\nutrition.grk
[2010/03/04 13:11:06 | 000,261,254 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\GERIATRIC.grk
[2010/03/04 09:44:39 | 000,261,254 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Foundamental of nsg 1.grk
[2010/03/03 21:38:30 | 000,250,006 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MEDSURGICAL1.grk
[2010/03/03 21:20:52 | 000,003,773 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Body structure and function.zip
[2010/03/03 20:54:57 | 000,244,382 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Body structure and function.grk
[2010/03/01 21:26:52 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Doc1.doc
[2010/03/01 20:57:21 | 000,068,336 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/11 22:08:36 | 000,261,254 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Foundamental of nsg 1.grk
[2010/01/08 02:18:30 | 000,261,254 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Attendance.grk
[2009/12/15 11:24:48 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.exe
[2009/11/28 15:12:45 | 000,001,840 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Resume your download.lnk
[2009/11/06 11:51:40 | 000,034,319 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\rochelle itinerary.pdf
[2009/11/05 13:22:47 | 000,018,418 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\CNA CLASS.grk
[2009/11/05 11:31:37 | 000,001,596 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Gradekeeper.lnk
[2009/11/03 16:33:51 | 000,018,944 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\LPN CORE STUDENTS, NOV 09.xls
[2008/04/14 05:42:24 | 000,677,888 | ---- | M] () -- C:\WINDOWS\System32\mstsc.exe
[2006/12/31 07:57:08 | 000,007,208 | ---- | M] () -- C:\WINDOWS\System32\secupd.sig
[2006/12/31 07:57:08 | 000,004,569 | ---- | M] () -- C:\WINDOWS\System32\secupd.dat
[2004/06/14 13:59:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2004/06/14 13:51:41 | 000,001,202 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2004/06/07 10:02:20 | 000,001,369 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/25 11:01:56 | 000,000,606 | RHS- | M] () -- C:\Documents and Settings\Administrator\ntuser.pol
[2004/05/25 10:37:29 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2004/05/25 10:37:01 | 000,000,583 | ---- | M] () -- C:\WINDOWS\win.ini
[2004/05/25 10:24:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2004/02/10 15:28:39 | 000,000,194 | RHS- | M] () -- C:\BOOT.BAK
[2004/02/02 12:22:36 | 000,028,672 | ---- | M] () -- C:\WINDOWS\gscr.dll
[2004/01/29 16:19:59 | 000,124,167 | ---- | M] () -- C:\WINDOWS\System32\SYMEVNT.386
[2004/01/29 16:19:59 | 000,083,208 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2004/01/29 16:19:59 | 000,073,496 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2004/01/29 15:25:13 | 000,000,000 | ---- | M] () -- C:\WINDOWS\VPC32.INI
[2004/01/28 17:36:09 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2004/01/28 17:13:49 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2004/01/28 17:13:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/01/28 17:13:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2004/01/28 17:13:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2004/01/28 17:13:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2004/01/28 17:13:49 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2004/01/28 17:13:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2004/01/28 17:13:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2004/01/28 17:13:31 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2004/01/28 17:12:32 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/28 17:07:40 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2004/01/28 17:07:40 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2004/01/28 17:03:21 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/01/28 17:03:04 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2004/01/28 17:03:04 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2004/01/28 11:21:38 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2003/12/07 23:54:52 | 000,229,487 | ---- | M] (Sun Microsystems) -- C:\WINDOWS\System32\jpicpl32.cpl
[2003/12/07 23:54:50 | 000,028,775 | ---- | M] () -- C:\WINDOWS\System32\javaw.exe
[2003/12/07 23:54:50 | 000,024,677 | ---- | M] () -- C:\WINDOWS\System32\java.exe
[2003/10/31 12:01:00 | 000,008,704 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\PCANotify.dll
[2003/10/24 16:59:40 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\NavLogon.dll
[2003/10/24 10:53:08 | 000,016,984 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\AW_HOST5.sys
[2003/09/17 13:01:28 | 000,844,048 | ---- | M] () -- C:\WINDOWS\System32\msdxm.ocx
[2003/09/17 13:01:28 | 000,844,048 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2003/08/11 17:27:36 | 000,236,117 | ---- | M] (Executive Software International, Inc.) -- C:\WINDOWS\System32\AutoFAT.exe
[2003/08/11 16:57:06 | 000,185,344 | ---- | M] (Executive Software International, Inc.) -- C:\WINDOWS\System32\AutoNTFS.exe
[2003/05/13 11:28:52 | 001,132,032 | ---- | M] () -- C:\WINDOWS\System32\quartz.dll
[2003/05/13 11:28:52 | 001,132,032 | ---- | M] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2003/04/21 15:10:12 | 000,002,747 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\awddi5.dll
[2003/04/21 15:08:44 | 000,010,901 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\AWLEGACY.sys
[2003/04/21 14:00:32 | 000,013,898 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\GERNUWA.sys
[2003/04/07 01:22:02 | 000,058,518 | ---- | M] () -- C:\WINDOWS\System32\igfxhtrk.lhp
[2003/04/07 01:21:58 | 000,060,770 | ---- | M] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2003/04/07 01:21:56 | 000,058,024 | ---- | M] () -- C:\WINDOWS\System32\igfxhsve.lhp
[2003/04/07 01:21:52 | 000,059,819 | ---- | M] () -- C:\WINDOWS\System32\igfxhrus.lhp
[2003/04/07 01:21:48 | 000,057,965 | ---- | M] () -- C:\WINDOWS\System32\igfxhptg.lhp
[2003/04/07 01:21:46 | 000,057,434 | ---- | M] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2003/04/07 01:21:42 | 000,060,037 | ---- | M] () -- C:\WINDOWS\System32\igfxhplk.lhp
[2003/04/07 01:21:40 | 000,058,021 | ---- | M] () -- C:\WINDOWS\System32\igfxhnor.lhp
[2003/04/07 01:21:36 | 000,058,738 | ---- | M] () -- C:\WINDOWS\System32\igfxhnld.lhp
[2003/04/07 01:21:32 | 000,062,970 | ---- | M] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2003/04/07 01:21:28 | 000,058,967 | ---- | M] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2003/04/07 01:21:24 | 000,057,797 | ---- | M] () -- C:\WINDOWS\System32\igfxhita.lhp
[2003/04/07 01:21:20 | 000,060,988 | ---- | M] () -- C:\WINDOWS\System32\igfxhhun.lhp
[2003/04/07 01:21:16 | 000,060,392 | ---- | M] () -- C:\WINDOWS\System32\igfxhheb.lhp
[2003/04/07 01:21:14 | 000,060,400 | ---- | M] () -- C:\WINDOWS\System32\igfxhfrc.lhp
[2003/04/07 01:21:10 | 000,060,099 | ---- | M] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2003/04/07 01:21:06 | 000,058,889 | ---- | M] () -- C:\WINDOWS\System32\igfxhfin.lhp
[2003/04/07 01:21:04 | 000,058,095 | ---- | M] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2003/04/07 01:21:00 | 000,056,580 | ---- | M] () -- C:\WINDOWS\System32\igfxheng.lhp
[2003/04/07 01:20:56 | 000,060,025 | ---- | M] () -- C:\WINDOWS\System32\igfxhell.lhp
[2003/04/07 01:20:54 | 000,060,894 | ---- | M] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2003/04/07 01:20:50 | 000,058,026 | ---- | M] () -- C:\WINDOWS\System32\igfxhdan.lhp
[2003/04/07 01:20:46 | 000,058,647 | ---- | M] () -- C:\WINDOWS\System32\igfxhcsy.lhp
[2003/04/07 01:20:44 | 000,059,052 | ---- | M] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2003/04/07 01:20:40 | 000,056,835 | ---- | M] () -- C:\WINDOWS\System32\igfxhchs.lhp
[2003/04/07 01:20:36 | 000,055,002 | ---- | M] () -- C:\WINDOWS\System32\igfxhenu.lhp
[2003/04/07 01:20:34 | 000,056,845 | ---- | M] () -- C:\WINDOWS\System32\igfxharb.lhp
[2003/04/07 01:20:32 | 000,056,845 | ---- | M] () -- C:\WINDOWS\System32\igfxhara.lhp
[2003/03/03 17:24:24 | 000,005,995 | ---- | M] () -- C:\WINDOWS\System32\dllcache\Q330994.inf
[2003/02/28 17:54:04 | 000,007,315 | ---- | M] () -- C:\WINDOWS\System32\javasup.vxd
[2003/02/28 17:38:32 | 000,000,113 | ---- | M] () -- C:\WINDOWS\System32\zonedon.reg
[2003/02/28 17:38:32 | 000,000,113 | ---- | M] () -- C:\WINDOWS\System32\zonedoff.reg
[2003/02/28 17:35:26 | 000,006,550 | ---- | M] () -- C:\WINDOWS\jautoexp.dat
[2003/01/07 16:05:08 | 000,002,695 | ---- | M] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2003/01/07 16:05:06 | 000,000,551 | ---- | M] () -- C:\WINDOWS\System32\OUTLPERF.H
[2002/11/01 17:13:00 | 001,080,070 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2002/08/29 08:00:00 | 000,245,920 | RHS- | M] () -- C:\cmldr
[2002/08/29 08:00:00 | 000,233,632 | ---- | M] () -- C:\ntldr
[2002/08/29 08:00:00 | 000,047,580 | ---- | M] () -- C:\ntdetect.com
[2002/08/29 03:00:00 | 013,107,200 | ---- | M] () -- C:\WINDOWS\System32\oembios.bin
[2002/08/29 03:00:00 | 013,107,200 | ---- | M] () -- C:\WINDOWS\System32\dllcache\oembios.bin
[2002/08/29 03:00:00 | 004,399,505 | ---- | M] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2002/08/29 03:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\System32\drivers\gm.dls
[2002/08/29 03:00:00 | 003,374,640 | ---- | M] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourW.exe
[2002/08/29 03:00:00 | 002,049,999 | ---- | M] () -- C:\WINDOWS\System32\dllcache\nt5.cat
[2002/08/29 03:00:00 | 001,685,606 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2002/08/29 03:00:00 | 001,325,568 | ---- | M] () -- C:\WINDOWS\System32\webfldrs.msi
[2002/08/29 03:00:00 | 001,309,184 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.deu
[2002/08/29 03:00:00 | 001,095,680 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.nld
[2002/08/29 03:00:00 | 001,086,182 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2002/08/29 03:00:00 | 001,015,477 | ---- | M] () -- C:\WINDOWS\System32\esentprf.ini
[2002/08/29 03:00:00 | 000,957,440 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.enu
[2002/08/29 03:00:00 | 000,937,984 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.sve
[2002/08/29 03:00:00 | 000,867,840 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.ita
[2002/08/29 03:00:00 | 000,797,189 | ---- | M] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2002/08/29 03:00:00 | 000,786,944 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.fra
[2002/08/29 03:00:00 | 000,766,934 | ---- | M] () -- C:\WINDOWS\System32\instcat.sql
[2002/08/29 03:00:00 | 000,750,080 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.esn
[2002/08/29 03:00:00 | 000,734,208 | ---- | M] () -- C:\WINDOWS\System32\qedwipes.dll
[2002/08/29 03:00:00 | 000,734,208 | ---- | M] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2002/08/29 03:00:00 | 000,673,088 | ---- | M] () -- C:\WINDOWS\System32\mlang.dat
[2002/08/29 03:00:00 | 000,657,548 | ---- | M] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2002/08/29 03:00:00 | 000,643,717 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2002/08/29 03:00:00 | 000,605,050 | ---- | M] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2002/08/29 03:00:00 | 000,511,488 | ---- | M] () -- C:\WINDOWS\System32\qedit.dll
[2002/08/29 03:00:00 | 000,511,488 | ---- | M] () -- C:\WINDOWS\System32\dllcache\qedit.dll
[2002/08/29 03:00:00 | 000,498,205 | ---- | M] () -- C:\WINDOWS\System32\dxmasf.dll
[2002/08/29 03:00:00 | 000,498,205 | ---- | M] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2002/08/29 03:00:00 | 000,451,856 | ---- | M] () -- C:\WINDOWS\System32\dllcache\nt5inf.cat
[2002/08/29 03:00:00 | 000,399,645 | ---- | M] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2002/08/29 03:00:00 | 000,390,168 | ---- | M] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2002/08/29 03:00:00 | 000,379,588 | ---- | M] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2002/08/29 03:00:00 | 000,357,376 | ---- | M] () -- C:\WINDOWS\System32\qdvd.dll
[2002/08/29 03:00:00 | 000,357,376 | ---- | M] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2002/08/29 03:00:00 | 000,352,020 | ---- | M] () -- C:\WINDOWS\System32\dllcache\tahomabd.ttf
[2002/08/29 03:00:00 | 000,348,160 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2002/08/29 03:00:00 | 000,305,724 | ---- | M] () -- C:\WINDOWS\System32\dllcache\micross.ttf
[2002/08/29 03:00:00 | 000,272,896 | ---- | M] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2002/08/29 03:00:00 | 000,272,128 | ---- | M] () -- C:\WINDOWS\System32\perfi009.dat
[2002/08/29 03:00:00 | 000,266,752 | ---- | M] () -- C:\WINDOWS\System32\qdv.dll
[2002/08/29 03:00:00 | 000,266,752 | ---- | M] () -- C:\WINDOWS\System32\dllcache\qdv.dll
[2002/08/29 03:00:00 | 000,262,656 | ---- | M] () -- C:\WINDOWS\System32\dllcache\tshoot.dll
[2002/08/29 03:00:00 | 000,262,148 | ---- | M] () -- C:\WINDOWS\System32\sortkey.nls
[2002/08/29 03:00:00 | 000,240,120 | ---- | M] () -- C:\WINDOWS\System32\setup.bmp
[2002/08/29 03:00:00 | 000,238,592 | ---- | M] () -- C:\WINDOWS\System32\dllcache\compatui.dll
[2002/08/29 03:00:00 | 000,238,592 | ---- | M] () -- C:\WINDOWS\System32\compatui.dll
[2002/08/29 03:00:00 | 000,218,112 | ---- | M] () -- C:\WINDOWS\System32\sbe.dll
[2002/08/29 03:00:00 | 000,218,112 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2002/08/29 03:00:00 | 000,218,003 | ---- | M] () -- C:\WINDOWS\System32\dssec.dat
[2002/08/29 03:00:00 | 000,209,010 | ---- | M] () -- C:\WINDOWS\System32\locale.nls
[2002/08/29 03:00:00 | 000,203,454 | ---- | M] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2002/08/29 03:00:00 | 000,199,168 | ---- | M] () -- C:\WINDOWS\System32\ir32_32.dll
[2002/08/29 03:00:00 | 000,196,642 | ---- | M] () -- C:\WINDOWS\System32\c_950.nls
[2002/08/29 03:00:00 | 000,196,642 | ---- | M] () -- C:\WINDOWS\System32\c_949.nls
[2002/08/29 03:00:00 | 000,196,642 | ---- | M] () -- C:\WINDOWS\System32\c_936.nls
[2002/08/29 03:00:00 | 000,193,024 | ---- | M] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\spra0419.dll
[2002/08/29 03:00:00 | 000,184,832 | ---- | M] () -- C:\WINDOWS\System32\qcap.dll
[2002/08/29 03:00:00 | 000,184,832 | ---- | M] () -- C:\WINDOWS\System32\dllcache\qcap.dll
[2002/08/29 03:00:00 | 000,182,198 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2002/08/29 03:00:00 | 000,167,219 | ---- | M] () -- C:\WINDOWS\System32\pagefileconfig.vbs
[2002/08/29 03:00:00 | 000,167,219 | ---- | M] () -- C:\WINDOWS\System32\dllcache\pagefile.vbs
[2002/08/29 03:00:00 | 000,162,850 | ---- | M] () -- C:\WINDOWS\System32\c_932.nls
[2002/08/29 03:00:00 | 000,157,696 | ---- | M] () -- C:\WINDOWS\System32\paqsp.dll
[2002/08/29 03:00:00 | 000,155,648 | ---- | M] () -- C:\WINDOWS\System32\encdec.dll
[2002/08/29 03:00:00 | 000,155,648 | ---- | M] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2002/08/29 03:00:00 | 000,152,844 | ---- | M] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2002/08/29 03:00:00 | 000,149,848 | ---- | M] () -- C:\WINDOWS\System32\noise.deu
[2002/08/29 03:00:00 | 000,139,810 | ---- | M] () -- C:\WINDOWS\System32\c_20261.nls
[2002/08/29 03:00:00 | 000,135,984 | ---- | M] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2002/08/29 03:00:00 | 000,135,168 | ---- | M] () -- C:\WINDOWS\System32\mpg2splt.ax
[2002/08/29 03:00:00 | 000,135,168 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2002/08/29 03:00:00 | 000,127,213 | ---- | M] () -- C:\WINDOWS\System32\ega.cpi
[2002/08/29 03:00:00 | 000,102,446 | ---- | M] () -- C:\WINDOWS\System32\net.hlp
[2002/08/29 03:00:00 | 000,097,965 | ---- | M] () -- C:\WINDOWS\System32\dllcache\evtquery.vbs
[2002/08/29 03:00:00 | 000,097,965 | ---- | M] () -- C:\WINDOWS\System32\eventquery.vbs
[2002/08/29 03:00:00 | 000,094,282 | ---- | M] () -- C:\WINDOWS\System32\msencode.dll
[2002/08/29 03:00:00 | 000,093,702 | ---- | M] () -- C:\WINDOWS\System32\subrange.uce
[2002/08/29 03:00:00 | 000,093,044 | ---- | M] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2002/08/29 03:00:00 | 000,089,588 | ---- | M] () -- C:\WINDOWS\System32\unicode.nls
[2002/08/29 03:00:00 | 000,082,944 | ---- | M] () -- C:\WINDOWS\clock.avi
[2002/08/29 03:00:00 | 000,079,872 | ---- | M] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2002/08/29 03:00:00 | 000,079,872 | ---- | M] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2002/08/29 03:00:00 | 000,071,859 | ---- | M] () -- C:\WINDOWS\System32\cliconf.chm
[2002/08/29 03:00:00 | 000,069,886 | ---- | M] () -- C:\WINDOWS\System32\edit.com
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_874.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_869.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_866.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_865.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_863.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_861.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_860.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_857.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_855.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_852.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_850.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_775.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_737.nls
[2002/08/29 03:00:00 | 000,066,594 | ---- | M] () -- C:\WINDOWS\System32\c_437.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_875.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_500.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28605.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28603.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28599.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28598.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\C_28597.NLS
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\C_28595.NLS
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\C_28594.NLS
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28593.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28592.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_28591.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_21866.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_20905.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_20866.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_20127.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1258.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1257.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1256.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1255.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1254.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1253.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1252.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1251.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1250.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_1026.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10082.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10081.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10079.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10029.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10017.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10010.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10007.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10006.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10000.nls
[2002/08/29 03:00:00 | 000,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_037.nls
[2002/08/29 03:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.sve
[2002/08/29 03:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.nld
[2002/08/29 03:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.ita
[2002/08/29 03:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.fra
[2002/08/29 03:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.esn
[2002/08/29 03:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.enu
[2002/08/29 03:00:00 | 000,065,489 | ---- | M] () -- C:\WINDOWS\System32\wbcache.deu
[2002/08/29 03:00:00 | 000,063,488 | ---- | M] () -- C:\WINDOWS\System32\wmimgmt.msc
[2002/08/29 03:00:00 | 000,063,488 | ---- | M] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2002/08/29 03:00:00 | 000,063,488 | ---- | M] () -- C:\WINDOWS\System32\amstream.dll
[2002/08/29 03:00:00 | 000,061,172 | ---- | M] () -- C:\WINDOWS\System32\cmmgr32.hlp
[2002/08/29 03:00:00 | 000,060,458 | ---- | M] () -- C:\WINDOWS\System32\ideograf.uce
[2002/08/29 03:00:00 | 000,059,167 | ---- | M] () -- C:\WINDOWS\System\setup.inf
[2002/08/29 03:00:00 | 000,058,273 | R--- | M] () -- C:\WINDOWS\System32\perfmon.msc
[2002/08/29 03:00:00 | 000,056,678 | ---- | M] () -- C:\WINDOWS\System32\eventvwr.msc
[2002/08/29 03:00:00 | 000,056,081 | ---- | M] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2002/08/29 03:00:00 | 000,055,296 | ---- | M] () -- C:\WINDOWS\System32\dvdplay.exe
[2002/08/29 03:00:00 | 000,054,528 | ---- | M] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2002/08/29 03:00:00 | 000,053,840 | ---- | M] () -- C:\WINDOWS\System32\dosx.exe
[2002/08/29 03:00:00 | 000,053,840 | ---- | M] () -- C:\WINDOWS\System32\dllcache\dosx.exe
[2002/08/29 03:00:00 | 000,052,311 | ---- | M] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2002/08/29 03:00:00 | 000,051,712 | ---- | M] () -- C:\WINDOWS\System32\dllcache\devenum.dll
[2002/08/29 03:00:00 | 000,051,712 | ---- | M] () -- C:\WINDOWS\System32\devenum.dll
[2002/08/29 03:00:00 | 000,050,620 | ---- | M] () -- C:\WINDOWS\System32\command.com
[2002/08/29 03:00:00 | 000,049,196 | ---- | M] () -- C:\WINDOWS\System32\noise.fra
[2002/08/29 03:00:00 | 000,048,794 | ---- | M] () -- C:\WINDOWS\System32\ntimage.gif
[2002/08/29 03:00:00 | 000,048,680 | -HS- | M] () -- C:\WINDOWS\winnt256.bmp
[2002/08/29 03:00:00 | 000,048,680 | -HS- | M] () -- C:\WINDOWS\winnt.bmp
[2002/08/29 03:00:00 | 000,046,258 | ---- | M] () -- C:\WINDOWS\System32\mib.bin
[2002/08/29 03:00:00 | 000,046,133 | ---- | M] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2002/08/29 03:00:00 | 000,045,672 | ---- | M] () -- C:\WINDOWS\System32\tcpmon.ini
[2002/08/29 03:00:00 | 000,044,451 | R--- | M] () -- C:\WINDOWS\System32\rsop.msc
[2002/08/29 03:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\System32\key01.sys
[2002/08/29 03:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2002/08/29 03:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\System32\keyboard.sys
[2002/08/29 03:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
[2002/08/29 03:00:00 | 000,042,339 | ---- | M] () -- C:\WINDOWS\System32\certmgr.msc
[2002/08/29 03:00:00 | 000,042,166 | ---- | M] () -- C:\WINDOWS\System32\lusrmgr.msc
[2002/08/29 03:00:00 | 000,041,762 | ---- | M] () -- C:\WINDOWS\System32\ciadv.msc
[2002/08/29 03:00:00 | 000,041,397 | ---- | M] () -- C:\WINDOWS\System32\dfrg.msc
[2002/08/29 03:00:00 | 000,040,505 | ---- | M] () -- C:\WINDOWS\System32\cmdlib.wsc
[2002/08/29 03:00:00 | 000,040,448 | ---- | M] () -- C:\WINDOWS\System32\wiasf.ax
[2002/08/29 03:00:00 | 000,040,448 | ---- | M] () -- C:\WINDOWS\System32\dllcache\wiasf.ax
[2002/08/29 03:00:00 | 000,039,274 | ---- | M] () -- C:\WINDOWS\System32\mem.exe
[2002/08/29 03:00:00 | 000,039,274 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2002/08/29 03:00:00 | 000,038,302 | ---- | M] () -- C:\WINDOWS\System32\compmgmt.msc
[2002/08/29 03:00:00 | 000,037,484 | ---- | M] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2002/08/29 03:00:00 | 000,036,364 | ---- | M] () -- C:\WINDOWS\System32\secpol.msc
[2002/08/29 03:00:00 | 000,035,755 | ---- | M] () -- C:\WINDOWS\System32\prncnfg.vbs
[2002/08/29 03:00:00 | 000,035,755 | ---- | M] () -- C:\WINDOWS\System32\dllcache\prncnfg.vbs
[2002/08/29 03:00:00 | 000,035,632 | ---- | M] () -- C:\WINDOWS\System32\ntio411.sys
[2002/08/29 03:00:00 | 000,035,632 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntio411.sys
[2002/08/29 03:00:00 | 000,035,392 | ---- | M] () -- C:\WINDOWS\System32\ntio412.sys
[2002/08/29 03:00:00 | 000,035,392 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntio412.sys
[2002/08/29 03:00:00 | 000,034,871 | ---- | M] () -- C:\WINDOWS\System32\gpedit.msc
[2002/08/29 03:00:00 | 000,034,528 | ---- | M] () -- C:\WINDOWS\System32\ntio804.sys
[2002/08/29 03:00:00 | 000,034,528 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntio804.sys
[2002/08/29 03:00:00 | 000,034,528 | ---- | M] () -- C:\WINDOWS\System32\ntio404.sys
[2002/08/29 03:00:00 | 000,034,528 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntio404.sys
[2002/08/29 03:00:00 | 000,033,808 | ---- | M] () -- C:\WINDOWS\System32\ntio.sys
[2002/08/29 03:00:00 | 000,033,808 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntio.sys
[2002/08/29 03:00:00 | 000,033,673 | ---- | M] () -- C:\WINDOWS\System32\diskmgmt.msc
[2002/08/29 03:00:00 | 000,033,464 | ---- | M] () -- C:\WINDOWS\System32\services.msc
[2002/08/29 03:00:00 | 000,033,280 | ---- | M] () -- C:\WINDOWS\System32\mciqtz32.dll
[2002/08/29 03:00:00 | 000,033,280 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2002/08/29 03:00:00 | 000,033,079 | ---- | M] () -- C:\WINDOWS\System32\devmgmt.msc
[2002/08/29 03:00:00 | 000,032,968 | ---- | M] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2002/08/29 03:00:00 | 000,032,760 | ---- | M] () -- C:\WINDOWS\System32\fsmgmt.msc
[2002/08/29 03:00:00 | 000,032,674 | ---- | M] () -- C:\WINDOWS\System32\winhelp.hlp
[2002/08/29 03:00:00 | 000,032,546 | ---- | M] () -- C:\WINDOWS\System32\prnmngr.vbs
[2002/08/29 03:00:00 | 000,032,546 | ---- | M] () -- C:\WINDOWS\System32\dllcache\prnmngr.vbs
[2002/08/29 03:00:00 | 000,032,256 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sniffpol.dll
[2002/08/29 03:00:00 | 000,031,405 | ---- | M] () -- C:\WINDOWS\System32\dllcache\fp4.cat
[2002/08/29 03:00:00 | 000,030,720 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sstub.dll
[2002/08/29 03:00:00 | 000,029,454 | ---- | M] () -- C:\WINDOWS\System32\prnport.vbs
[2002/08/29 03:00:00 | 000,029,454 | ---- | M] () -- C:\WINDOWS\System32\dllcache\prnport.vbs
[2002/08/29 03:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\System32\ntdos411.sys
[2002/08/29 03:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2002/08/29 03:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\System32\ntdos412.sys
[2002/08/29 03:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2002/08/29 03:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\ntdos804.sys
[2002/08/29 03:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2002/08/29 03:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\ntdos404.sys
[2002/08/29 03:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2002/08/29 03:00:00 | 000,028,626 | ---- | M] () -- C:\WINDOWS\System32\perfd009.dat
[2002/08/29 03:00:00 | 000,028,420 | ---- | M] () -- C:\WINDOWS\System32\bios1.rom
[2002/08/29 03:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\System32\ntdos.sys
[2002/08/29 03:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2002/08/29 03:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\System32\dllcache\country.sys
[2002/08/29 03:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\System32\country.sys
[2002/08/29 03:00:00 | 000,026,624 | ---- | M] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2002/08/29 03:00:00 | 000,026,209 | ---- | M] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2002/08/29 03:00:00 | 000,025,415 | ---- | M] () -- C:\WINDOWS\System32\prndrvr.vbs
[2002/08/29 03:00:00 | 000,025,415 | ---- | M] () -- C:\WINDOWS\System32\dllcache\prndrvr.vbs
[2002/08/29 03:00:00 | 000,024,772 | ---- | M] () -- C:\WINDOWS\System32\geo.nls
[2002/08/29 03:00:00 | 000,024,006 | ---- | M] () -- C:\WINDOWS\System32\gb2312.uce
[2002/08/29 03:00:00 | 000,022,984 | ---- | M] () -- C:\WINDOWS\System32\bopomofo.uce
[2002/08/29 03:00:00 | 000,022,399 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2002/08/29 03:00:00 | 000,022,151 | ---- | M] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2002/08/29 03:00:00 | 000,021,527 | ---- | M] () -- C:\WINDOWS\System32\prnjobs.vbs
[2002/08/29 03:00:00 | 000,021,527 | ---- | M] () -- C:\WINDOWS\System32\dllcache\prnjobs.vbs
[2002/08/29 03:00:00 | 000,021,281 | ---- | M] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2002/08/29 03:00:00 | 000,021,232 | ---- | M] () -- C:\WINDOWS\System32\graphics.pro
[2002/08/29 03:00:00 | 000,021,116 | ---- | M] () -- C:\WINDOWS\System32\sorttbls.nls
[2002/08/29 03:00:00 | 000,020,634 | ---- | M] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2002/08/29 03:00:00 | 000,020,634 | ---- | M] () -- C:\WINDOWS\System32\debug.exe
[2002/08/29 03:00:00 | 000,019,694 | ---- | M] () -- C:\WINDOWS\System32\graphics.com
[2002/08/29 03:00:00 | 000,019,684 | ---- | M] () -- C:\WINDOWS\System32\noise.esn
[2002/08/29 03:00:00 | 000,019,618 | ---- | M] () -- C:\WINDOWS\System32\noise.ita
[2002/08/29 03:00:00 | 000,019,514 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[2002/08/29 03:00:00 | 000,018,832 | ---- | M] () -- C:\WINDOWS\System32\v7vga.rom
[2002/08/29 03:00:00 | 000,016,740 | ---- | M] () -- C:\WINDOWS\System32\shiftjis.uce
[2002/08/29 03:00:00 | 000,015,860 | ---- | M] () -- C:\WINDOWS\System32\prnqctl.vbs
[2002/08/29 03:00:00 | 000,015,860 | ---- | M] () -- C:\WINDOWS\System32\dllcache\prnqctl.vbs
[2002/08/29 03:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\System32\tsd32.dll
[2002/08/29 03:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2002/08/29 03:00:00 | 000,014,710 | ---- | M] () -- C:\WINDOWS\System32\kb16.com
[2002/08/29 03:00:00 | 000,014,031 | ---- | M] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2002/08/29 03:00:00 | 000,013,730 | ---- | M] () -- C:\WINDOWS\System32\noise.sve
[2002/08/29 03:00:00 | 000,013,608 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ims.cat
[2002/08/29 03:00:00 | 000,013,472 | ---- | M] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2002/08/29 03:00:00 | 000,013,312 | ---- | M] () -- C:\WINDOWS\System32\win87em.dll
[2002/08/29 03:00:00 | 000,013,312 | ---- | M] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2002/08/29 03:00:00 | 000,013,256 | ---- | M] () -- C:\WINDOWS\System32\noise.nld
[2002/08/29 03:00:00 | 000,013,223 | ---- | M] () -- C:\WINDOWS\System32\tslabels.ini
[2002/08/29 03:00:00 | 000,012,876 | ---- | M] () -- C:\WINDOWS\System32\korean.uce
[2002/08/29 03:00:00 | 000,012,642 | ---- | M] () -- C:\WINDOWS\System32\edlin.exe
[2002/08/29 03:00:00 | 000,012,642 | ---- | M] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2002/08/29 03:00:00 | 000,012,498 | ---- | M] () -- C:\WINDOWS\System32\dllcache\append.exe
[2002/08/29 03:00:00 | 000,012,498 | ---- | M] () -- C:\WINDOWS\System32\append.exe
[2002/08/29 03:00:00 | 000,012,082 | ---- | M] () -- C:\WINDOWS\System32\rsvp.ini
[2002/08/29 03:00:00 | 000,011,753 | ---- | M] () -- C:\WINDOWS\System32\setver.exe
[2002/08/29 03:00:00 | 000,011,264 | ---- | M] () -- C:\WINDOWS\System32\msdmo.dll
[2002/08/29 03:00:00 | 000,011,264 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2002/08/29 03:00:00 | 000,010,881 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msmsgs.cat
[2002/08/29 03:00:00 | 000,010,790 | ---- | M] () -- C:\WINDOWS\System32\edit.hlp
[2002/08/29 03:00:00 | 000,010,240 | ---- | M] () -- C:\WINDOWS\System32\scriptpw.dll
[2002/08/29 03:00:00 | 000,010,240 | ---- | M] () -- C:\WINDOWS\System32\dllcache\scriptpw.dll
[2002/08/29 03:00:00 | 000,010,110 | ---- | M] () -- C:\WINDOWS\System32\mqperf.ini
[2002/08/29 03:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2002/08/29 03:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\System32\ansi.sys
[2002/08/29 03:00:00 | 000,008,574 | ---- | M] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2002/08/29 03:00:00 | 000,008,514 | ---- | M] () -- C:\WINDOWS\System32\dllcache\drvmain.sdb
[2002/08/29 03:00:00 | 000,008,484 | ---- | M] () -- C:\WINDOWS\System32\kanji_2.uce
[2002/08/29 03:00:00 | 000,008,424 | ---- | M] () -- C:\WINDOWS\System32\exe2bin.exe
[2002/08/29 03:00:00 | 000,008,424 | ---- | M] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2002/08/29 03:00:00 | 000,008,386 | ---- | M] () -- C:\WINDOWS\System32\ctype.nls
[2002/08/29 03:00:00 | 000,008,191 | ---- | M] () -- C:\WINDOWS\System32\bios4.rom
[2002/08/29 03:00:00 | 000,007,382 | ---- | M] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2002/08/29 03:00:00 | 000,007,369 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mstsweb.cat
[2002/08/29 03:00:00 | 000,007,116 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\services
[2002/08/29 03:00:00 | 000,007,052 | ---- | M] () -- C:\WINDOWS\System32\nlsfunc.exe
[2002/08/29 03:00:00 | 000,007,052 | ---- | M] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2002/08/29 03:00:00 | 000,007,046 | ---- | M] () -- C:\WINDOWS\System32\l_intl.nls
[2002/08/29 03:00:00 | 000,006,948 | ---- | M] () -- C:\WINDOWS\System32\kanji_1.uce
[2002/08/29 03:00:00 | 000,006,877 | ---- | M] () -- C:\WINDOWS\System32\pschdprf.ini
[2002/08/29 03:00:00 | 000,006,788 | ---- | M] () -- C:\WINDOWS\System32\dllcache\secupd.sig
[2002/08/29 03:00:00 | 000,006,761 | ---- | M] () -- C:\WINDOWS\System32\oembios.sig
[2002/08/29 03:00:00 | 000,006,761 | ---- | M] () -- C:\WINDOWS\System32\dllcache\oembios.sig
[2002/08/29 03:00:00 | 000,006,708 | ---- | M] () -- C:\WINDOWS\System32\esentprf.hxx
[2002/08/29 03:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\System32\himem.sys
[2002/08/29 03:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2002/08/29 03:00:00 | 000,004,639 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2002/08/29 03:00:00 | 000,004,573 | ---- | M] () -- C:\WINDOWS\System32\dllcache\secupd.dat
[2002/08/29 03:00:00 | 000,004,463 | ---- | M] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/29 03:00:00 | 000,004,463 | ---- | M] () -- C:\WINDOWS\System32\dllcache\oembios.dat
[2002/08/29 03:00:00 | 000,004,294 | ---- | M] () -- C:\WINDOWS\System32\odbcconf.rsp
[2002/08/29 03:00:00 | 000,004,294 | ---- | M] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
[2002/08/29 03:00:00 | 000,004,126 | ---- | M] () -- C:\WINDOWS\System32\msdxmlc.dll
[2002/08/29 03:00:00 | 000,004,126 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2002/08/29 03:00:00 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\wdl.trm
[2002/08/29 03:00:00 | 000,003,708 | ---- | M] () -- C:\WINDOWS\System32\pubprn.vbs
[2002/08/29 03:00:00 | 000,003,708 | ---- | M] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2002/08/29 03:00:00 | 000,003,683 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\lmhosts.sam
[2002/08/29 03:00:00 | 000,003,577 | ---- | M] () -- C:\WINDOWS\System32\sysprtj.sep
[2002/08/29 03:00:00 | 000,003,458 | ---- | M] () -- C:\WINDOWS\System32\rasctrs.ini
[2002/08/29 03:00:00 | 000,003,338 | ---- | M] () -- C:\WINDOWS\System32\redir.exe
[2002/08/29 03:00:00 | 000,003,338 | ---- | M] () -- C:\WINDOWS\System32\dllcache\redir.exe
[2002/08/29 03:00:00 | 000,003,286 | ---- | M] () -- C:\WINDOWS\System32\tslabels.h
[2002/08/29 03:00:00 | 000,003,252 | ---- | M] () -- C:\WINDOWS\System32\nw16.exe
[2002/08/29 03:00:00 | 000,003,252 | ---- | M] () -- C:\WINDOWS\System32\dllcache\nw16.exe
[2002/08/29 03:00:00 | 000,003,214 | ---- | M] () -- C:\WINDOWS\System32\sysprint.sep
[2002/08/29 03:00:00 | 000,003,178 | ---- | M] () -- C:\WINDOWS\System32\rsvpcnts.h
[2002/08/29 03:00:00 | 000,003,167 | ---- | M] () -- C:\WINDOWS\System32\rsaci.rat
[2002/08/29 03:00:00 | 000,003,010 | ---- | M] () -- C:\WINDOWS\System32\pschdcnt.h
[2002/08/29 03:00:00 | 000,002,891 | ---- | M] () -- C:\WINDOWS\System32\perfci.ini
[2002/08/29 03:00:00 | 000,002,755 | ---- | M] () -- C:\WINDOWS\System32\mqprfsym.h
[2002/08/29 03:00:00 | 000,002,732 | ---- | M] () -- C:\WINDOWS\System32\perfwci.ini
[2002/08/29 03:00:00 | 000,002,656 | ---- | M] () -- C:\WINDOWS\System32\netware.drv
[2002/08/29 03:00:00 | 000,002,233 | ---- | M] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2002/08/29 03:00:00 | 000,002,233 | ---- | M] () -- C:\WINDOWS\System32\12520850.cpx
[2002/08/29 03:00:00 | 000,002,151 | ---- | M] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2002/08/29 03:00:00 | 000,002,151 | ---- | M] () -- C:\WINDOWS\System32\12520437.cpx
[2002/08/29 03:00:00 | 000,001,931 | ---- | M] () -- C:\WINDOWS\System32\msdtcprf.ini
[2002/08/29 03:00:00 | 000,001,818 | ---- | M] () -- C:\WINDOWS\System32\rasctrnm.h
[2002/08/29 03:00:00 | 000,001,740 | ---- | M] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/29 03:00:00 | 000,001,696 | ---- | M] () -- C:\WINDOWS\System32\noise.cht
[2002/08/29 03:00:00 | 000,001,696 | ---- | M] () -- C:\WINDOWS\System32\noise.chs
[2002/08/29 03:00:00 | 000,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2002/08/29 03:00:00 | 000,001,492 | ---- | M] () -- C:\WINDOWS\System32\mmdriver.inf
[2002/08/29 03:00:00 | 000,001,405 | ---- | M] () -- C:\WINDOWS\msdfmap.ini
[2002/08/29 03:00:00 | 000,001,161 | ---- | M] () -- C:\WINDOWS\System32\usrlogon.cmd
[2002/08/29 03:00:00 | 000,001,152 | ---- | M] () -- C:\WINDOWS\System32\perffilt.ini
[2002/08/29 03:00:00 | 000,001,131 | ---- | M] () -- C:\WINDOWS\System32\loadfix.com
[2002/08/29 03:00:00 | 000,001,129 | ---- | M] () -- C:\WINDOWS\System32\vwipxspx.exe
[2002/08/29 03:00:00 | 000,001,129 | ---- | M] () -- C:\WINDOWS\System32\dllcache\vwipxspx.exe
[2002/08/29 03:00:00 | 000,000,984 | ---- | M] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2002/08/29 03:00:00 | 000,000,929 | ---- | M] () -- C:\WINDOWS\System32\homepage.inf
[2002/08/29 03:00:00 | 000,000,888 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2002/08/29 03:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\System32\share.exe
[2002/08/29 03:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\System32\dllcache\share.exe
[2002/08/29 03:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\System32\fastopen.exe
[2002/08/29 03:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2002/08/29 03:00:00 | 000,000,862 | ---- | M] () -- C:\WINDOWS\System32\termcap
[2002/08/29 03:00:00 | 000,000,817 | ---- | M] () -- C:\WINDOWS\System32\mscdexnt.exe
[2002/08/29 03:00:00 | 000,000,817 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2002/08/29 03:00:00 | 000,000,799 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\protocol
[2002/08/29 03:00:00 | 000,000,768 | ---- | M] () -- C:\WINDOWS\System32\msdtcprf.h
[2002/08/29 03:00:00 | 000,000,751 | ---- | M] () -- C:\WINDOWS\System32\noise.enu
[2002/08/29 03:00:00 | 000,000,751 | ---- | M] () -- C:\WINDOWS\System32\noise.eng
[2002/08/29 03:00:00 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\noise.dat
[2002/08/29 03:00:00 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2002/08/29 03:00:00 | 000,000,707 | ---- | M] () -- C:\WINDOWS\_default.pif
[2002/08/29 03:00:00 | 000,000,697 | ---- | M] () -- C:\WINDOWS\System32\noise.tha
[2002/08/29 03:00:00 | 000,000,487 | ---- | M] () -- C:\WINDOWS\System32\login.cmd
[2002/08/29 03:00:00 | 000,000,435 | ---- | M] () -- C:\WINDOWS\System32\perfwci.h
[2002/08/29 03:00:00 | 000,000,427 | ---- | M] () -- C:\WINDOWS\System32\perfci.h
[2002/08/29 03:00:00 | 000,000,407 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\networks
[2002/08/29 03:00:00 | 000,000,343 | ---- | M] () -- C:\WINDOWS\System32\prodspec.ini
[2002/08/29 03:00:00 | 000,000,168 | ---- | M] () -- C:\WINDOWS\System32\l_except.nls
[2002/08/29 03:00:00 | 000,000,140 | ---- | M] () -- C:\WINDOWS\System32\perffilt.h
[2002/08/29 03:00:00 | 000,000,114 | ---- | M] () -- C:\WINDOWS\System32\pcl.sep
[2002/08/29 03:00:00 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\dsound.vxd
[2002/08/29 03:00:00 | 000,000,080 | ---- | M] () -- C:\WINDOWS\explorer.scf
[2002/08/29 03:00:00 | 000,000,075 | ---- | M] () -- C:\WINDOWS\System32\View Channels.scf
[2002/08/29 03:00:00 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\cmos.ram
[2002/08/29 03:00:00 | 000,000,051 | ---- | M] () -- C:\WINDOWS\System32\pscript.sep
[2002/06/21 19:46:06 | 000,009,785 | ---- | M] () -- C:\WINDOWS\System32\drivers\a312.sys
[2002/05/14 13:08:54 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2002/04/22 15:53:10 | 000,002,726 | ---- | M] () -- C:\WINDOWS\System32\net8254x.din
[2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\sparrow.sys
[2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\System32\drivers\mraid35x.sys
[2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2001/08/17 08:19:28 | 000,072,832 | ---- | M] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\cwbwdm.sys
[2001/08/17 08:19:26 | 000,003,072 | ---- | M] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\cwbmidi.sys
[2001/08/17 08:19:24 | 000,003,072 | ---- | M] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\cwbase.sys
[2001/08/15 21:10:38 | 000,011,888 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\awmon.dll
[2001/07/21 14:49:50 | 000,008,225 | ---- | M] () -- C:\WINDOWS\System32\drivers\cwbaudio.bin
[2001/07/10 14:04:38 | 000,000,266 | --S- | M] () -- C:\WINDOWS\System32\4025725441.dat
[2001/07/10 13:50:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2001/07/10 13:50:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2001/07/10 13:49:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2001/07/10 13:48:23 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2001/07/10 13:48:13 | 002,248,472 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2001/07/10 12:30:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2001/07/01 10:03:44 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2001/07/01 09:59:59 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\david.lnk
[2001/07/01 09:55:38 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2001/07/01 09:53:53 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2001/07/01 09:53:53 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2001/07/01 09:53:34 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2001/07/01 09:51:52 | 000,006,020 | ---- | M] () -- C:\Documents and Settings\Administrator\.plugin141_07.trace
[2001/07/01 09:44:31 | 000,000,280 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2001/07/01 09:34:49 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2001/07/01 08:45:45 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\exeHelper.com
[2001/06/30 10:05:55 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\dds.pif
[2001/06/30 10:05:47 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\dds.scr
[2001/06/30 10:03:09 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\Desktop\HJTInstall.exe
[2001/06/29 06:13:09 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2001/06/29 06:13:02 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2001/06/29 06:12:44 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2001/06/29 05:55:52 | 000,255,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2001/06/29 05:32:53 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2001/06/29 04:23:26 | 000,000,240 | ---- | M] () -- C:\WINDOWS\system.ini
[2001/06/26 09:34:43 | 000,315,720 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2001/06/26 09:34:43 | 000,041,202 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2001/06/26 09:34:42 | 000,361,752 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2001/06/26 06:20:07 | 000,000,320 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2001/06/26 06:18:54 | 000,000,882 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2001/06/26 06:18:52 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2001/05/11 06:53:06 | 000,008,078 | ---- | M] () -- C:\WINDOWS\System32\OEMLOGO.BMP

========== Files Created - No Company Name ==========

[2010/03/08 14:22:16 | 000,192,598 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\CNA grades.grk
[2010/03/03 21:41:32 | 000,250,006 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MEDSURGICAL1.grk
[2010/03/03 21:20:52 | 000,003,773 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Body structure and function.zip
[2010/03/03 21:10:05 | 000,261,254 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Foundamental of nsg 1.grk
[2010/03/03 21:07:46 | 000,244,382 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Body structure and function.grk
[2010/03/03 20:49:03 | 000,250,006 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MEDSURGICAL1.grk
[2010/03/01 21:26:51 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Doc1.doc
[2010/02/16 17:49:55 | 000,261,254 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\GERIATRIC.grk
[2010/02/11 22:38:39 | 000,255,630 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Foundamental of nsg 2.grk
[2010/02/11 22:11:25 | 000,261,254 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Attendance.grk
[2010/02/11 22:09:51 | 000,018,418 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\CNA CLASS.grk
[2010/02/11 22:08:36 | 000,261,254 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Foundamental of nsg 1.grk
[2010/02/11 22:06:53 | 000,244,382 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Body structure and function.grk
[2010/02/11 22:06:20 | 000,255,630 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\nutrition.grk
[2009/12/15 11:24:48 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.exe
[2009/11/28 15:12:45 | 000,001,840 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Resume your download.lnk
[2009/11/06 11:51:43 | 000,034,319 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\rochelle itinerary.pdf
[2009/11/05 11:31:37 | 000,001,596 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Gradekeeper.lnk
[2009/11/03 16:34:01 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\LPN CORE STUDENTS, NOV 09.xls
[2009/11/03 11:29:00 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\LPN CORE STUDENTS, NOV 09.xls
[2006/12/31 07:57:08 | 000,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig
[2006/12/31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/06/14 14:00:10 | 000,000,320 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/06/14 13:59:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2004/06/01 15:25:56 | 000,006,020 | ---- | C] () -- C:\Documents and Settings\Administrator\.plugin141_07.trace
[2004/05/25 11:01:45 | 000,000,606 | RHS- | C] () -- C:\Documents and Settings\Administrator\ntuser.pol
[2004/02/17 16:58:59 | 000,028,775 | ---- | C] () -- C:\WINDOWS\System32\javaw.exe
[2004/02/17 16:58:59 | 000,024,677 | ---- | C] () -- C:\WINDOWS\System32\java.exe
[2004/02/17 16:55:53 | 000,000,194 | RHS- | C] () -- C:\BOOT.BAK
[2004/02/17 16:55:48 | 000,245,920 | RHS- | C] () -- C:\cmldr
[2004/02/12 17:02:40 | 000,062,970 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2004/02/12 17:02:40 | 000,060,988 | ---- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp
[2004/02/12 17:02:40 | 000,060,894 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2004/02/12 17:02:40 | 000,060,770 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2004/02/12 17:02:40 | 000,060,400 | ---- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp
[2004/02/12 17:02:40 | 000,060,392 | ---- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp
[2004/02/12 17:02:40 | 000,060,099 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2004/02/12 17:02:40 | 000,060,037 | ---- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp
[2004/02/12 17:02:40 | 000,060,025 | ---- | C] () -- C:\WINDOWS\System32\igfxhell.lhp
[2004/02/12 17:02:40 | 000,059,819 | ---- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp
[2004/02/12 17:02:40 | 000,059,052 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2004/02/12 17:02:40 | 000,058,967 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2004/02/12 17:02:40 | 000,058,889 | ---- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp
[2004/02/12 17:02:40 | 000,058,738 | ---- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp
[2004/02/12 17:02:40 | 000,058,647 | ---- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp
[2004/02/12 17:02:40 | 000,058,518 | ---- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp
[2004/02/12 17:02:40 | 000,058,095 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2004/02/12 17:02:40 | 000,058,026 | ---- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp
[2004/02/12 17:02:40 | 000,058,024 | ---- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp
[2004/02/12 17:02:40 | 000,058,021 | ---- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp
[2004/02/12 17:02:40 | 000,057,965 | ---- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp
[2004/02/12 17:02:40 | 000,057,797 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp
[2004/02/12 17:02:40 | 000,057,434 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2004/02/12 17:02:40 | 000,056,845 | ---- | C] () -- C:\WINDOWS\System32\igfxharb.lhp
[2004/02/12 17:02:40 | 000,056,845 | ---- | C] () -- C:\WINDOWS\System32\igfxhara.lhp
[2004/02/12 17:02:40 | 000,056,835 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp
[2004/02/12 17:02:40 | 000,056,580 | ---- | C] () -- C:\WINDOWS\System32\igfxheng.lhp
[2004/02/12 17:02:40 | 000,055,002 | ---- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp
[2004/02/12 14:37:34 | 000,009,785 | ---- | C] () -- C:\WINDOWS\System32\drivers\a312.sys
[2004/02/12 13:38:01 | 000,002,726 | ---- | C] () -- C:\WINDOWS\System32\net8254x.din
[2004/02/10 15:30:12 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2004/02/10 15:30:12 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2004/02/09 12:35:03 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/02/02 12:39:32 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\setup.log
[2004/02/02 12:22:36 | 000,028,672 | ---- | C] () -- C:\WINDOWS\gscr.dll
[2004/01/29 15:25:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2004/01/29 15:22:16 | 000,124,167 | ---- | C] () -- C:\WINDOWS\System32\SYMEVNT.386
[2004/01/29 15:05:39 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2004/01/28 18:02:12 | 000,007,315 | ---- | C] () -- C:\WINDOWS\System32\javasup.vxd
[2004/01/28 18:02:12 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/01/28 18:01:58 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\zonedon.reg
[2004/01/28 18:01:58 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\zonedoff.reg
[2004/01/28 17:29:28 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2004/01/28 17:26:29 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2004/01/28 17:26:09 | 000,000,280 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2004/01/28 17:26:08 | 000,024,576 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG
[2004/01/28 17:26:07 | 002,097,152 | -H-- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2004/01/28 17:26:02 | 000,001,202 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2004/01/28 17:23:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/01/28 17:13:49 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2004/01/28 17:13:49 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2004/01/28 17:13:49 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2004/01/28 17:13:49 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2004/01/28 17:13:49 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2004/01/28 17:13:39 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2004/01/28 17:13:36 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2004/01/28 17:13:36 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2004/01/28 17:13:30 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2004/01/28 17:07:40 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2004/01/28 17:07:40 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2004/01/28 17:07:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2004/01/28 17:06:09 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2004/01/28 17:05:29 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2004/01/28 17:05:29 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2004/01/28 17:05:26 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2004/01/28 17:03:21 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/01/28 17:02:22 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2004/01/28 17:02:22 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2004/01/28 17:02:22 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2004/01/28 17:02:21 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2004/01/28 17:02:21 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2004/01/28 17:02:21 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2004/01/28 17:02:21 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2004/01/28 17:02:21 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2004/01/28 17:02:20 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2004/01/28 17:02:20 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2004/01/28 17:02:18 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2004/01/28 17:02:08 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2004/01/28 17:02:06 | 000,677,888 | ---- | C] () -- C:\WINDOWS\System32\mstsc.exe
[2004/01/28 11:47:56 | 000,008,225 | ---- | C] () -- C:\WINDOWS\System32\drivers\cwbaudio.bin
[2004/01/28 11:43:51 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2004/01/28 11:43:32 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2004/01/28 11:43:32 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2004/01/28 11:43:32 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2004/01/28 11:43:32 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2004/01/28 11:43:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2004/01/28 11:43:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2004/01/28 11:43:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2004/01/28 11:43:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2004/01/28 11:43:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2004/01/28 11:43:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2004/01/28 11:43:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2004/01/28 11:43:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2004/01/28 11:43:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2004/01/28 11:43:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2004/01/28 11:43:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2004/01/28 11:43:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2004/01/28 11:43:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2004/01/28 11:43:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2004/01/28 11:43:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2004/01/28 11:43:23 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2004/01/28 11:43:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2004/01/28 11:43:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2004/01/28 11:43:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2004/01/28 11:43:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2004/01/28 11:43:16 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2004/01/28 11:42:52 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2004/01/28 11:42:52 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2004/01/28 11:42:52 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2004/01/28 11:42:52 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2004/01/28 11:42:51 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2004/01/28 11:42:51 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2004/01/28 11:42:51 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2004/01/28 11:42:51 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2004/01/28 11:42:51 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2004/01/28 11:42:51 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2004/01/28 11:42:50 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2004/01/28 11:42:50 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2004/01/28 11:42:49 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2004/01/28 11:41:55 | 000,255,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/01/28 11:39:58 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2004/01/28 11:21:38 | 000,000,512 | -HS- | C] () -- C:\BOOTSECT.DOS
[2003/10/24 16:59:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll
[2003/03/03 17:24:24 | 000,005,995 | ---- | C] () -- C:\WINDOWS\System32\dllcache\Q330994.inf
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2003/01/07 16:05:06 | 000,000,551 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.H
[2001/08/17 18:36:42 | 000,055,296 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001/07/01 10:03:43 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2001/07/01 09:58:13 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\david.lnk
[2001/07/01 09:53:53 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2001/07/01 09:53:53 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2001/07/01 08:45:45 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\exeHelper.com
[2001/06/30 10:05:55 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\dds.pif
[2001/06/30 10:05:46 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\dds.scr
[2001/06/29 05:01:01 | 000,019,514 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2001/06/29 04:55:10 | 000,022,399 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2001/06/29 04:55:08 | 000,093,044 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2001/06/29 04:55:03 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2001/06/29 04:54:51 | 000,218,112 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2001/06/29 04:54:46 | 000,004,573 | ---- | C] () -- C:\WINDOWS\System32\dllcache\secupd.dat
[2001/06/29 04:54:43 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\secupd.sig
[2001/06/29 04:53:52 | 000,451,856 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nt5inf.cat
[2001/06/29 04:53:32 | 000,203,454 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2001/06/29 04:53:24 | 000,031,405 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fp4.cat
[2001/06/29 04:53:22 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2001/06/29 04:53:17 | 000,013,608 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ims.cat
[2001/06/29 04:53:12 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2001/06/29 04:53:09 | 000,182,198 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2001/06/29 04:53:08 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2001/06/29 04:53:08 | 000,010,881 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msmsgs.cat
[2001/06/29 04:53:06 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mstsweb.cat
[2001/06/29 04:53:03 | 002,049,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nt5.cat
[2001/06/29 04:52:54 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sniffpol.dll
[2001/06/29 04:52:52 | 000,030,720 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sstub.dll
[2001/06/29 04:52:50 | 000,262,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tshoot.dll
[2001/06/29 04:52:34 | 000,379,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2001/06/29 04:52:34 | 000,352,020 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahomabd.ttf
[2001/06/29 04:52:34 | 000,305,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\micross.ttf
[2001/06/29 04:52:25 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2001/06/29 04:52:19 | 000,238,592 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compatui.dll
[2001/06/29 04:52:15 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/06/29 04:52:14 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\dllcache\devenum.dll
[2001/06/29 04:52:10 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2001/06/29 04:52:10 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dosx.exe
[2001/06/29 04:52:06 | 000,498,205 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2001/06/29 04:51:58 | 000,766,934 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2001/06/29 04:51:52 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2001/06/29 04:51:48 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2001/06/29 04:51:48 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2001/06/29 04:51:46 | 000,844,048 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2001/06/29 04:51:46 | 000,844,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2001/06/29 04:51:46 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2001/06/29 04:51:45 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2001/06/29 04:51:31 | 000,035,632 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio411.sys
[2001/06/29 04:51:31 | 000,035,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio412.sys
[2001/06/29 04:51:31 | 000,034,528 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio804.sys
[2001/06/29 04:51:31 | 000,034,528 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio404.sys
[2001/06/29 04:51:31 | 000,033,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio.sys
[2001/06/29 04:51:28 | 000,004,294 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2001/06/29 04:51:28 | 000,004,294 | ---- | C] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
[2001/06/29 04:51:24 | 000,184,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qcap.dll
[2001/06/29 04:51:23 | 000,734,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2001/06/29 04:51:23 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedit.dll
[2001/06/29 04:51:23 | 000,357,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2001/06/29 04:51:23 | 000,266,752 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll
[2001/06/29 04:51:22 | 001,132,032 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2001/06/29 04:51:20 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2001/06/29 04:51:20 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\redir.exe
[2001/06/29 04:51:01 | 001,325,568 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2001/06/29 04:50:47 | 000,008,514 | ---- | C] () -- C:\WINDOWS\System32\dllcache\drvmain.sdb
[2001/06/29 04:50:45 | 000,209,010 | ---- | C] () -- C:\WINDOWS\System32\locale.nls
[2001/06/29 04:50:42 | 000,021,116 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls
[2001/06/29 04:50:31 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/06/29 04:50:26 | 000,233,632 | ---- | C] () -- C:\ntldr
[2001/06/29 04:50:26 | 000,047,580 | ---- | C] () -- C:\ntdetect.com
[1997/06/06 10:08:30 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\CSSMS_IN.DLL
[1979/12/31 20:00:00 | 000,001,369 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

========== LOP Check ==========

[2004/01/29 17:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Attachmate
[2009/11/05 12:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Gradekeeper
[2004/06/01 15:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\InterVideo
[2004/01/29 14:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2001/06/29 04:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Western Digital
[2004/05/25 11:11:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Messenger_5.0.0482

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2004/01/28 17:13:49 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2004/02/10 15:28:39 | 000,000,194 | RHS- | M] () -- C:\BOOT.BAK
[2001/06/29 05:32:53 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/01/28 11:21:38 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2002/08/29 08:00:00 | 000,245,920 | RHS- | M] () -- C:\cmldr
[2004/01/28 17:13:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2004/01/29 15:49:46 | 000,000,314 | ---- | M] () -- C:\GWSETUP.TXT
[2004/01/28 17:13:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2004/01/28 17:13:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2002/08/29 08:00:00 | 000,047,580 | ---- | M] () -- C:\ntdetect.com
[2002/08/29 08:00:00 | 000,233,632 | ---- | M] () -- C:\ntldr
[2001/07/10 13:49:21 | 201,326,592 | -HS- | M] () -- C:\pagefile.sys
[2007/10/07 11:42:34 | 278,927,592 | ---- | M] (Microsoft Corporation) -- C:\WindowsXP-KB835935-SP2-ENU.exe
[2004/01/29 15:24:02 | 000,002,938 | -H-- | M] () -- C:\_NavCClt.Log

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/01/28 17:11:19 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2003/06/18 18:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2002/08/29 03:00:00 | 000,337,920 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2002/08/29 03:00:00 | 000,194,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/01/28 11:40:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/01/28 11:40:02 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/01/28 11:40:02 | 000,389,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2003/09/25 12:49:02 | 000,560,128 | ---- | M] (Microsoft Corporation) MD5=32173306185F603E75C477E117F3BB8D -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2002/08/29 03:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=8529C295DF59B564D37A73B5629162B1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2002/08/29 03:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=235C7EF9AEDDE76801169DC61FA72DEF -- C:\WINDOWS\system32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >






OTL Extras logfile created on: 7/10/2001 2:07:53 PM - Run 1
OTL by OldTimer - Version 3.2.8.1 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 302.00 Mb Available Physical Memory | 59.00% Memory free
670.00 Mb Paging File | 517.00 Mb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 192 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.64 Gb Total Space | 13.38 Gb Free Space | 71.80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: EXAMPC2
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office 11\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office 11\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F0BD960-6525-4FEE-B577-2473F77F1277}" = Windows Messenger 5.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{5511D34C-323F-42E0-8C82-0AEB3E920417}" = Diskeeper Professional Edition
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{BD12EB47-DBDF-11D3-BEEA-00A0CC272509}" = Norton AntiVirus Corporate Edition
"{CA532E73-1BB7-11D8-9D6A-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_07
"{D8EF2D11-47CF-45E5-B423-47B29706DE12}" = SMS Advanced Client
"{E05E8183-866A-11D3-97DF-0000F8D8F2E9}" = Symantec pcAnywhere
"{E18B6DCE-AE5A-4E16-AFFA-EB8F3E09FBD6}" = Macromedia Flash Player
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ERUNT_is1" = ERUNT 1.1j
"Java Web Start" = Java Web Start
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Product_Name" = Gradekeeper
"PROSet" = Intel® PRO Ethernet Adapter and Software
"Shockwave" = Shockwave
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"KEAVTV5.10" = KEAVT v5.10

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/6/1970 2:53:16 AM | Computer Name = EXAMPC2 | Source = Application Error | ID = 1000
Description = Faulting application vpc32.exe, version 7.61.0.954, faulting module
ldvpctls.ocx, version 7.61.0.954, fault address 0x0001de73.

Error - 6/27/2032 9:21:04 PM | Computer Name = EXAMPC2 | Source = MsiInstaller | ID = 1014
Description = Windows Installer proxy information not correctly registered

Error - 4/9/1970 10:02:04 AM | Computer Name = EXAMPC2 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2800.1106, faulting
module msvcrt.dll, version 7.0.2600.1106, fault address 0x00033830.

Error - 6/27/2032 9:21:04 PM | Computer Name = EXAMPC2 | Source = MsiInstaller | ID = 1014
Description = Windows Installer proxy information not correctly registered

Error - 4/2/1970 2:11:40 PM | Computer Name = EXAMPC2 | Source = Application Error | ID = 1000
Description = Faulting application vpdn_lu.exe, version 7.61.0.954, faulting module
navlu.dll, version 7.61.0.954, fault address 0x00006581.

Error - 6/30/2001 10:03:44 AM | Computer Name = EXAMPC2 | Source = MsiInstaller | ID = 1014
Description = Windows Installer proxy information not correctly registered

Error - 6/30/2001 10:03:45 AM | Computer Name = EXAMPC2 | Source = MsiInstaller | ID = 1014
Description = Windows Installer proxy information not correctly registered

Error - 6/30/2001 10:03:45 AM | Computer Name = EXAMPC2 | Source = MsiInstaller | ID = 1014
Description = Windows Installer proxy information not correctly registered

Error - 6/30/2001 10:03:45 AM | Computer Name = EXAMPC2 | Source = MsiInstaller | ID = 1014
Description = Windows Installer proxy information not correctly registered

Error - 7/10/2001 9:45:44 AM | Computer Name = EXAMPC2 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2800.1106, faulting
module mshtml.dll, version 6.0.2800.1400, fault address 0x00040c39.

[ System Events ]
Error - 7/8/2001 11:18:17 AM | Computer Name = EXAMPC2 | Source = Service Control Manager | ID = 7023
Description = The Security Center service terminated with the following error: %%126

Error - 7/8/2001 11:18:17 AM | Computer Name = EXAMPC2 | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126

Error - 7/8/2001 1:45:33 PM | Computer Name = EXAMPC2 | Source = Service Control Manager | ID = 7000
Description = The HTTP service failed to start due to the following error: %%2

Error - 7/8/2001 1:45:33 PM | Computer Name = EXAMPC2 | Source = Service Control Manager | ID = 7001
Description = The SSDP Discovery Service service depends on the HTTP service which
failed to start because of the following error: %%2

Error - 7/10/2001 1:51:18 PM | Computer Name = EXAMPC2 | Source = W32Time | ID = 39452706
Description = The time service has detected that the system time needs to be changed
by +283834860 seconds. The time service will not change the system time by more
than +54000 seconds. Verify that your time and time zone are correct, and that
the time source time.windows.com (ntp.m|0x1|10.1.10.26:123->207.46.232.182:123)
is working properly.

Error - 7/10/2001 1:52:04 PM | Computer Name = EXAMPC2 | Source = Service Control Manager | ID = 7022
Description = The DCOM Server Process Launcher service hung on starting.

Error - 7/10/2001 1:52:04 PM | Computer Name = EXAMPC2 | Source = Service Control Manager | ID = 7023
Description = The Security Center service terminated with the following error: %%126

Error - 7/10/2001 1:52:04 PM | Computer Name = EXAMPC2 | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126

Error - 7/10/2001 1:57:47 PM | Computer Name = EXAMPC2 | Source = Service Control Manager | ID = 7000
Description = The HTTP service failed to start due to the following error: %%2

Error - 7/10/2001 1:57:47 PM | Computer Name = EXAMPC2 | Source = Service Control Manager | ID = 7001
Description = The SSDP Discovery Service service depends on the HTTP service which
failed to start because of the following error: %%2


< End of report >






GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2001-07-10 13:43:07
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uwddapoc.sys


---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\System32\ctfmon.exe[308] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\WINDOWS\System32\ctfmon.exe[308] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\WINDOWS\System32\ctfmon.exe[308] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\WINDOWS\System32\ctfmon.exe[308] ws2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\WINDOWS\System32\ctfmon.exe[308] ws2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\WINDOWS\System32\ctfmon.exe[308] ws2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\WINDOWS\System32\ctfmon.exe[308] ws2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\WINDOWS\System32\ctfmon.exe[308] ws2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\Program Files\Internet Explorer\iexplore.exe[340] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\Program Files\Internet Explorer\iexplore.exe[340] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\Program Files\Internet Explorer\iexplore.exe[340] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\Program Files\Internet Explorer\iexplore.exe[340] ws2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\Program Files\Internet Explorer\iexplore.exe[340] ws2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\Program Files\Internet Explorer\iexplore.exe[340] ws2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\Program Files\Internet Explorer\iexplore.exe[340] ws2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\Program Files\Internet Explorer\iexplore.exe[340] ws2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\WINDOWS\system32\winlogon.exe[516] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\WINDOWS\system32\winlogon.exe[516] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\WINDOWS\system32\winlogon.exe[516] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\WINDOWS\system32\winlogon.exe[516] WS2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\WINDOWS\system32\winlogon.exe[516] WS2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\WINDOWS\system32\winlogon.exe[516] WS2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\WINDOWS\system32\winlogon.exe[516] WS2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\WINDOWS\system32\winlogon.exe[516] WS2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\WINDOWS\system32\services.exe[564] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\WINDOWS\system32\services.exe[564] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\WINDOWS\system32\services.exe[564] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\WINDOWS\system32\services.exe[564] ws2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\WINDOWS\system32\services.exe[564] ws2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\WINDOWS\system32\services.exe[564] ws2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\WINDOWS\system32\services.exe[564] ws2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\WINDOWS\system32\services.exe[564] ws2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\WINDOWS\system32\lsass.exe[576] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\WINDOWS\system32\lsass.exe[576] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\WINDOWS\system32\lsass.exe[576] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\WINDOWS\system32\lsass.exe[576] WS2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\WINDOWS\system32\lsass.exe[576] WS2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\WINDOWS\system32\lsass.exe[576] WS2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\WINDOWS\system32\lsass.exe[576] WS2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\WINDOWS\system32\lsass.exe[576] WS2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\WINDOWS\system32\svchost.exe[736] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\WINDOWS\system32\svchost.exe[736] ws2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\WINDOWS\system32\svchost.exe[736] ws2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\WINDOWS\system32\svchost.exe[736] ws2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\WINDOWS\system32\svchost.exe[736] ws2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\WINDOWS\system32\svchost.exe[736] ws2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\WINDOWS\system32\svchost.exe[784] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\WINDOWS\system32\svchost.exe[784] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\WINDOWS\system32\svchost.exe[784] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\WINDOWS\system32\svchost.exe[784] WS2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\WINDOWS\system32\svchost.exe[784] WS2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\WINDOWS\system32\svchost.exe[784] WS2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\WINDOWS\system32\svchost.exe[784] WS2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\WINDOWS\system32\svchost.exe[784] WS2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\WINDOWS\System32\svchost.exe[908] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\WINDOWS\System32\svchost.exe[908] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\WINDOWS\System32\svchost.exe[908] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\WINDOWS\System32\svchost.exe[908] ws2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\WINDOWS\System32\svchost.exe[908] ws2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\WINDOWS\System32\svchost.exe[908] ws2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\WINDOWS\System32\svchost.exe[908] ws2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\WINDOWS\System32\svchost.exe[908] ws2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\WINDOWS\Explorer.EXE[1028] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\WINDOWS\Explorer.EXE[1028] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\WINDOWS\Explorer.EXE[1028] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\WINDOWS\Explorer.EXE[1028] ws2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\WINDOWS\Explorer.EXE[1028] ws2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\WINDOWS\Explorer.EXE[1028] ws2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\WINDOWS\Explorer.EXE[1028] ws2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\WINDOWS\Explorer.EXE[1028] ws2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\WINDOWS\system32\spoolsv.exe[1068] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\WINDOWS\system32\spoolsv.exe[1068] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\WINDOWS\system32\spoolsv.exe[1068] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\WINDOWS\system32\spoolsv.exe[1068] ws2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\WINDOWS\system32\spoolsv.exe[1068] ws2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\WINDOWS\system32\spoolsv.exe[1068] ws2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\WINDOWS\system32\spoolsv.exe[1068] ws2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\WINDOWS\system32\spoolsv.exe[1068] ws2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\Program Files\Executive Software\Diskeeper\DkService.exe[1176] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10033DF4
.text C:\Program Files\Executive Software\Diskeeper\DkService.exe[1176] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10033C3C
.text C:\Program Files\Executive Software\Diskeeper\DkService.exe[1176] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10033E78
.text C:\Program Files\Executive Software\Diskeeper\DkService.exe[1176] ws2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100327F8
.text C:\Program Files\Executive Software\Diskeeper\DkService.exe[1176] ws2_32.dll!send 71AB1AF4 5 Bytes JMP 10033264
.text C:\Program Files\Executive Software\Diskeeper\DkService.exe[1176] ws2_32.dll!connect 71AB3E5D 5 Bytes JMP 10033AF0
.text C:\Program Files\Executive Software\Diskeeper\DkService.exe[1176] ws2_32.dll!recv 71AB5690 5 Bytes JMP 1003278C
.text C:\Program Files\Executive Software\Diskeeper\DkService.exe[1176] ws2_32.dll!WSASend 71AB5722 5 Bytes JMP 10033A9C
.text C:\WINDOWS\system32\cba\pds.exe[1204] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10023DF4
.text C:\WINDOWS\system32\cba\pds.exe[1204] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10023C3C
.text C:\WINDOWS\system32\cba\pds.exe[1204] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10023E78
.text C:\WINDOWS\system32\cba\pds.exe[1204] WS2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100227F8
.text C:\WINDOWS\system32\cba\pds.exe[1204] WS2_32.dll!send 71AB1AF4 5 Bytes JMP 10023264
.text C:\WINDOWS\system32\cba\pds.exe[1204] WS2_32.dll!connect 71AB3E5D 5 Bytes JMP 10023AF0
.text C:\WINDOWS\system32\cba\pds.exe[1204] WS2_32.dll!recv 71AB5690 5 Bytes JMP 1002278C
.text C:\WINDOWS\system32\cba\pds.exe[1204] WS2_32.dll!WSASend 71AB5722 5 Bytes JMP 10023A9C
.text C:\WINDOWS\system32\cba\xfr.exe[1472] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10023DF4
.text C:\WINDOWS\system32\cba\xfr.exe[1472] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10023C3C
.text C:\WINDOWS\system32\cba\xfr.exe[1472] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10023E78
.text C:\WINDOWS\system32\cba\xfr.exe[1472] WS2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100227F8
.text C:\WINDOWS\system32\cba\xfr.exe[1472] WS2_32.dll!send 71AB1AF4 5 Bytes JMP 10023264
.text C:\WINDOWS\system32\cba\xfr.exe[1472] WS2_32.dll!connect 71AB3E5D 5 Bytes JMP 10023AF0
.text C:\WINDOWS\system32\cba\xfr.exe[1472] WS2_32.dll!recv 71AB5690 5 Bytes JMP 1002278C
.text C:\WINDOWS\system32\cba\xfr.exe[1472] WS2_32.dll!WSASend 71AB5722 5 Bytes JMP 10023A9C
.text C:\WINDOWS\system32\MsgSys.EXE[1524] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\WINDOWS\system32\MsgSys.EXE[1524] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\WINDOWS\system32\MsgSys.EXE[1524] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\WINDOWS\system32\MsgSys.EXE[1524] WS2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\WINDOWS\system32\MsgSys.EXE[1524] WS2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\WINDOWS\system32\MsgSys.EXE[1524] WS2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\WINDOWS\system32\MsgSys.EXE[1524] WS2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\WINDOWS\system32\MsgSys.EXE[1524] WS2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C
.text C:\Program Files\NavNT\vptray.exe[1748] ntdll.dll!NtOpenKey 77F5BBA8 5 Bytes JMP 10003DF4
.text C:\Program Files\NavNT\vptray.exe[1748] kernel32.dll!CreateProcessW 77E61B8E 5 Bytes JMP 10003C3C
.text C:\Program Files\NavNT\vptray.exe[1748] kernel32.dll!ExitProcess 77E798FD 5 Bytes JMP 10003E78
.text C:\Program Files\NavNT\vptray.exe[1748] ws2_32.dll!WSARecv 71AB19A0 5 Bytes JMP 100027F8
.text C:\Program Files\NavNT\vptray.exe[1748] ws2_32.dll!send 71AB1AF4 5 Bytes JMP 10003264
.text C:\Program Files\NavNT\vptray.exe[1748] ws2_32.dll!connect 71AB3E5D 5 Bytes JMP 10003AF0
.text C:\Program Files\NavNT\vptray.exe[1748] ws2_32.dll!recv 71AB5690 5 Bytes JMP 1000278C
.text C:\Program Files\NavNT\vptray.exe[1748] ws2_32.dll!WSASend 71AB5722 5 Bytes JMP 10003A9C

---- EOF - GMER 1.0.15 ----

Edited by decosta, 08 July 2010 - 03:27 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP