Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unable to run programs due to loss of files.

Started by LoneWolf217 , Oct 04 2010 08:24 PM

  • This topic is locked This topic is locked

#1
LoneWolf217
Posted 04 October 2010 - 08:24 PM

LoneWolf217

    Member

  • Member
  • PipPip
  • 27 posts
Hello, Geeks To Go!

I believe I am still missing files that a virus destroyed. However, I had gotten this virus a few months back, and I believe that it is completely gone, but I was referred to by a tech on another topic that a virus may still be present on my computer, the link to this topic is here.

http://www.geekstogo..._1#entry1908720

I had ran "sfc /scannow" very recently and repaired any missing files it could find. However, many programs are still not able to run ever since I got that virus. These programs that I know of so far is Final Fantasy 14 client and running ContentWatch/NetNanny. Upon running these programs, I receive the message "ffxivboot.exe has encountered a problem and needs to close. We are sorry for the inconvenience." or "ContentWatch.exe has encountered..." Additionally, I was unable to run GMER which I was supposed to do on the "Malware and Spyware Cleaning Guide". Everytime I ran GMER my computer would just restart after the program was open for about 5 to 10 seconds. So I was wondering if a virus may still be present in my computer, because I'm sure if I was to post this on the software topics then they would tell me such. I would appreciate if you could respond to this as quickly as possible. Thanks! And here are the logs I was supposed to include and such. Also, I had ran a full scan of Microsoft Security Essentials and no infected files were found. Thanks again!

MBAM Log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4736

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/3/2010 2:58:20 PM
mbam-log-2010-10-03 (14-58-20).txt

Scan type: Quick scan
Objects scanned: 152691
Time elapsed: 7 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 165
Registry Values Infected: 8
Registry Data Items Infected: 0
Folders Infected: 23
Files Infected: 124

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{819ffe20-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{819ffe21-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{819ffe22-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\csetup.setup (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/opsetup.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0156ca3c-89c4-4d1d-8eb1-aaf4588b929b} (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1e24e145-d17c-4343-bb61-83b515f3cf53} (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2e4a92ab-f2c0-456a-9935-b715439790d7} (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2e4a92ab-f2c0-456a-9935-b715439790d7} (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2e4a92ab-f2c0-456a-9935-b715439790d7} (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2e4a92ab-f2c0-456a-9935-b715439790d7} (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\csetup.setup.1 (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8e9cf769-3d3b-40eb-9e2d-76e7a205e4d2} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{799391d3-eb86-4bac-9bd3-cbfea58a0e15} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d858dafc-9573-4811-b323-7011a3aa7e61} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.multiplebutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.multiplebutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.urlalertbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.urlalertbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\opsetup.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Installr\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Installr\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Installr\setups (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Overlay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\opsetup.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Installr\Cache\011672D6.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Installr\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\c3IMStub.Dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\CHROME.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\INSTALL.RDF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01174FF7 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01175518 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01175650.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01175AB5.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01175BCE.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01175CD8.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\8_step1.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkez.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkgr.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkgs.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bklf.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkrg.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkzc.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkzl.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkzn.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkzq.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkzr.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkzu.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkzv.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkzw.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\blubtn2d.png (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\blubtn2r.png (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\blubtn3d.png (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\blubtn3r.png (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\center.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\index.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\mid_dots.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\protect.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\rebut4.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\rebut4b.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\rebut4c.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\shield.png (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\shocked.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\stop.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\systray.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\systrayp.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\tp_grad.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\warn.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_FeatCk.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

No GMER log!! (See writings at the top)

OTL Log

OTL logfile created on: 10/4/2010 6:06:44 PM - Run 3
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 78.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 199.08 Gb Free Space | 42.74% Space Free | Partition Type: NTFS
Drive D: | 5.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 149.04 Gb Total Space | 75.95 Gb Free Space | 50.96% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KREVIN-NINO
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe (ContentWatch, Inc.)
PRC - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Documents and Settings\Owner\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
PRC - C:\Program Files\McAfee\Anti-Theft\McPvTray.exe (McAfee)
PRC - C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
PRC - C:\Program Files\MSI\Live Update 3\LMonitor.exe ()
PRC - C:\WINDOWS\system32\savedump.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Advanced Wheel Mouse\wh_exec.exe ()
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Micro Innovations\Internet Access Keyboard\KEMailKb.EXE (Dritek System Inc.)
PRC - C:\Program Files\Micro Innovations\Internet Access Keyboard\KPDRV4XP.EXE (Dritek System Inc.)
PRC - C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.0.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Advanced Wheel Mouse\wh_hook.dll ()


========== Win32 Services (SafeList) ==========

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (CwAltaService20) -- C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe (ContentWatch, Inc.)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe (WildTangent, Inc.)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (nmraapache) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.)
SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (EPSONStatusAgent2) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)


========== Driver Services (SafeList) ==========

DRV - (XDva349) -- C:\WINDOWS\System32\XDva349.sys File not found
DRV - (XDva344) -- C:\WINDOWS\System32\XDva344.sys File not found
DRV - (X4HSX32) -- C:\Program Files\GameTap Web Player\bin\Release\X4HSX32.Sys File not found
DRV - (NPF) -- C:\WINDOWS\System32\drivers\npf.sys File not found
DRV - (neokdss) -- C:\WINDOWS\System32\Drivers\neokdss.sys File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (cpuz132) -- C:\DOCUME~1\Owner\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (catchme) -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys File not found
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (appliandMP) -- C:\WINDOWS\system32\drivers\appliand.sys (Applian Technologies Inc.)
DRV - (appliand) -- C:\WINDOWS\system32\drivers\appliand.sys (Applian Technologies Inc.)
DRV - (MpFilter) -- C:\WINDOWS\system32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (McPvDrv) -- C:\WINDOWS\System32\drivers\McPvDrv.sys (McAfee)
DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Pure Networks, Inc.)
DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Pure Networks, Inc.)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (nvsmu) -- C:\WINDOWS\system32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (Alpham1) -- C:\WINDOWS\system32\drivers\Alpham1.sys (Ideazon Corporation)
DRV - (ss_mdm) -- C:\WINDOWS\system32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\WINDOWS\system32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (Alpham2) -- C:\WINDOWS\system32\drivers\Alpham2.sys (Ideazon Corporation)
DRV - (whfltr2k) -- C:\WINDOWS\system32\drivers\whfltr2k.sys ()
DRV - (BS_I2cIo) -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys (BIOSTAR Group)
DRV - (pfusb) -- C:\WINDOWS\system32\drivers\pfusb.sys (Pacific Systems Solutions, Inc.)
DRV - (BIOS) -- C:\WINDOWS\system32\drivers\BIOS.sys (BIOSTAR Group)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (PIXMCVV) -- C:\WINDOWS\system32\drivers\pixmcvv.sys (Pixela)
DRV - (PIXMCVA) -- C:\WINDOWS\system32\drivers\pixmcva.sys (Pixela)
DRV - (PIXMCV) -- C:\WINDOWS\system32\drivers\pixmcvc.sys (Pixela)
DRV - (EPUSBSTOR) -- C:\WINDOWS\system32\drivers\epusbsto.sys (SEIKO EPSON CORPORATION)
DRV - (MASPINT) -- C:\WINDOWS\System32\drivers\MASPINT.SYS (MicroStaff Co.,Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA 9F 14 B4 FC E2 C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://home.mywebsea...C0.A&n=77cf8f88
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin File not found

[2010/07/05 16:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/01/20 17:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\[email protected]
[2009/06/27 18:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\extensions
[2009/06/27 18:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

O1 HOSTS File: ([2009/07/16 11:07:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll File not found
O2 - BHO: (Updater For Kandeebar) - {2c486920-dde5-4b59-bfd8-394c70602832} - C:\Program Files\kandeebar\auxi\kandeebarAu.dll File not found
O2 - BHO: (WhiteSmoke Toolbar) - {52794457-af6c-4c50-9def-f2e24f4c8889} - C:\Program Files\whitesmoketoolbar\whitesmoketoolbarX.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O3 - HKLM\..\Toolbar: (WhiteSmoke Toolbar) - {52794457-af6c-4c50-9def-f2e24f4c8889} - C:\Program Files\whitesmoketoolbar\whitesmoketoolbarX.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Replay Media Catcher\FLVSrvc.exe File not found
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [cwcptray] C:\Program Files\ContentWatch\Internet Protection\cwtray.exe (ContentWatch, Inc.)
O4 - HKLM..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe (BillP Studios)
O4 - HKLM..\Run: [KEMailKb] C:\Program Files\Micro Innovations\Internet Access Keyboard\KEMailKb.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [KPDrv4XP] C:\Program Files\Micro Innovations\Internet Access Keyboard\KPDRV4XP.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe ()
O4 - HKLM..\Run: [McPvTray] C:\Program Files\McAfee\Anti-Theft\McPvTray.exe (McAfee)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe File not found
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe File not found
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe ()
O4 - HKLM..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - HKCU..\Run: [Auto Epson Stylus NX510(Network) on Sabina-PC] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [myweather] C:\Program Files\MyFreeWeather\myweather.exe File not found
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Documents and Settings\Owner\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON CardMonitor.lnk = C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.0.exe (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - C:\Program Files\PlaySushi\PSText.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {18E66E92-A4EA-41B5-A867-A3EEB0327E7A} http://xiahw2.online...hGX_ActiveX.cab (GX_ActiveXControl Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane...C_2.3.9.113.cab (CDownloadCtrl Object)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} http://archives.game...apWebPlayer.cab (GameTap Player)
O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} http://download.netm....1_20091109.cab (NetmarbleAutoUpdater Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} http://bgweb.nowcdn....ownStarter2.cab (DownStarter2 Control)
O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} http://download.netm...nfo_1.0.0.1.cab (NetmarbleSystemIDInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} http://download.netm...kdfense8237.cab (Kdfense8 Control)
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} http://download.toon...9.23/ttinst.cab (Toontown Installer ActiveX Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.co...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/30 09:25:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/06/27 00:56:24 | 000,000,053 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{0948109a-f43d-11de-b238-00e04d9acf58}\Shell - "" = AutoRun
O33 - MountPoints2\{0948109a-f43d-11de-b238-00e04d9acf58}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{10a9a92c-7a52-11de-8978-00e04d9acf58}\Shell - "" = AutoRun
O33 - MountPoints2\{10a9a92c-7a52-11de-8978-00e04d9acf58}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{10a9a92c-7a52-11de-8978-00e04d9acf58}\Shell\AutoRun\command - "" = G:\DTSP_Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)

========== Files/Folders - Created Within 90 Days ==========

[2010/10/04 18:05:33 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/10/03 14:49:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/03 14:49:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/03 14:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/03 14:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/10/03 14:46:04 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
[2010/10/03 14:29:16 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/10/02 16:28:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\RayV
[2010/10/02 16:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\RayV
[2010/10/02 15:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/10/02 14:05:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2010/10/02 09:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2010/10/02 09:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/09/30 19:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/30 19:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/30 19:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/30 19:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/30 18:49:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\LimeWire
[2010/09/29 19:13:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010/09/27 21:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/09/27 20:58:41 | 000,397,992 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\setup.exe
[2010/09/27 19:27:53 | 000,156,984 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\_Setup.dll
[2010/09/27 19:27:26 | 000,555,520 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\ISSetup.dll
[2010/09/23 18:54:15 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/09/23 18:54:15 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/09/23 18:54:12 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/09/23 18:54:10 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/09/23 18:53:47 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/09/23 18:53:46 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/09/23 18:53:39 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/09/23 18:53:32 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/09/23 18:53:23 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/09/23 18:53:23 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/09/23 18:53:22 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/09/23 18:53:20 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/09/23 18:53:19 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/09/23 18:53:18 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/09/23 18:53:18 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/09/23 18:53:13 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/09/23 18:53:11 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/09/23 18:53:11 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/09/23 18:53:10 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/09/23 18:53:05 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/09/23 18:53:00 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/09/23 18:52:59 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/09/23 18:52:59 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/09/23 18:52:54 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/09/23 18:52:53 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/09/23 18:52:53 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/09/23 18:52:53 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/09/23 18:52:53 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/09/23 18:52:52 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/09/23 18:52:47 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/09/23 18:52:44 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/09/23 18:52:44 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/09/23 18:52:43 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/09/23 18:52:42 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/09/23 18:52:42 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/09/23 18:52:38 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/09/23 18:52:38 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/09/23 18:52:31 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/09/23 18:52:30 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/09/23 18:52:30 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/09/23 18:52:29 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/09/23 18:52:27 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/09/23 18:52:21 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/09/23 18:52:12 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/09/23 18:52:11 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/09/23 18:52:10 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010/09/23 18:52:10 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/09/23 18:52:10 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/09/23 18:52:01 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/09/23 18:52:00 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/09/23 18:52:00 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/09/23 18:51:59 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/09/23 18:51:51 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/09/23 18:51:50 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/09/23 18:51:50 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/09/23 18:51:50 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/09/23 18:51:42 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/09/23 18:51:41 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/09/23 18:51:41 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/09/23 18:51:37 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/09/23 18:51:37 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/09/23 18:51:37 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/09/23 18:51:37 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/09/23 18:51:36 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/09/23 18:51:36 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/09/23 18:51:36 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/09/23 18:51:36 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/09/23 18:51:35 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/09/23 18:51:34 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/09/23 18:51:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/09/23 18:51:33 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/09/23 18:51:32 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/09/23 18:51:30 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2010/09/23 18:51:29 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/09/23 18:51:27 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/09/23 18:51:24 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/09/23 18:51:24 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/09/23 18:51:23 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/09/23 18:51:14 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/09/23 18:51:14 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/09/23 18:51:08 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/09/23 18:51:07 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/09/23 18:51:07 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/09/23 18:51:04 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/09/23 18:50:48 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/09/23 18:50:47 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/09/23 18:50:46 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/09/23 18:50:45 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/09/23 18:50:45 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/09/23 18:50:39 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/09/23 18:50:39 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/09/23 18:50:39 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/09/23 18:50:38 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/09/23 18:50:28 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/09/23 18:50:23 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/09/23 18:50:23 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/09/23 18:50:22 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/09/23 18:50:21 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/09/23 18:50:17 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/09/23 18:50:17 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/09/23 18:50:14 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/09/23 18:50:13 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/09/23 18:50:13 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/09/23 18:50:13 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/09/23 18:50:13 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/09/23 18:50:12 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/09/23 18:50:11 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/09/23 18:50:11 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/09/23 18:50:11 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/09/23 18:50:11 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/09/23 18:50:10 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/09/23 18:50:09 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/09/23 18:49:35 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/09/23 18:49:21 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/09/23 18:49:16 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/09/23 18:49:16 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/09/23 18:49:15 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/09/23 18:49:15 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/09/23 18:49:15 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/09/23 18:49:14 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/09/23 18:49:11 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/09/23 18:49:10 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/09/23 18:49:10 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/09/23 18:49:09 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/09/23 18:49:07 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/09/23 18:49:06 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/09/23 18:48:39 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/09/23 18:48:34 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/09/23 18:48:13 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/09/23 18:47:49 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/09/23 18:47:48 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/09/23 18:47:39 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/09/23 18:47:39 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/09/23 18:47:39 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/09/23 18:47:35 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/09/23 18:47:28 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/09/23 18:47:28 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/09/23 18:47:26 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/09/23 18:47:25 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/09/23 18:47:25 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/09/23 18:47:23 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/09/23 18:47:19 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/09/23 18:47:18 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/09/23 18:47:18 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/09/23 18:47:09 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/09/23 18:46:52 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/09/23 18:46:48 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/09/23 18:46:43 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/09/23 18:46:42 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/09/23 18:46:42 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/09/23 18:46:41 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/09/23 18:46:41 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/09/23 18:46:40 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/09/23 18:46:40 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/09/23 18:46:39 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/09/23 18:46:32 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/09/23 18:46:32 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/09/23 18:46:30 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/09/23 18:46:22 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/09/23 18:46:22 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/09/23 18:46:21 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/09/23 18:46:21 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/09/23 18:46:21 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/09/23 18:46:21 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/09/23 18:46:20 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/09/23 18:46:20 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/09/23 18:46:16 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/09/23 18:46:16 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/09/23 18:46:08 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/09/23 18:46:03 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/09/23 18:45:56 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/09/23 18:45:56 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/09/23 18:45:56 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/09/23 18:45:56 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/09/23 18:45:56 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/09/23 18:45:53 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/09/23 18:45:53 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/09/23 18:45:52 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/09/23 18:45:52 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/09/23 18:45:51 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/09/23 18:45:51 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/09/23 18:45:35 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/09/23 18:45:35 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/09/23 18:45:35 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/09/23 18:45:34 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/09/23 18:45:34 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/09/23 18:45:34 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/09/23 18:45:33 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/09/23 18:45:33 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/09/23 18:45:32 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/09/23 18:45:32 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/09/23 18:45:32 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/09/23 18:45:31 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/09/23 18:45:31 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/09/23 18:45:31 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/09/23 18:45:30 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/09/23 18:45:30 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/09/23 18:45:30 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/09/23 18:45:29 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/09/23 18:45:21 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/09/23 18:45:19 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/09/23 18:45:18 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/09/23 18:45:18 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/09/23 18:45:18 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/09/23 18:45:17 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/09/23 18:45:17 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/09/23 18:45:16 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/09/23 18:45:03 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/09/23 18:45:02 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/09/23 18:44:58 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/09/22 18:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\SecondLife
[2010/09/22 18:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SecondLife
[2010/09/18 15:58:12 | 000,159,744 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmgr.exe
[2010/09/18 15:58:12 | 000,073,728 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfapi.dll
[2010/09/18 15:58:12 | 000,061,440 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmod.dll
[2010/09/18 15:58:12 | 000,047,104 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\Kdfhok.dll
[2010/09/18 15:58:10 | 000,373,248 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfinj.dll
[2010/09/18 15:58:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\kdefense
[2010/09/18 14:26:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\w3itemplate
[2010/09/17 16:10:52 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallJammer Registry
[2010/09/17 16:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Wowd
[2010/09/13 21:10:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\whitesmoketoolbar
[2010/09/13 21:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\whitesmoketoolbar
[2010/09/13 20:28:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations
[2010/09/12 19:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Outspark
[2010/09/12 14:08:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Intel
[2010/09/12 14:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/09/12 13:23:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Xfire
[2010/09/12 13:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010/09/05 14:01:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\My Streaming Media
[2010/09/05 14:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Jaksta_Pty_Ltd
[2010/09/05 13:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Replay Media Catcher 4
[2010/09/05 13:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Applian Technologies
[2010/08/27 19:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Octoshape
[2010/08/21 23:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\NeopleLauncherDFO
[2010/08/21 22:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\DFO
[2010/08/21 22:49:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/08/21 15:17:20 | 000,000,000 | ---D | C] -- C:\GamesCampus
[2010/07/28 16:10:42 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2010/07/28 16:10:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\StarCraft II
[2010/07/27 22:30:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/26 22:36:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\MumboJumbo
[2010/07/26 22:36:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/07/26 22:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\MumboJumbo
[2010/07/21 16:22:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\LolClient
[2010/07/21 15:42:31 | 000,000,000 | ---D | C] -- C:\Riot Games
[2010/07/21 15:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\LeagueofLegends
[2010/07/21 15:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\PMB Files
[2010/07/21 15:05:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/07/20 12:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/07/19 20:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\Three Rings Design
[2010/07/19 18:07:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Panda3D
[2010/07/19 16:09:14 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010/07/15 18:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\SquareEnix
[2010/07/13 11:59:04 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2010/07/12 21:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2010/07/12 21:15:12 | 000,000,000 | ---D | C] -- C:\Program Files\3.0.1.8874 US PTR Installer
[2010/07/12 13:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Phantasy Star Online
[2010/07/10 22:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/07/09 21:19:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Dragonica
[2010/07/09 20:51:30 | 000,000,000 | ---D | C] -- C:\Program Files\THQICE
[2010/07/07 20:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\TrueGames
[2010/07/07 17:44:45 | 000,000,000 | ---D | C] -- C:\CyberStep
[2010/07/07 11:18:24 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/07/06 18:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials

========== Files - Modified Within 90 Days ==========

[2010/10/04 18:08:11 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/04 18:05:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/10/04 18:02:09 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/04 18:02:09 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/04 18:02:09 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/10/04 18:02:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/04 17:47:50 | 000,150,016 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 17:36:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/10/04 17:35:01 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1715567821-839522115-1003UA.job
[2010/10/03 21:22:01 | 005,242,880 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/10/03 21:21:55 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/10/03 20:10:45 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/10/03 19:54:03 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/10/03 16:35:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1715567821-839522115-1003Core.job
[2010/10/03 14:49:32 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/03 14:47:47 | 000,000,635 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/10/03 14:47:47 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/10/03 14:46:16 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
[2010/10/03 14:29:28 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/10/03 14:18:21 | 000,001,713 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FINAL FANTASY XIV.lnk
[2010/10/02 14:16:21 | 000,000,583 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/10/02 14:16:21 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/10/02 14:16:21 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/10/02 09:07:36 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/01 15:34:16 | 1570,240,512 | ---- | M] () -- C:\Program Files\data2.cab
[2010/09/30 19:56:17 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/09/30 18:10:05 | 819,206,342 | ---- | M] () -- C:\Program Files\data3.cab
[2010/09/30 18:10:05 | 000,000,234 | -H-- | M] () -- C:\Program Files\data3.cab.bfi
[2010/09/30 18:09:53 | 000,243,030 | ---- | M] () -- C:\Program Files\setup.inx
[2010/09/30 18:09:53 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.inx.bfi
[2010/09/30 18:09:50 | 000,000,442 | ---- | M] () -- C:\Program Files\setup.ini
[2010/09/30 18:09:50 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.ini.bfi
[2010/09/30 18:09:47 | 000,000,499 | ---- | M] () -- C:\Program Files\layout.bin
[2010/09/30 18:09:47 | 000,000,187 | -H-- | M] () -- C:\Program Files\layout.bin.bfi
[2010/09/30 18:09:36 | 000,000,188 | -H-- | M] () -- C:\Program Files\ISSetup.dll.bfi
[2010/09/30 18:09:32 | 000,075,319 | ---- | M] () -- C:\Program Files\data1.hdr
[2010/09/30 18:09:32 | 000,000,186 | -H-- | M] () -- C:\Program Files\data1.hdr.bfi
[2010/09/30 18:08:52 | 001,185,606 | ---- | M] () -- C:\Program Files\data1.cab
[2010/09/30 18:08:52 | 000,000,186 | -H-- | M] () -- C:\Program Files\data1.cab.bfi
[2010/09/30 18:08:47 | 000,156,984 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\_Setup.dll
[2010/09/30 18:08:47 | 000,000,187 | -H-- | M] () -- C:\Program Files\_Setup.dll.bfi
[2010/09/30 18:08:41 | 000,397,992 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\setup.exe
[2010/09/30 18:08:41 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.exe.bfi
[2010/09/30 17:24:21 | 000,000,279 | -H-- | M] () -- C:\Program Files\data2.cab.bfi
[2010/09/28 18:42:56 | 002,109,828 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/09/27 19:27:49 | 000,055,744 | ---- | M] () -- C:\Program Files\setup.isn
[2010/09/27 19:27:49 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.isn.bfi
[2010/09/27 19:27:26 | 000,555,520 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\ISSetup.dll
[2010/09/23 12:35:30 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2010/09/19 10:20:24 | 000,675,154 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/19 10:20:23 | 000,162,184 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/19 10:20:23 | 000,004,632 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/18 16:09:17 | 000,159,744 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmgr.exe
[2010/09/18 16:09:17 | 000,073,728 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfapi.dll
[2010/09/18 15:58:12 | 000,373,248 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfinj.dll
[2010/09/18 15:58:12 | 000,061,440 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmod.dll
[2010/09/18 15:58:12 | 000,047,104 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\Kdfhok.dll
[2010/09/15 16:36:07 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/14 22:07:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/09/06 19:44:07 | 000,000,096 | -H-- | M] () -- C:\WINDOWS\System32\HsInfo.dat
[2010/09/03 10:56:02 | 002,396,672 | ---- | M] () -- C:\WINDOWS\System32\opinstaller.msi
[2010/09/02 17:39:18 | 000,345,216 | ---- | M] (Nowcom) -- C:\WINDOWS\System32\NowCDNUp2.exe
[2010/09/02 14:58:37 | 000,050,536 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/27 22:52:29 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Grand Chase.lnk
[2010/08/25 20:13:04 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Chapter 20.doc
[2010/08/25 17:39:14 | 000,208,896 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2010/08/25 17:39:02 | 000,155,648 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2010/08/25 17:38:50 | 000,026,112 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2010/08/25 17:38:38 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2010/08/25 17:37:00 | 000,503,248 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/08/25 17:36:50 | 000,887,724 | ---- | M] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/08/25 17:36:50 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/08/25 17:34:52 | 000,076,216 | ---- | M] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010/08/23 18:09:56 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\GunboundS2.lnk
[2010/08/21 23:24:03 | 000,000,210 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dungeon Fighter Online.url
[2010/08/13 12:04:51 | 000,001,499 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010/08/13 00:02:45 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/09 12:29:57 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash
[2010/08/02 00:38:00 | 000,021,866 | ---- | M] () -- C:\WINDOWS\atiogl.xml
[2010/07/29 00:40:32 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\StarCraft II.lnk
[2010/07/28 17:15:51 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk
[2010/07/27 12:05:20 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\League Of Legends.lnk
[2010/07/22 21:51:49 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/07/22 19:24:37 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\League Of Legends.lnk
[2010/07/22 14:46:41 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/07/20 12:27:53 | 000,000,019 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/07/12 13:25:59 | 000,001,111 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\PSO Blue Burst.lnk
[2010/07/09 11:00:32 | 000,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
[2010/07/06 18:31:53 | 000,000,844 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk

========== Files Created - No Company Name ==========

[2010/10/03 19:54:40 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[2010/10/03 19:54:01 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/10/03 14:49:32 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/03 14:47:47 | 000,000,635 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/10/03 14:47:47 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/10/03 14:22:31 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/03 14:18:21 | 000,001,713 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FINAL FANTASY XIV.lnk
[2010/10/02 13:58:30 | 000,076,216 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010/09/30 20:11:34 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/09/30 20:00:38 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/09/30 19:56:17 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/09/30 18:10:05 | 819,206,342 | ---- | C] () -- C:\Program Files\data3.cab
[2010/09/30 18:10:05 | 000,000,234 | -H-- | C] () -- C:\Program Files\data3.cab.bfi
[2010/09/30 18:08:52 | 001,185,606 | ---- | C] () -- C:\Program Files\data1.cab
[2010/09/30 17:24:21 | 1570,240,512 | ---- | C] () -- C:\Program Files\data2.cab
[2010/09/28 18:58:45 | 000,001,754 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2010/09/28 18:58:45 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk
[2010/09/28 18:58:45 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON CardMonitor.lnk
[2010/09/27 20:58:41 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.exe.bfi
[2010/09/27 20:55:08 | 000,000,186 | -H-- | C] () -- C:\Program Files\data1.cab.bfi
[2010/09/27 19:27:57 | 000,000,279 | -H-- | C] () -- C:\Program Files\data2.cab.bfi
[2010/09/27 19:27:53 | 000,000,187 | -H-- | C] () -- C:\Program Files\_Setup.dll.bfi
[2010/09/27 19:27:49 | 000,055,744 | ---- | C] () -- C:\Program Files\setup.isn
[2010/09/27 19:27:49 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.isn.bfi
[2010/09/27 19:27:39 | 000,243,030 | ---- | C] () -- C:\Program Files\setup.inx
[2010/09/27 19:27:39 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.inx.bfi
[2010/09/27 19:27:36 | 000,000,442 | ---- | C] () -- C:\Program Files\setup.ini
[2010/09/27 19:27:36 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.ini.bfi
[2010/09/27 19:27:33 | 000,000,499 | ---- | C] () -- C:\Program Files\layout.bin
[2010/09/27 19:27:33 | 000,000,187 | -H-- | C] () -- C:\Program Files\layout.bin.bfi
[2010/09/27 19:27:26 | 000,000,188 | -H-- | C] () -- C:\Program Files\ISSetup.dll.bfi
[2010/09/27 19:27:22 | 000,075,319 | ---- | C] () -- C:\Program Files\data1.hdr
[2010/09/27 19:27:22 | 000,000,186 | -H-- | C] () -- C:\Program Files\data1.hdr.bfi
[2010/09/23 18:54:14 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/09/23 18:54:14 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/09/23 18:54:12 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/09/23 18:51:05 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/09/23 18:51:04 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/09/23 18:51:02 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/09/23 18:51:01 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/09/23 18:49:41 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/09/23 18:49:05 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/09/23 18:47:49 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/09/23 18:47:48 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/09/23 18:47:48 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/09/23 18:47:47 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/09/23 18:47:47 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/09/23 18:46:42 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/09/23 18:46:41 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/09/23 18:46:41 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/09/23 18:45:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/09/23 18:45:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/09/23 18:45:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/09/23 18:45:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/09/23 18:45:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/09/23 18:45:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/09/23 18:45:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/09/23 18:45:44 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/09/23 18:45:44 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/09/23 18:45:44 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/09/23 18:45:41 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/09/23 18:45:41 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/09/23 18:45:41 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/09/23 18:45:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/09/23 18:45:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/09/23 18:45:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/09/23 18:45:40 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/09/23 18:45:40 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/09/23 18:45:40 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/09/23 18:45:40 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/09/23 18:45:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/09/23 18:45:38 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/09/23 18:45:37 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/09/23 18:45:37 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/09/23 18:45:37 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/09/23 18:45:29 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/09/23 18:45:28 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/09/23 18:45:11 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/09/23 18:45:11 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/09/23 18:45:11 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/09/23 18:45:10 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/09/23 18:45:10 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/09/23 18:45:10 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/09/23 18:45:10 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/09/23 18:45:10 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/09/23 18:45:09 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/09/23 18:45:06 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/09/12 19:14:00 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2010/09/12 19:14:00 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll
[2010/09/03 10:56:02 | 002,396,672 | ---- | C] () -- C:\WINDOWS\System32\opinstaller.msi
[2010/08/27 22:52:29 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Grand Chase.lnk
[2010/08/25 17:03:41 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Chapter 20.doc
[2010/08/21 22:54:03 | 000,000,210 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dungeon Fighter Online.url
[2010/08/13 12:04:51 | 000,001,499 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010/08/09 11:56:56 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\crash
[2010/08/05 13:19:21 | 000,001,499 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ijji REACTOR.lnk
[2010/07/29 00:40:32 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\StarCraft II.lnk
[2010/07/28 16:10:42 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk
[2010/07/27 12:05:20 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\League Of Legends.lnk
[2010/07/22 19:24:37 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\League Of Legends.lnk
[2010/07/19 20:51:51 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2010/07/12 21:51:38 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/12 13:24:46 | 000,001,111 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PSO Blue Burst.lnk
[2010/07/09 20:56:07 | 000,000,096 | -H-- | C] () -- C:\WINDOWS\System32\HsInfo.dat
[2010/07/09 11:00:32 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010/07/06 18:31:53 | 000,000,844 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/06/20 17:33:58 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\uc_karos_launching.dll
[2010/05/28 17:19:24 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010/05/10 17:31:13 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/05/10 17:31:13 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/05/10 17:31:06 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\$_hpcst$.hpc
[2010/04/21 21:02:03 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/04/21 21:02:03 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PnkBstrK.sys
[2010/02/07 18:58:55 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010/02/07 18:58:55 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010/02/07 18:58:55 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010/01/11 19:20:23 | 000,975,872 | ---- | C] () -- C:\WINDOWS\System32\libxml2_CW.dll
[2010/01/11 19:20:23 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\libexpat.dll
[2010/01/11 19:20:22 | 002,916,352 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_CW.dll
[2010/01/11 19:20:22 | 001,236,992 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_CW.dll
[2010/01/11 19:20:22 | 001,073,152 | ---- | C] () -- C:\WINDOWS\System32\wxcode_msw28u_wxcurl_CW.dll
[2010/01/11 19:20:22 | 000,716,800 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_CW.dll
[2010/01/11 19:20:22 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_xrc_vc_CW.dll
[2010/01/11 19:20:22 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_CW.dll
[2010/01/11 19:20:22 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_CW.dll
[2010/01/11 19:20:22 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_net_vc_CW.dll
[2010/01/11 19:20:22 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_media_vc_CW.dll
[2010/01/11 19:20:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\wxcode_msw28u_wxjson_CW.dll
[2009/12/27 20:42:24 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2009/12/27 20:42:24 | 000,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2009/08/15 12:42:46 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/07/14 12:46:19 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/05/31 12:11:17 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/05/31 00:28:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/31 00:28:50 | 000,150,016 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/30 23:12:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI
[2009/05/30 23:04:18 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/05/30 22:23:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\EPS785EPX.ini
[2009/05/30 22:00:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SelSet.INI
[2008/05/04 17:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/01/25 07:45:02 | 000,006,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\whfltr2k.sys

========== LOP Check ==========

[2010/01/11 19:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ContentWatch
[2010/01/02 00:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital PixMaster
[2010/10/02 09:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2010/06/01 12:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/02/27 23:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2010/07/26 22:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/08/21 22:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/10/02 09:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/20 17:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/09/12 18:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/02/20 23:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2010/02/21 13:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/07/20 12:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/09/28 20:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/21 21:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2010/02/27 23:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/07/27 22:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/11 20:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/31 13:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/06/05 19:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Apowersoft
[2010/07/19 20:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitTorrent
[2009/06/28 12:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\COWON
[2010/10/04 18:02:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DNA
[2010/07/05 20:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GameBox
[2010/07/13 12:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2009/05/30 22:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ideazon
[2010/06/20 17:43:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Owner\Application Data\ijjigame
[2010/09/30 19:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2010/07/21 16:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LolClient
[2010/05/20 17:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010/05/20 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ML
[2010/05/28 16:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MPEG Streamclip
[2010/08/21 23:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NeopleLauncherDFO
[2010/08/27 19:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Octoshape
[2010/05/10 17:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2010/10/02 16:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\RayV
[2010/09/05 14:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Replay Media Catcher 4
[2010/05/10 17:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Samsung
[2010/09/22 18:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SecondLife
[2010/06/04 19:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\StealthBot
[2009/07/26 20:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer
[2010/09/18 14:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\w3itemplate
[2010/09/13 21:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\whitesmoketoolbar
[2010/02/27 23:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WildTangent
[2010/09/17 16:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Wowd
[2010/10/04 18:08:11 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/05/30 09:25:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/05/30 21:07:42 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/10/02 14:16:21 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2009/06/24 18:04:51 | 000,001,419 | ---- | M] () -- C:\cmdline.txt
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2009/07/16 11:10:45 | 000,025,076 | ---- | M] () -- C:\ComboFix.txt
[2009/05/30 09:25:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/05/30 09:25:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/31 13:03:20 | 000,004,298 | ---- | M] () -- C:\LU4.log
[2009/05/30 09:25:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/09/03 16:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\npbittorrent.dll
[2009/05/30 21:06:08 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/05/30 21:48:23 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/10/04 18:01:54 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/05/29 15:40:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/05/29 15:40:13 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/05/29 15:40:13 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-29 02:23:04

========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D06A4C76
< End of report >
  • 0

Advertisements

#2
azarl
Posted 10 October 2010 - 10:02 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
Hi

Welcome to Geekstogo. I'll be helping you with this problem.

  • Please read all of my response through at least once before attempting to follow the procedures described. I would recommend printing them out, if you can, as you can check off each step as you complete it. If there's anything you don't understand or isn't totally clear, please come back to me for clarification.

  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you

»Firstly..«
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
DRV - (XDva349) -- C:\WINDOWS\System32\XDva349.sys File not found
DRV - (XDva344) -- C:\WINDOWS\System32\XDva344.sys File not found
DRV - (X4HSX32) -- C:\Program Files\GameTap Web Player\bin\Release\X4HSX32.Sys File not found
DRV - (NPF) -- C:\WINDOWS\System32\drivers\npf.sys File not found
DRV - (cpuz132) -- C:\DOCUME~1\Owner\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (catchme) -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://home.mywebsea...C0.A&n=77cf8f88
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin File not found
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No CLSID value found.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{0948109a-f43d-11de-b238-00e04d9acf58}\Shell - "" = AutoRun
O33 - MountPoints2\{0948109a-f43d-11de-b238-00e04d9acf58}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{10a9a92c-7a52-11de-8978-00e04d9acf58}\Shell - "" = AutoRun
O33 - MountPoints2\{10a9a92c-7a52-11de-8978-00e04d9acf58}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{10a9a92c-7a52-11de-8978-00e04d9acf58}\Shell\AutoRun\command - "" = G:\DTSP_Launcher.exe -- File not found

:Commands
[purity]
[emptytemp]

[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Please download Rootkit Unhooker and save it to your Desktop

  • Double-click on RKUnhookerLE to run it
  • Click the Report tab, then click Scan
  • Uncheck everything except Drivers and Stealth Code
    Posted Image
  • Click OK
  • Wait until it's finished and then go to File > Save Report
  • Save the report to your Desktop

Copy the entire contents of the report and paste it in a reply here.

Note: you may get this warning, just ignore it if you do

Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?

Next..
  • 0

#3
LoneWolf217
Posted 10 October 2010 - 05:08 PM

LoneWolf217

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hey Azarl! Thanks for helping out! Here are the logs I believe you requested. The OTL quickscan log and Rootkit Unhooker log.



OTL logfile created on: 10/10/2010 2:49:04 PM - Run 4
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 195.69 Gb Free Space | 42.02% Space Free | Partition Type: NTFS
Drive D: | 5.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 149.04 Gb Total Space | 75.95 Gb Free Space | 50.96% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KREVIN-NINO
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe (ContentWatch, Inc.)
PRC - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Documents and Settings\Owner\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
PRC - C:\Program Files\McAfee\Anti-Theft\McPvTray.exe (McAfee)
PRC - C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
PRC - C:\Program Files\MSI\Live Update 3\LMonitor.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Advanced Wheel Mouse\wh_exec.exe ()
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Micro Innovations\Internet Access Keyboard\KEMailKb.EXE (Dritek System Inc.)
PRC - C:\Program Files\Micro Innovations\Internet Access Keyboard\KPDRV4XP.EXE (Dritek System Inc.)
PRC - C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.0.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Advanced Wheel Mouse\wh_hook.dll ()


========== Win32 Services (SafeList) ==========

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (CwAltaService20) -- C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe (ContentWatch, Inc.)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe (WildTangent, Inc.)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (nmraapache) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.)
SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (EPSONStatusAgent2) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)


========== Driver Services (SafeList) ==========

DRV - (neokdss) -- C:\WINDOWS\System32\Drivers\neokdss.sys File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (appliandMP) -- C:\WINDOWS\system32\drivers\appliand.sys (Applian Technologies Inc.)
DRV - (appliand) -- C:\WINDOWS\system32\drivers\appliand.sys (Applian Technologies Inc.)
DRV - (MpFilter) -- C:\WINDOWS\system32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (McPvDrv) -- C:\WINDOWS\System32\drivers\McPvDrv.sys (McAfee)
DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Pure Networks, Inc.)
DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Pure Networks, Inc.)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (nvsmu) -- C:\WINDOWS\system32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (Alpham1) -- C:\WINDOWS\system32\drivers\Alpham1.sys (Ideazon Corporation)
DRV - (ss_mdm) -- C:\WINDOWS\system32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\WINDOWS\system32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (Alpham2) -- C:\WINDOWS\system32\drivers\Alpham2.sys (Ideazon Corporation)
DRV - (whfltr2k) -- C:\WINDOWS\system32\drivers\whfltr2k.sys ()
DRV - (BS_I2cIo) -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys (BIOSTAR Group)
DRV - (pfusb) -- C:\WINDOWS\system32\drivers\pfusb.sys (Pacific Systems Solutions, Inc.)
DRV - (BIOS) -- C:\WINDOWS\system32\drivers\BIOS.sys (BIOSTAR Group)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (PIXMCVV) -- C:\WINDOWS\system32\drivers\pixmcvv.sys (Pixela)
DRV - (PIXMCVA) -- C:\WINDOWS\system32\drivers\pixmcva.sys (Pixela)
DRV - (PIXMCV) -- C:\WINDOWS\system32\drivers\pixmcvc.sys (Pixela)
DRV - (EPUSBSTOR) -- C:\WINDOWS\system32\drivers\epusbsto.sys (SEIKO EPSON CORPORATION)
DRV - (MASPINT) -- C:\WINDOWS\System32\drivers\MASPINT.SYS (MicroStaff Co.,Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA 9F 14 B4 FC E2 C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[2010/07/05 16:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/01/20 17:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\[email protected]
[2009/06/27 18:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\extensions
[2009/06/27 18:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

O1 HOSTS File: ([2009/07/16 11:07:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O2 - BHO: (Updater For Kandeebar) - {2c486920-dde5-4b59-bfd8-394c70602832} - C:\Program Files\kandeebar\auxi\kandeebarAu.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Replay Media Catcher\FLVSrvc.exe File not found
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [cwcptray] C:\Program Files\ContentWatch\Internet Protection\cwtray.exe (ContentWatch, Inc.)
O4 - HKLM..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe (BillP Studios)
O4 - HKLM..\Run: [KEMailKb] C:\Program Files\Micro Innovations\Internet Access Keyboard\KEMailKb.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [KPDrv4XP] C:\Program Files\Micro Innovations\Internet Access Keyboard\KPDRV4XP.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe ()
O4 - HKLM..\Run: [McPvTray] C:\Program Files\McAfee\Anti-Theft\McPvTray.exe (McAfee)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe File not found
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe File not found
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe ()
O4 - HKLM..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - HKCU..\Run: [Auto Epson Stylus NX510(Network) on Sabina-PC] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [myweather] C:\Program Files\MyFreeWeather\myweather.exe File not found
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Documents and Settings\Owner\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON CardMonitor.lnk = C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.0.exe (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - C:\Program Files\PlaySushi\PSText.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {18E66E92-A4EA-41B5-A867-A3EEB0327E7A} http://xiahw2.online...hGX_ActiveX.cab (GX_ActiveXControl Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane...C_2.3.9.113.cab (CDownloadCtrl Object)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} http://archives.game...apWebPlayer.cab (GameTap Player)
O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} http://download.netm....1_20091109.cab (NetmarbleAutoUpdater Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} http://bgweb.nowcdn....ownStarter2.cab (DownStarter2 Control)
O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} http://download.netm...nfo_1.0.0.1.cab (NetmarbleSystemIDInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} http://download.netm...kdfense8237.cab (Kdfense8 Control)
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} http://download.toon...9.23/ttinst.cab (Toontown Installer ActiveX Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.co...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/30 09:25:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/06/27 00:56:24 | 000,000,053 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/10/10 14:33:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/10/08 18:44:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\BattleForge
[2010/10/04 18:05:33 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/10/03 14:49:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/03 14:49:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/03 14:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/03 14:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/10/03 14:46:04 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
[2010/10/03 14:29:16 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/10/02 16:28:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\RayV
[2010/10/02 16:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\RayV
[2010/10/02 15:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/10/02 14:05:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2010/10/02 09:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2010/10/02 09:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/09/30 19:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/30 19:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/30 19:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/30 19:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/30 18:49:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\LimeWire
[2010/09/29 19:13:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010/09/27 21:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/09/27 20:58:41 | 000,397,992 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\setup.exe
[2010/09/27 19:27:53 | 000,156,984 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\_Setup.dll
[2010/09/27 19:27:26 | 000,555,520 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\ISSetup.dll
[2010/09/23 18:54:15 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/09/23 18:54:15 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/09/23 18:54:12 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/09/23 18:54:10 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/09/23 18:53:47 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/09/23 18:53:46 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/09/23 18:53:39 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/09/23 18:53:32 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/09/23 18:53:23 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/09/23 18:53:23 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/09/23 18:53:22 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/09/23 18:53:20 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/09/23 18:53:19 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/09/23 18:53:18 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/09/23 18:53:18 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/09/23 18:53:13 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/09/23 18:53:11 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/09/23 18:53:11 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/09/23 18:53:10 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/09/23 18:53:05 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/09/23 18:53:00 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/09/23 18:52:59 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/09/23 18:52:59 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/09/23 18:52:54 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/09/23 18:52:53 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/09/23 18:52:53 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/09/23 18:52:53 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/09/23 18:52:53 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/09/23 18:52:52 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/09/23 18:52:47 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/09/23 18:52:44 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/09/23 18:52:44 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/09/23 18:52:43 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/09/23 18:52:42 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/09/23 18:52:42 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/09/23 18:52:38 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/09/23 18:52:38 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/09/23 18:52:31 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/09/23 18:52:30 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/09/23 18:52:30 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/09/23 18:52:29 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/09/23 18:52:27 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/09/23 18:52:21 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/09/23 18:52:12 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/09/23 18:52:11 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/09/23 18:52:10 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010/09/23 18:52:10 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/09/23 18:52:10 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/09/23 18:52:01 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/09/23 18:52:00 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/09/23 18:52:00 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/09/23 18:51:59 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/09/23 18:51:51 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/09/23 18:51:50 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/09/23 18:51:50 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/09/23 18:51:50 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/09/23 18:51:42 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/09/23 18:51:41 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/09/23 18:51:41 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/09/23 18:51:37 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/09/23 18:51:37 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/09/23 18:51:37 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/09/23 18:51:37 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/09/23 18:51:36 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/09/23 18:51:36 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/09/23 18:51:36 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/09/23 18:51:36 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/09/23 18:51:35 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/09/23 18:51:34 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/09/23 18:51:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/09/23 18:51:33 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/09/23 18:51:32 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/09/23 18:51:30 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2010/09/23 18:51:29 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/09/23 18:51:27 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/09/23 18:51:24 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/09/23 18:51:24 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/09/23 18:51:23 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/09/23 18:51:14 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/09/23 18:51:14 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/09/23 18:51:08 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/09/23 18:51:07 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/09/23 18:51:07 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/09/23 18:51:04 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/09/23 18:50:48 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/09/23 18:50:47 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/09/23 18:50:46 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/09/23 18:50:45 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/09/23 18:50:45 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/09/23 18:50:39 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/09/23 18:50:39 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/09/23 18:50:39 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/09/23 18:50:38 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/09/23 18:50:28 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/09/23 18:50:23 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/09/23 18:50:23 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/09/23 18:50:22 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/09/23 18:50:21 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/09/23 18:50:17 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/09/23 18:50:17 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/09/23 18:50:14 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/09/23 18:50:13 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/09/23 18:50:13 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/09/23 18:50:13 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/09/23 18:50:13 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/09/23 18:50:12 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/09/23 18:50:11 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/09/23 18:50:11 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/09/23 18:50:11 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/09/23 18:50:11 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/09/23 18:50:10 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/09/23 18:50:09 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/09/23 18:49:35 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/09/23 18:49:21 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/09/23 18:49:16 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/09/23 18:49:16 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/09/23 18:49:15 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/09/23 18:49:15 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/09/23 18:49:15 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/09/23 18:49:14 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/09/23 18:49:11 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/09/23 18:49:10 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/09/23 18:49:10 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/09/23 18:49:09 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/09/23 18:49:07 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/09/23 18:49:06 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/09/23 18:48:39 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/09/23 18:48:34 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/09/23 18:48:13 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/09/23 18:47:49 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/09/23 18:47:48 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/09/23 18:47:39 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/09/23 18:47:39 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/09/23 18:47:39 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/09/23 18:47:35 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/09/23 18:47:28 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/09/23 18:47:28 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/09/23 18:47:26 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/09/23 18:47:25 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/09/23 18:47:25 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/09/23 18:47:23 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/09/23 18:47:19 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/09/23 18:47:18 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/09/23 18:47:18 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/09/23 18:47:09 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/09/23 18:46:52 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/09/23 18:46:48 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/09/23 18:46:43 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/09/23 18:46:42 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/09/23 18:46:42 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/09/23 18:46:41 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/09/23 18:46:41 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/09/23 18:46:40 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/09/23 18:46:40 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/09/23 18:46:39 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/09/23 18:46:32 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/09/23 18:46:32 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/09/23 18:46:30 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/09/23 18:46:22 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/09/23 18:46:22 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/09/23 18:46:21 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/09/23 18:46:21 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/09/23 18:46:21 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/09/23 18:46:21 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/09/23 18:46:20 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/09/23 18:46:20 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/09/23 18:46:16 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/09/23 18:46:16 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/09/23 18:46:08 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/09/23 18:46:03 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/09/23 18:45:56 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/09/23 18:45:56 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/09/23 18:45:56 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/09/23 18:45:56 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/09/23 18:45:56 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/09/23 18:45:53 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/09/23 18:45:53 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/09/23 18:45:52 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/09/23 18:45:52 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/09/23 18:45:51 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/09/23 18:45:51 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/09/23 18:45:35 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/09/23 18:45:35 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/09/23 18:45:35 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/09/23 18:45:34 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/09/23 18:45:34 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/09/23 18:45:34 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/09/23 18:45:33 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/09/23 18:45:33 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/09/23 18:45:32 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/09/23 18:45:32 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/09/23 18:45:32 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/09/23 18:45:31 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/09/23 18:45:31 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/09/23 18:45:31 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/09/23 18:45:30 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/09/23 18:45:30 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/09/23 18:45:30 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/09/23 18:45:29 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/09/23 18:45:21 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/09/23 18:45:19 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/09/23 18:45:18 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/09/23 18:45:18 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/09/23 18:45:18 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/09/23 18:45:17 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/09/23 18:45:17 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/09/23 18:45:16 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/09/23 18:45:03 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/09/23 18:45:02 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/09/23 18:44:58 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/09/22 18:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\SecondLife
[2010/09/22 18:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SecondLife
[2010/09/18 15:58:12 | 000,159,744 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmgr.exe
[2010/09/18 15:58:12 | 000,073,728 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfapi.dll
[2010/09/18 15:58:12 | 000,061,440 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmod.dll
[2010/09/18 15:58:12 | 000,047,104 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\Kdfhok.dll
[2010/09/18 15:58:10 | 000,373,248 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfinj.dll
[2010/09/18 15:58:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\kdefense
[2010/09/18 14:26:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\w3itemplate
[2010/09/17 16:10:52 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallJammer Registry
[2010/09/17 16:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Wowd
[2010/09/13 20:28:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations
[2010/09/12 19:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Outspark
[2010/09/12 14:08:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Intel
[2010/09/12 14:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/09/12 13:23:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Xfire
[2010/09/12 13:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010/09/05 14:01:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\My Streaming Media
[2010/09/05 14:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Jaksta_Pty_Ltd
[2010/09/05 13:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Replay Media Catcher 4
[2010/09/05 13:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Applian Technologies
[2010/08/27 19:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Octoshape
[2010/08/21 23:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\NeopleLauncherDFO
[2010/08/21 22:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\DFO
[2010/08/21 22:49:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/08/21 15:17:20 | 000,000,000 | ---D | C] -- C:\GamesCampus
[2010/07/28 16:10:42 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2010/07/28 16:10:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\StarCraft II
[2010/07/27 22:30:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/26 22:36:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\MumboJumbo
[2010/07/26 22:36:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/07/26 22:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\MumboJumbo
[2010/07/21 16:22:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\LolClient
[2010/07/21 15:42:31 | 000,000,000 | ---D | C] -- C:\Riot Games
[2010/07/21 15:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\LeagueofLegends
[2010/07/21 15:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\PMB Files
[2010/07/21 15:05:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/07/20 12:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/07/19 20:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\Three Rings Design
[2010/07/19 18:07:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Panda3D
[2010/07/19 16:09:14 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010/07/15 18:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\SquareEnix
[2010/07/13 11:59:04 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2010/07/12 21:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2010/07/12 21:15:12 | 000,000,000 | ---D | C] -- C:\Program Files\3.0.1.8874 US PTR Installer

========== Files - Modified Within 90 Days ==========

[2010/10/10 14:40:53 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/10 14:35:42 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/10 14:35:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/10 14:35:41 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/10/10 14:35:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/10 14:34:28 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/10/10 14:34:28 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/10/10 13:35:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1715567821-839522115-1003UA.job
[2010/10/09 16:35:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1715567821-839522115-1003Core.job
[2010/10/08 22:39:45 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/10/08 18:44:16 | 000,001,849 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BattleForge™.lnk
[2010/10/07 01:47:42 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\The personality of Jack and Ralph represent the clash between authoritarianism and democracy for a variety of reasons.doc
[2010/10/05 22:07:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/05 15:11:14 | 000,689,972 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/05 15:11:14 | 000,168,132 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/05 15:11:14 | 000,004,614 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/10/04 18:05:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/10/04 17:47:50 | 000,150,016 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 17:36:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/10/03 19:54:03 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/10/03 14:49:32 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/03 14:47:47 | 000,000,635 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/10/03 14:47:47 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/10/03 14:46:16 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
[2010/10/03 14:29:28 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/10/03 14:18:21 | 000,001,713 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FINAL FANTASY XIV.lnk
[2010/10/02 14:16:21 | 000,000,583 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/10/02 14:16:21 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/10/02 14:16:21 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/10/02 09:07:36 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/01 15:34:16 | 1570,240,512 | ---- | M] () -- C:\Program Files\data2.cab
[2010/09/30 19:56:17 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/09/30 18:10:05 | 819,206,342 | ---- | M] () -- C:\Program Files\data3.cab
[2010/09/30 18:10:05 | 000,000,234 | -H-- | M] () -- C:\Program Files\data3.cab.bfi
[2010/09/30 18:09:53 | 000,243,030 | ---- | M] () -- C:\Program Files\setup.inx
[2010/09/30 18:09:53 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.inx.bfi
[2010/09/30 18:09:50 | 000,000,442 | ---- | M] () -- C:\Program Files\setup.ini
[2010/09/30 18:09:50 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.ini.bfi
[2010/09/30 18:09:47 | 000,000,499 | ---- | M] () -- C:\Program Files\layout.bin
[2010/09/30 18:09:47 | 000,000,187 | -H-- | M] () -- C:\Program Files\layout.bin.bfi
[2010/09/30 18:09:36 | 000,000,188 | -H-- | M] () -- C:\Program Files\ISSetup.dll.bfi
[2010/09/30 18:09:32 | 000,075,319 | ---- | M] () -- C:\Program Files\data1.hdr
[2010/09/30 18:09:32 | 000,000,186 | -H-- | M] () -- C:\Program Files\data1.hdr.bfi
[2010/09/30 18:08:52 | 001,185,606 | ---- | M] () -- C:\Program Files\data1.cab
[2010/09/30 18:08:52 | 000,000,186 | -H-- | M] () -- C:\Program Files\data1.cab.bfi
[2010/09/30 18:08:47 | 000,156,984 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\_Setup.dll
[2010/09/30 18:08:47 | 000,000,187 | -H-- | M] () -- C:\Program Files\_Setup.dll.bfi
[2010/09/30 18:08:41 | 000,397,992 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\setup.exe
[2010/09/30 18:08:41 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.exe.bfi
[2010/09/30 17:24:21 | 000,000,279 | -H-- | M] () -- C:\Program Files\data2.cab.bfi
[2010/09/28 18:42:56 | 002,109,828 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/09/27 19:27:49 | 000,055,744 | ---- | M] () -- C:\Program Files\setup.isn
[2010/09/27 19:27:49 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.isn.bfi
[2010/09/27 19:27:26 | 000,555,520 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\ISSetup.dll
[2010/09/23 12:35:30 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2010/09/18 16:09:17 | 000,159,744 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmgr.exe
[2010/09/18 16:09:17 | 000,073,728 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfapi.dll
[2010/09/18 15:58:12 | 000,373,248 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfinj.dll
[2010/09/18 15:58:12 | 000,061,440 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmod.dll
[2010/09/18 15:58:12 | 000,047,104 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\Kdfhok.dll
[2010/09/15 16:36:07 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/06 19:44:07 | 000,000,096 | -H-- | M] () -- C:\WINDOWS\System32\HsInfo.dat
[2010/09/03 10:56:02 | 002,396,672 | ---- | M] () -- C:\WINDOWS\System32\opinstaller.msi
[2010/09/02 17:39:18 | 000,345,216 | ---- | M] (Nowcom) -- C:\WINDOWS\System32\NowCDNUp2.exe
[2010/09/02 14:58:37 | 000,050,536 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/27 22:52:29 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Grand Chase.lnk
[2010/08/25 20:13:04 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Chapter 20.doc
[2010/08/25 17:39:14 | 000,208,896 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2010/08/25 17:39:02 | 000,155,648 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2010/08/25 17:38:50 | 000,026,112 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2010/08/25 17:38:38 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2010/08/25 17:37:00 | 000,503,248 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/08/25 17:36:50 | 000,887,724 | ---- | M] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/08/25 17:36:50 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/08/25 17:34:52 | 000,076,216 | ---- | M] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010/08/23 18:09:56 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\GunboundS2.lnk
[2010/08/21 23:24:03 | 000,000,210 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dungeon Fighter Online.url
[2010/08/13 12:04:51 | 000,001,499 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010/08/13 00:02:45 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/09 12:29:57 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash
[2010/08/02 00:38:00 | 000,021,866 | ---- | M] () -- C:\WINDOWS\atiogl.xml
[2010/07/29 00:40:32 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\StarCraft II.lnk
[2010/07/28 17:15:51 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk
[2010/07/27 12:05:20 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\League Of Legends.lnk
[2010/07/22 21:51:49 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/07/22 19:24:37 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\League Of Legends.lnk
[2010/07/22 14:46:41 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/07/20 12:27:53 | 000,000,019 | ---- | M] () -- C:\WINDOWS\popcinfo.dat

========== Files Created - No Company Name ==========

[2010/10/08 18:44:16 | 000,001,849 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BattleForge™.lnk
[2010/10/07 01:47:42 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\The personality of Jack and Ralph represent the clash between authoritarianism and democracy for a variety of reasons.doc
[2010/10/03 19:54:40 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[2010/10/03 19:54:01 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/10/03 14:49:32 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/03 14:47:47 | 000,000,635 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/10/03 14:47:47 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/10/03 14:22:31 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/03 14:18:21 | 000,001,713 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FINAL FANTASY XIV.lnk
[2010/10/02 13:58:30 | 000,076,216 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010/09/30 20:11:34 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/09/30 20:00:38 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/09/30 19:56:17 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/09/30 18:10:05 | 819,206,342 | ---- | C] () -- C:\Program Files\data3.cab
[2010/09/30 18:10:05 | 000,000,234 | -H-- | C] () -- C:\Program Files\data3.cab.bfi
[2010/09/30 18:08:52 | 001,185,606 | ---- | C] () -- C:\Program Files\data1.cab
[2010/09/30 17:24:21 | 1570,240,512 | ---- | C] () -- C:\Program Files\data2.cab
[2010/09/28 18:58:45 | 000,001,754 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2010/09/28 18:58:45 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk
[2010/09/28 18:58:45 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON CardMonitor.lnk
[2010/09/27 20:58:41 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.exe.bfi
[2010/09/27 20:55:08 | 000,000,186 | -H-- | C] () -- C:\Program Files\data1.cab.bfi
[2010/09/27 19:27:57 | 000,000,279 | -H-- | C] () -- C:\Program Files\data2.cab.bfi
[2010/09/27 19:27:53 | 000,000,187 | -H-- | C] () -- C:\Program Files\_Setup.dll.bfi
[2010/09/27 19:27:49 | 000,055,744 | ---- | C] () -- C:\Program Files\setup.isn
[2010/09/27 19:27:49 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.isn.bfi
[2010/09/27 19:27:39 | 000,243,030 | ---- | C] () -- C:\Program Files\setup.inx
[2010/09/27 19:27:39 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.inx.bfi
[2010/09/27 19:27:36 | 000,000,442 | ---- | C] () -- C:\Program Files\setup.ini
[2010/09/27 19:27:36 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.ini.bfi
[2010/09/27 19:27:33 | 000,000,499 | ---- | C] () -- C:\Program Files\layout.bin
[2010/09/27 19:27:33 | 000,000,187 | -H-- | C] () -- C:\Program Files\layout.bin.bfi
[2010/09/27 19:27:26 | 000,000,188 | -H-- | C] () -- C:\Program Files\ISSetup.dll.bfi
[2010/09/27 19:27:22 | 000,075,319 | ---- | C] () -- C:\Program Files\data1.hdr
[2010/09/27 19:27:22 | 000,000,186 | -H-- | C] () -- C:\Program Files\data1.hdr.bfi
[2010/09/23 18:54:14 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/09/23 18:54:14 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/09/23 18:54:12 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/09/23 18:51:05 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/09/23 18:51:04 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/09/23 18:51:02 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/09/23 18:51:01 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/09/23 18:49:41 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/09/23 18:49:05 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/09/23 18:47:49 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/09/23 18:47:48 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/09/23 18:47:48 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/09/23 18:47:47 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/09/23 18:47:47 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/09/23 18:46:42 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/09/23 18:46:41 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/09/23 18:46:41 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/09/23 18:45:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/09/23 18:45:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/09/23 18:45:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/09/23 18:45:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/09/23 18:45:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/09/23 18:45:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/09/23 18:45:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/09/23 18:45:44 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/09/23 18:45:44 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/09/23 18:45:44 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/09/23 18:45:41 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/09/23 18:45:41 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/09/23 18:45:41 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/09/23 18:45:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/09/23 18:45:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/09/23 18:45:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/09/23 18:45:40 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/09/23 18:45:40 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/09/23 18:45:40 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/09/23 18:45:40 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/09/23 18:45:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/09/23 18:45:38 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/09/23 18:45:37 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/09/23 18:45:37 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/09/23 18:45:37 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/09/23 18:45:29 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/09/23 18:45:28 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/09/23 18:45:11 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/09/23 18:45:11 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/09/23 18:45:11 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/09/23 18:45:10 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/09/23 18:45:10 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/09/23 18:45:10 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/09/23 18:45:10 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/09/23 18:45:10 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/09/23 18:45:09 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/09/23 18:45:06 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/09/12 19:14:00 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2010/09/12 19:14:00 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll
[2010/09/03 10:56:02 | 002,396,672 | ---- | C] () -- C:\WINDOWS\System32\opinstaller.msi
[2010/08/27 22:52:29 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Grand Chase.lnk
[2010/08/25 17:03:41 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Chapter 20.doc
[2010/08/21 22:54:03 | 000,000,210 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dungeon Fighter Online.url
[2010/08/13 12:04:51 | 000,001,499 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010/08/09 11:56:56 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\crash
[2010/08/05 13:19:21 | 000,001,499 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ijji REACTOR.lnk
[2010/07/29 00:40:32 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\StarCraft II.lnk
[2010/07/28 16:10:42 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk
[2010/07/27 12:05:20 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\League Of Legends.lnk
[2010/07/22 19:24:37 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\League Of Legends.lnk
[2010/07/19 20:51:51 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2010/07/12 21:51:38 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/09 11:00:32 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010/06/20 17:33:58 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\uc_karos_launching.dll
[2010/05/28 17:19:24 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010/05/10 17:31:13 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/05/10 17:31:13 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/05/10 17:31:06 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\$_hpcst$.hpc
[2010/04/21 21:02:03 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/04/21 21:02:03 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PnkBstrK.sys
[2010/02/07 18:58:55 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010/02/07 18:58:55 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010/02/07 18:58:55 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010/01/11 19:20:23 | 000,975,872 | ---- | C] () -- C:\WINDOWS\System32\libxml2_CW.dll
[2010/01/11 19:20:23 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\libexpat.dll
[2010/01/11 19:20:22 | 002,916,352 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_CW.dll
[2010/01/11 19:20:22 | 001,236,992 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_CW.dll
[2010/01/11 19:20:22 | 001,073,152 | ---- | C] () -- C:\WINDOWS\System32\wxcode_msw28u_wxcurl_CW.dll
[2010/01/11 19:20:22 | 000,716,800 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_CW.dll
[2010/01/11 19:20:22 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_xrc_vc_CW.dll
[2010/01/11 19:20:22 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_CW.dll
[2010/01/11 19:20:22 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_CW.dll
[2010/01/11 19:20:22 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_net_vc_CW.dll
[2010/01/11 19:20:22 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_media_vc_CW.dll
[2010/01/11 19:20:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\wxcode_msw28u_wxjson_CW.dll
[2009/12/27 20:42:24 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2009/12/27 20:42:24 | 000,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2009/08/15 12:42:46 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/07/14 12:46:19 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/05/31 12:11:17 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/05/31 00:28:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/31 00:28:50 | 000,150,016 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/30 23:12:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI
[2009/05/30 23:04:18 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/05/30 22:23:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\EPS785EPX.ini
[2009/05/30 22:00:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SelSet.INI
[2008/05/04 17:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/01/25 07:45:02 | 000,006,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\whfltr2k.sys

========== LOP Check ==========

[2010/01/11 19:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ContentWatch
[2010/01/02 00:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital PixMaster
[2010/10/02 09:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2010/06/01 12:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/02/27 23:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2010/07/26 22:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/08/21 22:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/10/02 09:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/20 17:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/09/12 18:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/02/20 23:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2010/02/21 13:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/07/20 12:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/09/28 20:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/21 21:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2010/02/27 23:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/07/27 22:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/11 20:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/31 13:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/06/05 19:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Apowersoft
[2010/07/19 20:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitTorrent
[2009/06/28 12:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\COWON
[2010/10/10 14:47:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DNA
[2010/07/05 20:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GameBox
[2010/07/13 12:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2009/05/30 22:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ideazon
[2010/06/20 17:43:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Owner\Application Data\ijjigame
[2010/09/30 19:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2010/07/21 16:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LolClient
[2010/05/20 17:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010/05/20 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ML
[2010/05/28 16:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MPEG Streamclip
[2010/08/21 23:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NeopleLauncherDFO
[2010/08/27 19:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Octoshape
[2010/05/10 17:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2010/10/02 16:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\RayV
[2010/09/05 14:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Replay Media Catcher 4
[2010/05/10 17:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Samsung
[2010/09/22 18:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SecondLife
[2010/06/04 19:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\StealthBot
[2009/07/26 20:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer
[2010/09/18 14:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\w3itemplate
[2010/02/27 23:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WildTangent
[2010/09/17 16:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Wowd
[2010/10/10 14:40:53 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D06A4C76
< End of report >



OTL logfile created on: 10/10/2010 2:49:04 PM - Run 4
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 195.69 Gb Free Space | 42.02% Space Free | Partition Type: NTFS
Drive D: | 5.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 149.04 Gb Total Space | 75.95 Gb Free Space | 50.96% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KREVIN-NINO
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe (ContentWatch, Inc.)
PRC - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Documents and Settings\Owner\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
PRC - C:\Program Files\McAfee\Anti-Theft\McPvTray.exe (McAfee)
PRC - C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
PRC - C:\Program Files\MSI\Live Update 3\LMonitor.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Advanced Wheel Mouse\wh_exec.exe ()
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Micro Innovations\Internet Access Keyboard\KEMailKb.EXE (Dritek System Inc.)
PRC - C:\Program Files\Micro Innovations\Internet Access Keyboard\KPDRV4XP.EXE (Dritek System Inc.)
PRC - C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.0.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Advanced Wheel Mouse\wh_hook.dll ()


========== Win32 Services (SafeList) ==========

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (CwAltaService20) -- C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe (ContentWatch, Inc.)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe (WildTangent, Inc.)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (nmraapache) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.)
SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (EPSONStatusAgent2) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)


========== Driver Services (SafeList) ==========

DRV - (neokdss) -- C:\WINDOWS\System32\Drivers\neokdss.sys File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (appliandMP) -- C:\WINDOWS\system32\drivers\appliand.sys (Applian Technologies Inc.)
DRV - (appliand) -- C:\WINDOWS\system32\drivers\appliand.sys (Applian Technologies Inc.)
DRV - (MpFilter) -- C:\WINDOWS\system32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (McPvDrv) -- C:\WINDOWS\System32\drivers\McPvDrv.sys (McAfee)
DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Pure Networks, Inc.)
DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Pure Networks, Inc.)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (nvsmu) -- C:\WINDOWS\system32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (Alpham1) -- C:\WINDOWS\system32\drivers\Alpham1.sys (Ideazon Corporation)
DRV - (ss_mdm) -- C:\WINDOWS\system32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\WINDOWS\system32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (Alpham2) -- C:\WINDOWS\system32\drivers\Alpham2.sys (Ideazon Corporation)
DRV - (whfltr2k) -- C:\WINDOWS\system32\drivers\whfltr2k.sys ()
DRV - (BS_I2cIo) -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys (BIOSTAR Group)
DRV - (pfusb) -- C:\WINDOWS\system32\drivers\pfusb.sys (Pacific Systems Solutions, Inc.)
DRV - (BIOS) -- C:\WINDOWS\system32\drivers\BIOS.sys (BIOSTAR Group)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (PIXMCVV) -- C:\WINDOWS\system32\drivers\pixmcvv.sys (Pixela)
DRV - (PIXMCVA) -- C:\WINDOWS\system32\drivers\pixmcva.sys (Pixela)
DRV - (PIXMCV) -- C:\WINDOWS\system32\drivers\pixmcvc.sys (Pixela)
DRV - (EPUSBSTOR) -- C:\WINDOWS\system32\drivers\epusbsto.sys (SEIKO EPSON CORPORATION)
DRV - (MASPINT) -- C:\WINDOWS\System32\drivers\MASPINT.SYS (MicroStaff Co.,Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA 9F 14 B4 FC E2 C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[2010/07/05 16:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/01/20 17:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\[email protected]
[2009/06/27 18:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\extensions
[2009/06/27 18:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

O1 HOSTS File: ([2009/07/16 11:07:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O2 - BHO: (Updater For Kandeebar) - {2c486920-dde5-4b59-bfd8-394c70602832} - C:\Program Files\kandeebar\auxi\kandeebarAu.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll File not found
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Replay Media Catcher\FLVSrvc.exe File not found
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [cwcptray] C:\Program Files\ContentWatch\Internet Protection\cwtray.exe (ContentWatch, Inc.)
O4 - HKLM..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe (BillP Studios)
O4 - HKLM..\Run: [KEMailKb] C:\Program Files\Micro Innovations\Internet Access Keyboard\KEMailKb.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [KPDrv4XP] C:\Program Files\Micro Innovations\Internet Access Keyboard\KPDRV4XP.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe ()
O4 - HKLM..\Run: [McPvTray] C:\Program Files\McAfee\Anti-Theft\McPvTray.exe (McAfee)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe File not found
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe File not found
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe ()
O4 - HKLM..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - HKCU..\Run: [Auto Epson Stylus NX510(Network) on Sabina-PC] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [myweather] C:\Program Files\MyFreeWeather\myweather.exe File not found
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Documents and Settings\Owner\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON CardMonitor.lnk = C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.0.exe (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - C:\Program Files\PlaySushi\PSText.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {18E66E92-A4EA-41B5-A867-A3EEB0327E7A} http://xiahw2.online...hGX_ActiveX.cab (GX_ActiveXControl Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane...C_2.3.9.113.cab (CDownloadCtrl Object)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} http://archives.game...apWebPlayer.cab (GameTap Player)
O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} http://download.netm....1_20091109.cab (NetmarbleAutoUpdater Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} http://bgweb.nowcdn....ownStarter2.cab (DownStarter2 Control)
O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} http://download.netm...nfo_1.0.0.1.cab (NetmarbleSystemIDInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} http://download.netm...kdfense8237.cab (Kdfense8 Control)
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} http://download.toon...9.23/ttinst.cab (Toontown Installer ActiveX Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.co...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/30 09:25:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/06/27 00:56:24 | 000,000,053 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/10/10 14:33:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/10/08 18:44:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\BattleForge
[2010/10/04 18:05:33 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/10/03 14:49:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/03 14:49:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/03 14:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/03 14:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/10/03 14:46:04 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
[2010/10/03 14:29:16 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/10/02 16:28:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\RayV
[2010/10/02 16:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\RayV
[2010/10/02 15:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/10/02 14:05:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2010/10/02 09:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2010/10/02 09:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/09/30 19:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/30 19:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/30 19:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/30 19:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/30 18:49:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\LimeWire
[2010/09/29 19:13:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010/09/27 21:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/09/27 20:58:41 | 000,397,992 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\setup.exe
[2010/09/27 19:27:53 | 000,156,984 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\_Setup.dll
[2010/09/27 19:27:26 | 000,555,520 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\ISSetup.dll
[2010/09/23 18:54:15 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/09/23 18:54:15 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/09/23 18:54:12 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/09/23 18:54:10 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/09/23 18:53:47 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/09/23 18:53:46 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/09/23 18:53:39 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/09/23 18:53:32 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/09/23 18:53:23 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/09/23 18:53:23 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/09/23 18:53:22 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/09/23 18:53:20 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/09/23 18:53:19 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/09/23 18:53:18 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/09/23 18:53:18 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/09/23 18:53:13 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/09/23 18:53:11 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/09/23 18:53:11 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/09/23 18:53:10 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/09/23 18:53:05 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/09/23 18:53:00 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/09/23 18:52:59 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/09/23 18:52:59 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/09/23 18:52:54 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/09/23 18:52:53 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/09/23 18:52:53 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/09/23 18:52:53 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/09/23 18:52:53 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/09/23 18:52:52 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/09/23 18:52:47 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/09/23 18:52:44 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/09/23 18:52:44 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/09/23 18:52:43 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/09/23 18:52:42 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/09/23 18:52:42 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/09/23 18:52:38 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/09/23 18:52:38 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/09/23 18:52:31 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/09/23 18:52:30 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/09/23 18:52:30 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/09/23 18:52:29 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/09/23 18:52:27 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/09/23 18:52:21 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/09/23 18:52:12 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/09/23 18:52:11 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/09/23 18:52:10 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010/09/23 18:52:10 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/09/23 18:52:10 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/09/23 18:52:01 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/09/23 18:52:00 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/09/23 18:52:00 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/09/23 18:51:59 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/09/23 18:51:51 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/09/23 18:51:50 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/09/23 18:51:50 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/09/23 18:51:50 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/09/23 18:51:42 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/09/23 18:51:41 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/09/23 18:51:41 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/09/23 18:51:37 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/09/23 18:51:37 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/09/23 18:51:37 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/09/23 18:51:37 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/09/23 18:51:36 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/09/23 18:51:36 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/09/23 18:51:36 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/09/23 18:51:36 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/09/23 18:51:35 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/09/23 18:51:34 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/09/23 18:51:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/09/23 18:51:33 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/09/23 18:51:32 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/09/23 18:51:30 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2010/09/23 18:51:29 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/09/23 18:51:27 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/09/23 18:51:24 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/09/23 18:51:24 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/09/23 18:51:23 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/09/23 18:51:14 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/09/23 18:51:14 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/09/23 18:51:08 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/09/23 18:51:07 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/09/23 18:51:07 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/09/23 18:51:04 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/09/23 18:50:48 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/09/23 18:50:47 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/09/23 18:50:46 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/09/23 18:50:45 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/09/23 18:50:45 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/09/23 18:50:39 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/09/23 18:50:39 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/09/23 18:50:39 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/09/23 18:50:38 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/09/23 18:50:28 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/09/23 18:50:23 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/09/23 18:50:23 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/09/23 18:50:22 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/09/23 18:50:21 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/09/23 18:50:17 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/09/23 18:50:17 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/09/23 18:50:14 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/09/23 18:50:13 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/09/23 18:50:13 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/09/23 18:50:13 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/09/23 18:50:13 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/09/23 18:50:12 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/09/23 18:50:11 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/09/23 18:50:11 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/09/23 18:50:11 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/09/23 18:50:11 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/09/23 18:50:10 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/09/23 18:50:09 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/09/23 18:49:35 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/09/23 18:49:21 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/09/23 18:49:16 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/09/23 18:49:16 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/09/23 18:49:15 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/09/23 18:49:15 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/09/23 18:49:15 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/09/23 18:49:14 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/09/23 18:49:11 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/09/23 18:49:10 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/09/23 18:49:10 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/09/23 18:49:09 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/09/23 18:49:07 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/09/23 18:49:06 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/09/23 18:48:39 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/09/23 18:48:34 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/09/23 18:48:13 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/09/23 18:47:49 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/09/23 18:47:48 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/09/23 18:47:39 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/09/23 18:47:39 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/09/23 18:47:39 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/09/23 18:47:35 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/09/23 18:47:28 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/09/23 18:47:28 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/09/23 18:47:26 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/09/23 18:47:25 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/09/23 18:47:25 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/09/23 18:47:23 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/09/23 18:47:19 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/09/23 18:47:18 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/09/23 18:47:18 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/09/23 18:47:09 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/09/23 18:46:52 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/09/23 18:46:48 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/09/23 18:46:43 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/09/23 18:46:42 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/09/23 18:46:42 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/09/23 18:46:41 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/09/23 18:46:41 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/09/23 18:46:40 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/09/23 18:46:40 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/09/23 18:46:39 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/09/23 18:46:32 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/09/23 18:46:32 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/09/23 18:46:30 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/09/23 18:46:22 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/09/23 18:46:22 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/09/23 18:46:21 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/09/23 18:46:21 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/09/23 18:46:21 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/09/23 18:46:21 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/09/23 18:46:20 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/09/23 18:46:20 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/09/23 18:46:16 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/09/23 18:46:16 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/09/23 18:46:08 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/09/23 18:46:03 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/09/23 18:45:56 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/09/23 18:45:56 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/09/23 18:45:56 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/09/23 18:45:56 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/09/23 18:45:56 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/09/23 18:45:53 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/09/23 18:45:53 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/09/23 18:45:52 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/09/23 18:45:52 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/09/23 18:45:51 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/09/23 18:45:51 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/09/23 18:45:35 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/09/23 18:45:35 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/09/23 18:45:35 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/09/23 18:45:34 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/09/23 18:45:34 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/09/23 18:45:34 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/09/23 18:45:33 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/09/23 18:45:33 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/09/23 18:45:32 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/09/23 18:45:32 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/09/23 18:45:32 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/09/23 18:45:31 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/09/23 18:45:31 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/09/23 18:45:31 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/09/23 18:45:30 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/09/23 18:45:30 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/09/23 18:45:30 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/09/23 18:45:29 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/09/23 18:45:21 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/09/23 18:45:19 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/09/23 18:45:18 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/09/23 18:45:18 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/09/23 18:45:18 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/09/23 18:45:17 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/09/23 18:45:17 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/09/23 18:45:16 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/09/23 18:45:03 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/09/23 18:45:02 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/09/23 18:44:58 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/09/22 18:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\SecondLife
[2010/09/22 18:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SecondLife
[2010/09/18 15:58:12 | 000,159,744 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmgr.exe
[2010/09/18 15:58:12 | 000,073,728 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfapi.dll
[2010/09/18 15:58:12 | 000,061,440 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmod.dll
[2010/09/18 15:58:12 | 000,047,104 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\Kdfhok.dll
[2010/09/18 15:58:10 | 000,373,248 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfinj.dll
[2010/09/18 15:58:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\kdefense
[2010/09/18 14:26:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\w3itemplate
[2010/09/17 16:10:52 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallJammer Registry
[2010/09/17 16:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Wowd
[2010/09/13 20:28:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations
[2010/09/12 19:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Outspark
[2010/09/12 14:08:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Intel
[2010/09/12 14:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/09/12 13:23:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Xfire
[2010/09/12 13:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010/09/05 14:01:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\My Streaming Media
[2010/09/05 14:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Jaksta_Pty_Ltd
[2010/09/05 13:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Replay Media Catcher 4
[2010/09/05 13:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Applian Technologies
[2010/08/27 19:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Octoshape
[2010/08/21 23:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\NeopleLauncherDFO
[2010/08/21 22:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\DFO
[2010/08/21 22:49:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/08/21 15:17:20 | 000,000,000 | ---D | C] -- C:\GamesCampus
[2010/07/28 16:10:42 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2010/07/28 16:10:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\StarCraft II
[2010/07/27 22:30:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/26 22:36:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\MumboJumbo
[2010/07/26 22:36:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/07/26 22:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\MumboJumbo
[2010/07/21 16:22:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\LolClient
[2010/07/21 15:42:31 | 000,000,000 | ---D | C] -- C:\Riot Games
[2010/07/21 15:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\LeagueofLegends
[2010/07/21 15:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\PMB Files
[2010/07/21 15:05:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/07/20 12:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/07/19 20:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\Three Rings Design
[2010/07/19 18:07:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Panda3D
[2010/07/19 16:09:14 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010/07/15 18:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\SquareEnix
[2010/07/13 11:59:04 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2010/07/12 21:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2010/07/12 21:15:12 | 000,000,000 | ---D | C] -- C:\Program Files\3.0.1.8874 US PTR Installer

========== Files - Modified Within 90 Days ==========

[2010/10/10 14:40:53 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/10 14:35:42 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/10 14:35:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/10 14:35:41 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/10/10 14:35:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/10 14:34:28 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/10/10 14:34:28 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/10/10 13:35:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1715567821-839522115-1003UA.job
[2010/10/09 16:35:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1715567821-839522115-1003Core.job
[2010/10/08 22:39:45 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/10/08 18:44:16 | 000,001,849 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BattleForge™.lnk
[2010/10/07 01:47:42 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\The personality of Jack and Ralph represent the clash between authoritarianism and democracy for a variety of reasons.doc
[2010/10/05 22:07:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/05 15:11:14 | 000,689,972 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/05 15:11:14 | 000,168,132 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/05 15:11:14 | 000,004,614 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/10/04 18:05:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/10/04 17:47:50 | 000,150,016 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 17:36:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/10/03 19:54:03 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/10/03 14:49:32 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/03 14:47:47 | 000,000,635 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/10/03 14:47:47 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/10/03 14:46:16 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
[2010/10/03 14:29:28 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\TFC.exe
[2010/10/03 14:18:21 | 000,001,713 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FINAL FANTASY XIV.lnk
[2010/10/02 14:16:21 | 000,000,583 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/10/02 14:16:21 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/10/02 14:16:21 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/10/02 09:07:36 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/01 15:34:16 | 1570,240,512 | ---- | M] () -- C:\Program Files\data2.cab
[2010/09/30 19:56:17 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/09/30 18:10:05 | 819,206,342 | ---- | M] () -- C:\Program Files\data3.cab
[2010/09/30 18:10:05 | 000,000,234 | -H-- | M] () -- C:\Program Files\data3.cab.bfi
[2010/09/30 18:09:53 | 000,243,030 | ---- | M] () -- C:\Program Files\setup.inx
[2010/09/30 18:09:53 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.inx.bfi
[2010/09/30 18:09:50 | 000,000,442 | ---- | M] () -- C:\Program Files\setup.ini
[2010/09/30 18:09:50 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.ini.bfi
[2010/09/30 18:09:47 | 000,000,499 | ---- | M] () -- C:\Program Files\layout.bin
[2010/09/30 18:09:47 | 000,000,187 | -H-- | M] () -- C:\Program Files\layout.bin.bfi
[2010/09/30 18:09:36 | 000,000,188 | -H-- | M] () -- C:\Program Files\ISSetup.dll.bfi
[2010/09/30 18:09:32 | 000,075,319 | ---- | M] () -- C:\Program Files\data1.hdr
[2010/09/30 18:09:32 | 000,000,186 | -H-- | M] () -- C:\Program Files\data1.hdr.bfi
[2010/09/30 18:08:52 | 001,185,606 | ---- | M] () -- C:\Program Files\data1.cab
[2010/09/30 18:08:52 | 000,000,186 | -H-- | M] () -- C:\Program Files\data1.cab.bfi
[2010/09/30 18:08:47 | 000,156,984 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\_Setup.dll
[2010/09/30 18:08:47 | 000,000,187 | -H-- | M] () -- C:\Program Files\_Setup.dll.bfi
[2010/09/30 18:08:41 | 000,397,992 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\setup.exe
[2010/09/30 18:08:41 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.exe.bfi
[2010/09/30 17:24:21 | 000,000,279 | -H-- | M] () -- C:\Program Files\data2.cab.bfi
[2010/09/28 18:42:56 | 002,109,828 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/09/27 19:27:49 | 000,055,744 | ---- | M] () -- C:\Program Files\setup.isn
[2010/09/27 19:27:49 | 000,000,186 | -H-- | M] () -- C:\Program Files\setup.isn.bfi
[2010/09/27 19:27:26 | 000,555,520 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\ISSetup.dll
[2010/09/23 12:35:30 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2010/09/18 16:09:17 | 000,159,744 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmgr.exe
[2010/09/18 16:09:17 | 000,073,728 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfapi.dll
[2010/09/18 15:58:12 | 000,373,248 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfinj.dll
[2010/09/18 15:58:12 | 000,061,440 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmod.dll
[2010/09/18 15:58:12 | 000,047,104 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\Kdfhok.dll
[2010/09/15 16:36:07 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/06 19:44:07 | 000,000,096 | -H-- | M] () -- C:\WINDOWS\System32\HsInfo.dat
[2010/09/03 10:56:02 | 002,396,672 | ---- | M] () -- C:\WINDOWS\System32\opinstaller.msi
[2010/09/02 17:39:18 | 000,345,216 | ---- | M] (Nowcom) -- C:\WINDOWS\System32\NowCDNUp2.exe
[2010/09/02 14:58:37 | 000,050,536 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/27 22:52:29 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Grand Chase.lnk
[2010/08/25 20:13:04 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Chapter 20.doc
[2010/08/25 17:39:14 | 000,208,896 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2010/08/25 17:39:02 | 000,155,648 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2010/08/25 17:38:50 | 000,026,112 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2010/08/25 17:38:38 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2010/08/25 17:37:00 | 000,503,248 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/08/25 17:36:50 | 000,887,724 | ---- | M] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/08/25 17:36:50 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/08/25 17:34:52 | 000,076,216 | ---- | M] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010/08/23 18:09:56 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\GunboundS2.lnk
[2010/08/21 23:24:03 | 000,000,210 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dungeon Fighter Online.url
[2010/08/13 12:04:51 | 000,001,499 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010/08/13 00:02:45 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/09 12:29:57 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash
[2010/08/02 00:38:00 | 000,021,866 | ---- | M] () -- C:\WINDOWS\atiogl.xml
[2010/07/29 00:40:32 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\StarCraft II.lnk
[2010/07/28 17:15:51 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk
[2010/07/27 12:05:20 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\League Of Legends.lnk
[2010/07/22 21:51:49 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/07/22 19:24:37 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\League Of Legends.lnk
[2010/07/22 14:46:41 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/07/20 12:27:53 | 000,000,019 | ---- | M] () -- C:\WINDOWS\popcinfo.dat

========== Files Created - No Company Name ==========

[2010/10/08 18:44:16 | 000,001,849 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BattleForge™.lnk
[2010/10/07 01:47:42 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\The personality of Jack and Ralph represent the clash between authoritarianism and democracy for a variety of reasons.doc
[2010/10/03 19:54:40 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[2010/10/03 19:54:01 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2010/10/03 14:49:32 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/03 14:47:47 | 000,000,635 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2010/10/03 14:47:47 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2010/10/03 14:22:31 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/03 14:18:21 | 000,001,713 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FINAL FANTASY XIV.lnk
[2010/10/02 13:58:30 | 000,076,216 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010/09/30 20:11:34 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/09/30 20:00:38 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/09/30 19:56:17 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/09/30 18:10:05 | 819,206,342 | ---- | C] () -- C:\Program Files\data3.cab
[2010/09/30 18:10:05 | 000,000,234 | -H-- | C] () -- C:\Program Files\data3.cab.bfi
[2010/09/30 18:08:52 | 001,185,606 | ---- | C] () -- C:\Program Files\data1.cab
[2010/09/30 17:24:21 | 1570,240,512 | ---- | C] () -- C:\Program Files\data2.cab
[2010/09/28 18:58:45 | 000,001,754 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2010/09/28 18:58:45 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk
[2010/09/28 18:58:45 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON CardMonitor.lnk
[2010/09/27 20:58:41 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.exe.bfi
[2010/09/27 20:55:08 | 000,000,186 | -H-- | C] () -- C:\Program Files\data1.cab.bfi
[2010/09/27 19:27:57 | 000,000,279 | -H-- | C] () -- C:\Program Files\data2.cab.bfi
[2010/09/27 19:27:53 | 000,000,187 | -H-- | C] () -- C:\Program Files\_Setup.dll.bfi
[2010/09/27 19:27:49 | 000,055,744 | ---- | C] () -- C:\Program Files\setup.isn
[2010/09/27 19:27:49 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.isn.bfi
[2010/09/27 19:27:39 | 000,243,030 | ---- | C] () -- C:\Program Files\setup.inx
[2010/09/27 19:27:39 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.inx.bfi
[2010/09/27 19:27:36 | 000,000,442 | ---- | C] () -- C:\Program Files\setup.ini
[2010/09/27 19:27:36 | 000,000,186 | -H-- | C] () -- C:\Program Files\setup.ini.bfi
[2010/09/27 19:27:33 | 000,000,499 | ---- | C] () -- C:\Program Files\layout.bin
[2010/09/27 19:27:33 | 000,000,187 | -H-- | C] () -- C:\Program Files\layout.bin.bfi
[2010/09/27 19:27:26 | 000,000,188 | -H-- | C] () -- C:\Program Files\ISSetup.dll.bfi
[2010/09/27 19:27:22 | 000,075,319 | ---- | C] () -- C:\Program Files\data1.hdr
[2010/09/27 19:27:22 | 000,000,186 | -H-- | C] () -- C:\Program Files\data1.hdr.bfi
[2010/09/23 18:54:14 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/09/23 18:54:14 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/09/23 18:54:12 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/09/23 18:51:05 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/09/23 18:51:04 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/09/23 18:51:02 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/09/23 18:51:01 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/09/23 18:49:41 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/09/23 18:49:05 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/09/23 18:47:49 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/09/23 18:47:48 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/09/23 18:47:48 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/09/23 18:47:47 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/09/23 18:47:47 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/09/23 18:46:42 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/09/23 18:46:41 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/09/23 18:46:41 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/09/23 18:45:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/09/23 18:45:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/09/23 18:45:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/09/23 18:45:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/09/23 18:45:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/09/23 18:45:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/09/23 18:45:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/09/23 18:45:44 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/09/23 18:45:44 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/09/23 18:45:44 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/09/23 18:45:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/09/23 18:45:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/09/23 18:45:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/09/23 18:45:41 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/09/23 18:45:41 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/09/23 18:45:41 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/09/23 18:45:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/09/23 18:45:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/09/23 18:45:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/09/23 18:45:40 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/09/23 18:45:40 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/09/23 18:45:40 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/09/23 18:45:40 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/09/23 18:45:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/09/23 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/09/23 18:45:38 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/09/23 18:45:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/09/23 18:45:37 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/09/23 18:45:37 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/09/23 18:45:37 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/09/23 18:45:29 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/09/23 18:45:28 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/09/23 18:45:11 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/09/23 18:45:11 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/09/23 18:45:11 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/09/23 18:45:10 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/09/23 18:45:10 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/09/23 18:45:10 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/09/23 18:45:10 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/09/23 18:45:10 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/09/23 18:45:09 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/09/23 18:45:06 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/09/12 19:14:00 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2010/09/12 19:14:00 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll
[2010/09/03 10:56:02 | 002,396,672 | ---- | C] () -- C:\WINDOWS\System32\opinstaller.msi
[2010/08/27 22:52:29 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Grand Chase.lnk
[2010/08/25 17:03:41 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Chapter 20.doc
[2010/08/21 22:54:03 | 000,000,210 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dungeon Fighter Online.url
[2010/08/13 12:04:51 | 000,001,499 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010/08/09 11:56:56 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\crash
[2010/08/05 13:19:21 | 000,001,499 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ijji REACTOR.lnk
[2010/07/29 00:40:32 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\StarCraft II.lnk
[2010/07/28 16:10:42 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk
[2010/07/27 12:05:20 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\League Of Legends.lnk
[2010/07/22 19:24:37 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\League Of Legends.lnk
[2010/07/19 20:51:51 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2010/07/12 21:51:38 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/09 11:00:32 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010/06/20 17:33:58 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\uc_karos_launching.dll
[2010/05/28 17:19:24 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010/05/10 17:31:13 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/05/10 17:31:13 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/05/10 17:31:06 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\$_hpcst$.hpc
[2010/04/21 21:02:03 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/04/21 21:02:03 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PnkBstrK.sys
[2010/02/07 18:58:55 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010/02/07 18:58:55 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010/02/07 18:58:55 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010/01/11 19:20:23 | 000,975,872 | ---- | C] () -- C:\WINDOWS\System32\libxml2_CW.dll
[2010/01/11 19:20:23 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\libexpat.dll
[2010/01/11 19:20:22 | 002,916,352 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_CW.dll
[2010/01/11 19:20:22 | 001,236,992 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_CW.dll
[2010/01/11 19:20:22 | 001,073,152 | ---- | C] () -- C:\WINDOWS\System32\wxcode_msw28u_wxcurl_CW.dll
[2010/01/11 19:20:22 | 000,716,800 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_CW.dll
[2010/01/11 19:20:22 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_xrc_vc_CW.dll
[2010/01/11 19:20:22 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_CW.dll
[2010/01/11 19:20:22 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_CW.dll
[2010/01/11 19:20:22 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_net_vc_CW.dll
[2010/01/11 19:20:22 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_media_vc_CW.dll
[2010/01/11 19:20:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\wxcode_msw28u_wxjson_CW.dll
[2009/12/27 20:42:24 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2009/12/27 20:42:24 | 000,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2009/08/15 12:42:46 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/07/14 12:46:19 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/05/31 12:11:17 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/05/31 00:28:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/31 00:28:50 | 000,150,016 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/30 23:12:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI
[2009/05/30 23:04:18 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/05/30 22:23:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\EPS785EPX.ini
[2009/05/30 22:00:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SelSet.INI
[2008/05/04 17:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/01/25 07:45:02 | 000,006,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\whfltr2k.sys

========== LOP Check ==========

[2010/01/11 19:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ContentWatch
[2010/01/02 00:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital PixMaster
[2010/10/02 09:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2010/06/01 12:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/02/27 23:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2010/07/26 22:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/08/21 22:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010/10/02 09:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/05/20 17:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/09/12 18:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/02/20 23:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2010/02/21 13:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/07/20 12:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/09/28 20:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/21 21:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2010/02/27 23:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/07/27 22:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/11 20:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/31 13:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/06/05 19:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Apowersoft
[2010/07/19 20:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\BitTorrent
[2009/06/28 12:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\COWON
[2010/10/10 14:47:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DNA
[2010/07/05 20:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GameBox
[2010/07/13 12:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2009/05/30 22:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ideazon
[2010/06/20 17:43:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Owner\Application Data\ijjigame
[2010/09/30 19:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2010/07/21 16:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LolClient
[2010/05/20 17:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010/05/20 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ML
[2010/05/28 16:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MPEG Streamclip
[2010/08/21 23:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NeopleLauncherDFO
[2010/08/27 19:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Octoshape
[2010/05/10 17:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2010/10/02 16:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\RayV
[2010/09/05 14:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Replay Media Catcher 4
[2010/05/10 17:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Samsung
[2010/09/22 18:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SecondLife
[2010/06/04 19:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\StealthBot
[2009/07/26 20:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer
[2010/09/18 14:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\w3itemplate
[2010/02/27 23:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WildTangent
[2010/09/17 16:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Wowd
[2010/10/10 14:40:53 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D06A4C76
< End of report >
  • 0

#4
azarl
Posted 11 October 2010 - 01:42 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
That's OTL twice :D

Have you the RU one please
  • 0

#5
LoneWolf217
Posted 11 October 2010 - 05:35 PM

LoneWolf217

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
oh sorry :D here you go

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #4
==============================================
>Drivers
==============================================
0xB97D6000 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 5726208 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Miniport Driver)
0xACFFA000 C:\WINDOWS\system32\drivers\RtkHDAud.sys 4988928 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)
0xBF216000 C:\WINDOWS\System32\ati3duag.dll 3928064 bytes (ATI Technologies Inc. , ati3duag.dll)
0xBF9C5000 C:\WINDOWS\System32\ativvaxx.dll 2605056 bytes (Advanced Micro Devices, Inc. , Radeon Video Acceleration Universal Driver)
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2150400 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2150400 bytes
0x804D7000 RAW 2150400 bytes
0x804D7000 WMIxWDM 2150400 bytes
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xBF108000 C:\WINDOWS\System32\atikvmag.dll 692224 bytes (ATI Technologies Inc., Virtual Command And Memory Manager)
0xBF060000 C:\WINDOWS\System32\ati2cqag.dll 688128 bytes (ATI Technologies Inc., Central Memory Manager / Queue Server Module)
0xB9E5B000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xACDAB000 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xBF1B1000 C:\WINDOWS\System32\atiok3x2.dll 413696 bytes (Advanced Micro Devices, Inc., Ring 0 x2 component)
0xB965A000 C:\WINDOWS\System32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xACEDE000 C:\WINDOWS\System32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xA9967000 C:\WINDOWS\System32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xBF012000 C:\WINDOWS\System32\ati2dvag.dll 319488 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Display Driver)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xA9476000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xACD78000 C:\WINDOWS\system32\drivers\mfehidk.sys 208896 bytes (McAfee, Inc., Host Intrusion Detection Link Driver)
0xB9F79000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xA9C66000 C:\WINDOWS\System32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xB9E2E000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xA8717000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xACE1B000 C:\WINDOWS\System32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xACE68000 C:\WINDOWS\System32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xACE90000 C:\WINDOWS\System32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xB9D6F000 C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 151552 bytes (Windows ® Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xB9573000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xB9D94000 C:\WINDOWS\System32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xB9D4C000 C:\WINDOWS\System32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xACF6A000 C:\WINDOWS\system32\DRIVERS\MpFilter.sys 143360 bytes (Microsoft Corporation, Microsoft antimalware file system filter driver)
0xACE46000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806E4000 ACPI_HAL 134400 bytes
0x806E4000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xB9F11000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xB9F49000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xB9597000 C:\WINDOWS\system32\drivers\AtiHdmi.sys 110592 bytes (ATI Research Inc., Ati High Definition Audio Function Driver)
0xB9E14000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xB97A8000 C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys 106496 bytes (Realtek Semiconductor Corporation , Realtek 10/100/1000 NDIS 5.1 Driver )
0xB9F31000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xACC87000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xB9EE8000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xB9791000 C:\WINDOWS\System32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xA9DD9000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xB9E00000 McPvDrv.sys 81920 bytes (McAfee, McAfee Personal Vault Driver)
0xB97C2000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xACF37000 C:\WINDOWS\System32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xB9EFF000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xB9F68000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xB9758000 C:\WINDOWS\System32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xACC9F000 C:\WINDOWS\System32\Drivers\Udfs.SYS 69632 bytes (Microsoft Corporation, UDF File System Driver)
0xBA178000 C:\WINDOWS\System32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xBA0B8000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xBA158000 C:\WINDOWS\System32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xBA228000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xBA188000 C:\WINDOWS\System32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xBA258000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xBA2C8000 C:\WINDOWS\system32\drivers\usbaudio.sys 61440 bytes (Microsoft Corporation, USB Audio Class Driver)
0xBA208000 C:\WINDOWS\System32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xBA0C8000 C:\WINDOWS\System32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xBA108000 C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xBA198000 C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xBA0E8000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xBA1B8000 C:\WINDOWS\System32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xBA2D8000 C:\WINDOWS\system32\DRIVERS\Alpham1.sys 45056 bytes (Ideazon Corporation, ZBoard Keyboards driver)
0xBA298000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xBA168000 C:\WINDOWS\System32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xBA0D8000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xBA1A8000 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xBA1D8000 C:\WINDOWS\system32\DRIVERS\appliand.sys 40960 bytes (Applian Technologies Inc., APPLIAND helper driver)
0xBA0A8000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xBA1F8000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xBA1E8000 C:\WINDOWS\System32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xBA0F8000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xA9717000 C:\WINDOWS\system32\FsUsbExDisk.SYS 36864 bytes
0xBA2B8000 C:\WINDOWS\System32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xBA1C8000 C:\WINDOWS\System32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xBA288000 C:\WINDOWS\System32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xA8792000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xBA148000 C:\WINDOWS\System32\DRIVERS\processr.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xBA278000 C:\WINDOWS\System32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xBA4A8000 C:\WINDOWS\system32\drivers\BS_I2cIo.sys 32768 bytes (BIOSTAR Group, I/O Interface driver file)
0xBA480000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xBA420000 C:\WINDOWS\system32\drivers\nvhda32.sys 32768 bytes (NVIDIA Corporation, NVIDIA HDMI Audio Driver)
0xBA378000 C:\WINDOWS\System32\DRIVERS\nvsmu.sys 32768 bytes (NVIDIA Corporation, NVIDIA® nForce™ SMU Microcontroller Driver)
0xBA490000 C:\WINDOWS\System32\DRIVERS\usbccgp.sys 32768 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xBA390000 C:\WINDOWS\System32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xBA450000 C:\WINDOWS\System32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xBA328000 C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xBA3A8000 C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xBA3F8000 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xBA400000 C:\WINDOWS\System32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xBA460000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xBA380000 C:\WINDOWS\system32\DRIVERS\Alpham2.sys 20480 bytes (Ideazon Corporation, MM ZBoard Keyboards driver)
0xBA470000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xBA330000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xBA438000 C:\WINDOWS\system32\DRIVERS\pnarp.sys 20480 bytes (Pure Networks, Inc., Address Resolution Protocol Driver)
0xBA3D8000 C:\WINDOWS\System32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xBA448000 C:\WINDOWS\system32\DRIVERS\purendis.sys 20480 bytes (Pure Networks, Inc., NDIS Relay Driver)
0xBA3E8000 C:\WINDOWS\System32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xBA3C8000 C:\WINDOWS\System32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xBA388000 C:\WINDOWS\System32\DRIVERS\usbohci.sys 20480 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0xBA3B8000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xB9636000 C:\WINDOWS\System32\drivers\BIOS.sys 16384 bytes (BIOSTAR Group, I/O Interface driver file)
0xACF91000 C:\WINDOWS\System32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xBA580000 C:\WINDOWS\System32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xAA12A000 C:\WINDOWS\System32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xBA54C000 C:\WINDOWS\System32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xBA4B8000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xB9769000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xACFA9000 C:\WINDOWS\System32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xACF99000 C:\WINDOWS\System32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xBA56C000 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xBA57C000 C:\WINDOWS\System32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xBA564000 C:\WINDOWS\System32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0xBA5DE000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xBA5F0000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xBA5DA000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xBA5A8000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xBA5EE000 C:\WINDOWS\System32\Drivers\MASPINT.SYS 8192 bytes (MicroStaff Co.,Ltd., Aspi32 Driver)
0xBA5E2000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xBA5E6000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xBA5B6000 C:\WINDOWS\System32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xBA5BC000 C:\WINDOWS\System32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xBA5EC000 C:\WINDOWS\system32\DRIVERS\whfltr2k.sys 8192 bytes (-, USB Mouse Lower filter driver)
0xBA5AA000 C:\WINDOWS\System32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xBA7AF000 C:\WINDOWS\System32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xBA7C7000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xBA6D7000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xBA670000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================
0x06D90000 Hidden Image-->CLI.Aspect.Radeon3D.Graphics.Wizard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 102400 bytes
0x062E0000 Hidden Image-->CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 102400 bytes
0x011F0000 Hidden Image-->CLI.Foundation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 110592 bytes
0x05780000 Hidden Image-->CLI.Aspect.MMVideo.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 110592 bytes
0x00D90000 Hidden Image-->MOM.Implementation.dll [ EPROCESS 0x89F2E798 ] PID: 3668, 118784 bytes
0x03960000 Hidden Image-->MOM.Implementation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 118784 bytes
0x075D0000 Hidden Image-->CLI.Component.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 1232896 bytes
0x04B70000 Hidden Image-->CLI.Caste.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 167936 bytes
0x072F0000 Hidden Image-->CLI.Aspect.DisplaysManager.Graphics.Wizard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 1748992 bytes
0x07A60000 Hidden Image-->CLI.Aspect.TransCode.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 192512 bytes
0x07720000 Hidden Image-->CLI.Aspect.InfoCentre.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 208896 bytes
0x063F0000 Hidden Image-->CLI.Aspect.InfoCentre.Graphics.Wizard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 217088 bytes
0x07820000 Hidden Image-->CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 282624 bytes
0x03440000 Hidden Image-->MOM.Foundation.dll [ EPROCESS 0x89F2E798 ] PID: 3668, 28672 bytes
0x036C0000 Hidden Image-->LOG.Foundation.Implementation.Private.dll [ EPROCESS 0x89F2E798 ] PID: 3668, 28672 bytes
0x011E0000 Hidden Image-->MOM.Foundation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x01210000 Hidden Image-->LOG.Foundation.Implementation.Private.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x03A20000 Hidden Image-->CLI.Component.Runtime.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x03E40000 Hidden Image-->AEM.Server.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x03F30000 Hidden Image-->AEM.Plugin.DPPE.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x03F90000 Hidden Image-->AEM.Plugin.WinMessages.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x03F80000 Hidden Image-->AEM.Plugin.Hotkeys.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x04300000 Hidden Image-->DEM.Foundation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x04310000 Hidden Image-->DEM.Graphics.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x04BF0000 Hidden Image-->AEM.Plugin.GD.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x04BB0000 Hidden Image-->DEM.Graphics.I0709.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x04C40000 Hidden Image-->AEM.Actions.CCAA.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x04C60000 Hidden Image-->ResourceManagement.Foundation.Private.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x04DA0000 Hidden Image-->DEM.Graphics.I0804.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x04F30000 Hidden Image-->CLI.Caste.Graphics.Runtime.Shared.Private.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x054C0000 Hidden Image-->CLI.Aspect.VPURecover.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x057E0000 Hidden Image-->DEM.Graphics.I0912.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x057D0000 Hidden Image-->CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x05930000 Hidden Image-->DEM.Graphics.I0706.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x05970000 Hidden Image-->CLI.Aspect.HotkeysHandling.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x05A10000 Hidden Image-->CLI.Aspect.Welcome.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x059D0000 Hidden Image-->DEM.Graphics.I0712.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x05A40000 Hidden Image-->DEM.Graphics.I0906.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x05AD0000 Hidden Image-->DEM.Graphics.I0805.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x05AB0000 Hidden Image-->DEM.Graphics.I0812.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x05B50000 Hidden Image-->DEM.Graphics.I0703.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x05BF0000 Hidden Image-->atixclib.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x06270000 Hidden Image-->CLI.Caste.HydraVision.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x062B0000 Hidden Image-->APM.Foundation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x066B0000 Hidden Image-->AEM.Plugin.REG.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x06440000 Hidden Image-->CLI.Caste.HydraVision.Wizard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x06470000 Hidden Image-->CLI.Component.Dashboard.Shared.Private.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x064A0000 Hidden Image-->CLI.Caste.Graphics.Dashboard.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x06510000 Hidden Image-->CLI.Component.Runtime.Extension.EEU.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x066D0000 Hidden Image-->AEM.Plugin.EEU.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x06870000 Hidden Image-->CLI.Component.Client.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x06A10000 Hidden Image-->Branding.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x06A00000 Hidden Image-->CLI.Component.Wizard.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x06B40000 Hidden Image-->CLI.Caste.Graphics.Wizard.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x06C90000 Hidden Image-->CLI.Caste.HydraVision.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 28672 bytes
0x036E0000 Hidden Image-->System.Runtime.Remoting.dll [ EPROCESS 0x89F2E798 ] PID: 3668, 307200 bytes
0x033A0000 Hidden Image-->System.Runtime.Remoting.dll [ EPROCESS 0x89E26440 ] PID: 2760, 307200 bytes
0x07040000 Hidden Image-->CLI.Aspect.Radeon3D.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 364544 bytes
0x03D90000 Hidden Image-->NEWAEM.Foundation.dll [ EPROCESS 0x89F2E798 ] PID: 3668, 36864 bytes
0x039B0000 Hidden Image-->CLI.Foundation.XManifest.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x03A00000 Hidden Image-->AxInterop.WBOCXLib.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x03BC0000 Hidden Image-->NEWAEM.Foundation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x03F50000 Hidden Image-->Interop.WBOCXLib.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x05470000 Hidden Image-->CLI.Aspect.DisplaysColour2.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x054A0000 Hidden Image-->CLI.Aspect.VPURecover.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x05650000 Hidden Image-->CLI.Aspect.Welcome.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x05630000 Hidden Image-->CLI.Aspect.DisplaysOptions.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x05640000 Hidden Image-->CLI.Aspect.TransCode.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x05660000 Hidden Image-->CLI.Aspect.CustomFormats.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x06260000 Hidden Image-->CLI.Caste.HydraVision.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x06450000 Hidden Image-->CLI.Component.Dashboard.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x06A30000 Hidden Image-->CLI.Component.Wizard.Shared.Private.dll [ EPROCESS 0x89E26440 ] PID: 2760, 36864 bytes
0x06370000 Hidden Image-->CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 389120 bytes
0x04B00000 Hidden Image-->CLI.Caste.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 397312 bytes
0x06300000 Hidden Image-->CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 405504 bytes
0x06800000 Hidden Image-->CLI.Component.Wizard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 413696 bytes
0x06FD0000 Hidden Image-->CLI.Aspect.MMVideo.Graphics.Wizard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 421888 bytes
0x07760000 Hidden Image-->CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 421888 bytes
0x032A0000 Hidden Image-->LOG.Foundation.dll [ EPROCESS 0x89F2E798 ] PID: 3668, 45056 bytes
0x03310000 Hidden Image-->LOG.Foundation.Private.dll [ EPROCESS 0x89F2E798 ] PID: 3668, 45056 bytes
0x03D60000 Hidden Image-->CCC.Implementation.dll [ EPROCESS 0x89F2E798 ] PID: 3668, 45056 bytes
0x00DE0000 Hidden Image-->CCC.Implementation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 45056 bytes
0x011D0000 Hidden Image-->LOG.Foundation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 45056 bytes
0x01260000 Hidden Image-->LOG.Foundation.Private.dll [ EPROCESS 0x89E26440 ] PID: 2760, 45056 bytes
0x03A40000 Hidden Image-->ATICCCom.dll [ EPROCESS 0x89E26440 ] PID: 2760, 45056 bytes
0x05350000 Hidden Image-->CLI.Aspect.DeviceLCD.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 45056 bytes
0x054B0000 Hidden Image-->CLI.Aspect.DeviceLCD.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 45056 bytes
0x04330000 Hidden Image-->ATIDEMGX.dll [ EPROCESS 0x89E26440 ] PID: 2760, 487424 bytes
0x03A10000 Hidden Image-->CLI.Foundation.Private.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x03BB0000 Hidden Image-->AEM.Server.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x03E70000 Hidden Image-->AEM.Plugin.Source.Kit.Server.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x042F0000 Hidden Image-->DEM.Graphics.I0601.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x04ED0000 Hidden Image-->CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x04EE0000 Hidden Image-->CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x04F00000 Hidden Image-->CLI.Aspect.DeviceCRT.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x05980000 Hidden Image-->CLI.Aspect.TransCode.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x059E0000 Hidden Image-->CLI.Aspect.DeviceCV.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x066E0000 Hidden Image-->CLI.Component.Client.Shared.Private.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x06A20000 Hidden Image-->CLI.Caste.Graphics.Wizard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 53248 bytes
0x06620000 Hidden Image-->CLI.Component.Systemtray.dll [ EPROCESS 0x89E26440 ] PID: 2760, 585728 bytes
0x070A0000 Hidden Image-->CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 585728 bytes
0x039E0000 Hidden Image-->CLI.Component.Runtime.Shared.Private.dll [ EPROCESS 0x89E26440 ] PID: 2760, 61440 bytes
0x05500000 Hidden Image-->CLI.Aspect.DeviceDFP.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 61440 bytes
0x05920000 Hidden Image-->CLI.Aspect.DeviceCRT.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 61440 bytes
0x05AA0000 Hidden Image-->CLI.Aspect.DeviceProperty.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 61440 bytes
0x05A30000 Hidden Image-->CLI.Aspect.DeviceProperty.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 61440 bytes
0x07AB0000 Hidden Image-->CLI.Aspect.OverDrive5.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 667648 bytes
0x039C0000 Hidden Image-->CLI.Component.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 69632 bytes
0x03980000 Hidden Image-->CLI.Component.SkinFactory.dll [ EPROCESS 0x89E26440 ] PID: 2760, 69632 bytes
0x057B0000 Hidden Image-->CLI.Aspect.Radeon3D.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 69632 bytes
0x05940000 Hidden Image-->CLI.Aspect.OverDrive5.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 69632 bytes
0x06290000 Hidden Image-->APM.Server.dll [ EPROCESS 0x89E26440 ] PID: 2760, 69632 bytes
0x07A90000 Hidden Image-->CLI.Aspect.VPURecover.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 69632 bytes
0x06940000 Hidden Image-->ResourceManagement.Foundation.Implementation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 749568 bytes
0x03320000 Hidden Image-->LOG.Foundation.Implementation.dll [ EPROCESS 0x89F2E798 ] PID: 3668, 77824 bytes
0x01220000 Hidden Image-->LOG.Foundation.Implementation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 77824 bytes
0x05480000 Hidden Image-->CLI.Aspect.DeviceDFP.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 77824 bytes
0x05510000 Hidden Image-->CLI.Aspect.Radeon3D.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 77824 bytes
0x057F0000 Hidden Image-->CLI.Aspect.DeviceCV.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 77824 bytes
0x059B0000 Hidden Image-->CLI.Aspect.MMVideo.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 77824 bytes
0x05A50000 Hidden Image-->CLI.Aspect.DeviceTV.Graphics.Shared.dll [ EPROCESS 0x89E26440 ] PID: 2760, 77824 bytes
0x07700000 Hidden Image-->CLI.Aspect.Welcome.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 77824 bytes
0x054D0000 Hidden Image-->CLI.Aspect.OverDrive5.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 86016 bytes
0x03A80000 Hidden Image-->ADL.Foundation.dll [ EPROCESS 0x89E26440 ] PID: 2760, 86016 bytes
0x05990000 Hidden Image-->CLI.Aspect.DeviceTV.Graphics.Runtime.dll [ EPROCESS 0x89E26440 ] PID: 2760, 86016 bytes
0x06480000 Hidden Image-->CLI.Caste.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 86016 bytes
0x07950000 Hidden Image-->CLI.Aspect.MMVideo.Graphics.Dashboard.dll [ EPROCESS 0x89E26440 ] PID: 2760, 888832 bytes
  • 0

#6
azarl
Posted 12 October 2010 - 01:49 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
» Step 1 «
Run Malwarebytes again please.
  • Click on the Update tab and Check for Updates.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, click the Scanner tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

» Step 2 «
Kaspersky WebScanner
Please do an online scan with Kaspersky WebScanner

Kaspersky online scanner uses JAVA technology to perform the scan. If you do not have the latest JAVA version, follow the instructions below under Upgrading Java, to download and install the latest vision.

Upgrading Java
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 21.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u21-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u21-windows-i586-p.exe and select "Run as an Administrator.")
Running Kaspersky WebScanner
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure the following is checked.
    • Spyware, Adware, Diallers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.

  • 0

#7
LoneWolf217
Posted 14 October 2010 - 12:22 AM

LoneWolf217

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hey and thanks again! Sorry for the delayed response, but here are the logs you've requested, and also, sorry, but I wont be here again until Saturday night. Sorry! I didn't expect this to go all the way from October 4th.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4806

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/12/2010 2:45:25 PM
mbam-log-2010-10-12 (14-45-25).txt

Scan type: Quick scan
Objects scanned: 152758
Time elapsed: 4 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Wednesday, October 13, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Wednesday, October 13, 2010 17:35:27
Records in database: 4203207
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Objects scanned: 509779
Threats found: 4
Infected objects found: 8
Suspicious objects found: 0
Scan duration: 05:21:19


File name / Threat / Threats count
C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\gvtlf.dll Infected: not-a-virus:AdWare.Win32.Gamevance.dvo 1
C:\Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations\{91A3E893-3836-437A-81FD-BAAFFBD0814F}\MediaSPace.msi Infected: Trojan-Downloader.Win32.Agent.dwvj 1
C:\Documents and Settings\Owner\My Documents\Monopoly Here & Now\Monopoly.exe Infected: Trojan-GameThief.Win32.Magania.dvyw 1
C:\System Volume Information\_restore{2D255E3F-3A49-40C3-B95C-4771DF64F8C2}\RP293\A0067481.rbf Infected: Trojan-Downloader.Win32.Agent.dwvj 1
C:\System Volume Information\_restore{2D255E3F-3A49-40C3-B95C-4771DF64F8C2}\RP326\A0089266.DLL Infected: Packed.Win32.Krap.hc 1
C:\System Volume Information\_restore{2D255E3F-3A49-40C3-B95C-4771DF64F8C2}\RP326\A0089268.DLL Infected: Packed.Win32.Krap.hc 1
C:\System Volume Information\_restore{2D255E3F-3A49-40C3-B95C-4771DF64F8C2}\RP326\A0089657.DLL Infected: Packed.Win32.Krap.hc 1
E:\Monopoly Here & Now\Monopoly.exe Infected: Trojan-GameThief.Win32.Magania.dvyw 1

Selected area has been scanned.
  • 0

#8
azarl
Posted 14 October 2010 - 02:03 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
» Step 1 «
If you have Monopoly Here & Now, uninstall it through your control panel

++++++++++ oOo +++++++++


» Step 2 «
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Files
C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\gvtlf.dll
C:\Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations\{91A3E893-3836-437A-81FD-BAAFFBD0814F}
C:\Documents and Settings\Owner\My Documents\Monopoly Here & Now
E:\Monopoly Here & Now

:Commands
[purity]
[emptytemp]

[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the log it produces in your next reply.

++++++++++ oOo +++++++++


» Step 3 «
Please download DDS and save it to your desktop.
  • Disable any script blocking protection
  • Double click dds.scr to run the tool.
  • When done, DDS.txt will open.
  • Click Yes at the next prompt for Optional Scan.
  • Save both reports to your desktop.
---------------------------------------------------

Please include the contents of the following in your next reply:

DDS.txt

Please attach the second file; Attach.txt. To attach a file, do the following:
  • Under the reply panel is the Attachments Panel
  • Browse for the attachment file you want to upload, then click the Attach This File button
  • Click on Add to Post

«®»
  • 0

#9
LoneWolf217
Posted 18 October 2010 - 01:04 AM

LoneWolf217

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
I am unable to uninstall Monopoly Here & Now because it was never actually installed into my computer. Not sure if it matters but if you would like to know the story behind that is I got the game via Mcdonalds Monopoly. Later after that, I had reformatted my computer for some reason I don't remember. I had saved Monopoly Here & Now on my spare hard drive, (Drive E) and so I still have it on my computer. Since uninstalling Monopoly Here & Now through the control panel is step 1, I decided not to go on with the other steps until I receive further instructions whether it was fine to just skip step 1, just delete the Monopoly Here & Now folder, or etc. Thanks!
  • 0

#10
azarl
Posted 18 October 2010 - 02:09 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
That's fine, just do the other steps please
  • 0

Advertisements

#11
LoneWolf217
Posted 18 October 2010 - 05:14 PM

LoneWolf217

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hey Azarl! Here are the logs and attachments you've requested.

All processes killed
========== FILES ==========
C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\gvtlf.dll moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations\{91A3E893-3836-437A-81FD-BAAFFBD0814F} folder moved successfully.
C:\Documents and Settings\Owner\My Documents\Monopoly Here & Now\My Videos folder moved successfully.
C:\Documents and Settings\Owner\My Documents\Monopoly Here & Now folder moved successfully.
E:\Monopoly Here & Now\My Videos folder moved successfully.
E:\Monopoly Here & Now folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.KREVIN-NINO
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 33160 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner
->Temp folder emptied: 130790097 bytes
->Temporary Internet Files folder emptied: 112765291 bytes
->Java cache emptied: 182999 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 7699 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 650639 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 233.00 mb


OTL by OldTimer - Version 3.2.14.1 log created on 10182010_144238

Files\Folders moved on Reboot...
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\NK3YULSK\morestories[1].htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\NK3YULSK\page__p__1914899__fromsearch__1[1].htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\NK3YULSK\xd_proxy[1].htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\LKUQ5W7W\redirectiframe[2].html moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\BYEYMNWZ\11[9].htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\BYEYMNWZ\facebook_com[1].htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\BYEYMNWZ\history_manager[3].htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\1QCUETCL\like[1].htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...


DDS (Ver_10-10-10.03) - NTFSx86
Run by Owner at 15:11:15.04 on Mon 10/18/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3327.2478 [GMT -8:00]

AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\ADVANC~1\wh_exec.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\McAfee\Anti-Theft\McPvTray.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\PROGRA~1\MICROI~1\INTERN~1\KPDrv4XP.EXE
C:\PROGRA~1\MICROI~1\INTERN~1\KEMailKb.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Documents and Settings\Owner\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.0.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Updater For Kandeebar: {2c486920-dde5-4b59-bfd8-394c70602832} - c:\program files\kandeebar\auxi\kandeebarAu.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [Octoshape Streaming Services] "c:\documents and settings\owner\application data\octoshape\octoshape streaming services\OctoshapeClient.exe" -inv:bootrun
uRun: [myweather] "c:\program files\myfreeweather\myweather.exe" /autorun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
uRun: [Auto Epson Stylus NX510(Network) on Sabina-PC] c:\windows\system32\spool\drivers\w32x86\3\e_fatifia.exe /fu "c:\windows\temp\E_S2F8.tmp" /EF "HKCU"
mRun: [Zboard] c:\program files\ideazon\zengine\Zboard.exe
mRun: [WheelMouse] c:\advanc~1\wh_exec.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NPSStartup]
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0401.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [McPvTray] c:\program files\mcafee\anti-theft\McPvTray.exe
mRun: [LiveMonitor] c:\program files\msi\live update 3\LMonitor.exe
mRun: [KPDrv4XP] c:\progra~1\microi~1\intern~1\KPDrv4XP.EXE
mRun: [KEMailKb] c:\progra~1\microi~1\intern~1\KEMailKb.EXE
mRun: [Ink Monitor] c:\program files\epson\ink monitor\InkMonitor.exe
mRun: [cwcptray] c:\program files\contentwatch\internet protection\cwtray.exe
mRun: [Ask and Record FLV Service] "c:\program files\replay media catcher\FLVSrvc.exe" /run
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\epsonc~1.lnk - c:\program files\epson\epson cardmonitor\EPSON CardMonitor1.0.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\epsons~1.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: &Search
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - c:\program files\playsushi\PSText.dll
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {18E66E92-A4EA-41B5-A867-A3EEB0327E7A} - hxxp://xiahw2.onlinegame.com/cab_include/XiahGX_ActiveX.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} - hxxp://download.netmarble.net/ActiveX/NMAutoUpdateX/NMAutoUpdateX_1.0.1.1_20091109.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} - hxxp://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
DPF: {89F434A7-4A49-4394-AC02-007480331AE2} - hxxp://download.netmarble.net/ActiveX/NMAutoUpdateX/SystemIDInfo/NMSystemIDInfo_1.0.0.1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} - hxxp://download.netmarble.net/kdefence/kdfense8237.cab
DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://download.toontown.com/sv1.0.39.23/ttinst.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: AtiExtEvent - Ati2evxx.dll

============= SERVICES / DRIVERS ===============

R0 McPvDrv;McPvDrv;c:\windows\system32\drivers\McPvDrv.sys [2008-5-28 61688]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2009-5-30 13696]
R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [2009-6-1 8192]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-3-25 214664]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
R2 CwAltaService20;ContentWatch;c:\program files\contentwatch\internet protection\cwsvc.exe [2010-1-11 2100032]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-5-10 238952]
R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [2010-6-24 28256]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-5-10 36608]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2008-4-28 38176]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [2007-1-25 6784]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-12 136176]
S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [2010-6-24 28256]
S3 EPUSBSTOR;EPSON USB Storage Driver;c:\windows\system32\drivers\epusbsto.sys [2001-9-10 17976]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-5-30 79816]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-5-30 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-5-30 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-5-30 40552]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 pfusb;pfusb;c:\windows\system32\drivers\pfusb.sys [2009-8-31 12272]
S3 PIXMCV;JVC Communication PIX-MCV Driver;c:\windows\system32\drivers\pixmcvc.sys [2009-12-27 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture;c:\windows\system32\drivers\pixmcva.sys [2009-12-27 28057]
S3 PIXMCVV;JVC PIX-MCV Video Capture;c:\windows\system32\drivers\pixmcvv.sys [2009-12-27 21081]

=============== Created Last 30 ================

2010-10-18 22:55:10 6084944 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{06246412-2bc1-4cd7-be9a-20c91ee4f5da}\mpengine.dll
2010-10-13 23:52:09 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Yahoo!
2010-10-13 23:34:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-10-10 22:33:14 -------- d-----w- C:\_OTL
2010-10-03 22:49:29 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-03 22:49:28 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-03 22:49:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-03 00:28:47 -------- d-----w- c:\docume~1\owner\applic~1\RayV
2010-10-03 00:28:41 -------- d-----w- c:\program files\RayV
2010-10-02 21:58:29 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-10-02 17:21:35 -------- d-----w- c:\docume~1\alluse~1\applic~1\Driver Boost
2010-10-02 17:15:47 -------- d-----w- c:\docume~1\alluse~1\applic~1\PC Drivers HeadQuarters
2010-10-01 03:59:31 -------- d-----w- c:\program files\iPod
2010-10-01 03:59:28 -------- d-----w- c:\program files\iTunes
2010-10-01 03:56:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-10-01 03:56:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-10-01 03:56:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-10-01 03:56:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-10-01 03:56:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-10-01 03:56:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-10-01 03:56:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2010-10-01 03:53:42 -------- d-----w- c:\program files\Bonjour
2010-09-30 03:13:59 -------- d-----w- c:\program files\common files\ATI Technologies
2010-09-28 04:58:41 397992 ----a-w- c:\program files\setup.exe
2010-09-28 03:27:53 156984 ----a-w- c:\program files\_Setup.dll
2010-09-28 03:27:33 499 ----a-w- c:\program files\layout.bin
2010-09-28 03:27:26 555520 ----a-w- c:\program files\ISSetup.dll
2010-09-24 02:54:15 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-09-24 02:54:15 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-09-24 02:54:14 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-09-24 02:54:14 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-09-24 02:54:14 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-09-24 02:54:12 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-09-24 02:54:10 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-09-24 02:54:09 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-09-24 02:54:05 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-09-24 02:54:04 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2010-09-24 02:52:59 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2010-09-24 02:51:59 32768 -c--a-w- c:\windows\system32\dllcache\sisnic.sys
2010-09-24 02:50:59 7168 -c--a-w- c:\windows\system32\dllcache\pnrmc.sys
2010-09-24 02:49:59 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2010-09-24 02:48:54 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2010-09-24 02:47:54 73279 -c--a-w- c:\windows\system32\dllcache\hsf_spkp.sys
2010-09-24 02:46:58 19594 -c--a-w- c:\windows\system32\dllcache\e100isa4.sys
2010-09-24 02:45:58 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-09-24 02:44:59 36224 -c--a-w- c:\windows\system32\dllcache\an983.sys
2010-09-24 02:44:59 12032 -c--a-w- c:\windows\system32\dllcache\amsint.sys
2010-09-24 02:44:58 5248 -c--a-w- c:\windows\system32\dllcache\aliide.sys
2010-09-24 02:44:58 16969 -c--a-w- c:\windows\system32\dllcache\amb8002.sys
2010-09-24 02:44:57 56960 -c--a-w- c:\windows\system32\dllcache\aic78xx.sys
2010-09-24 02:44:57 27678 -c--a-w- c:\windows\system32\dllcache\ali5261.sys
2010-09-24 02:44:57 26624 -c--a-w- c:\windows\system32\dllcache\alifir.sys
2010-09-24 02:44:56 55168 -c--a-w- c:\windows\system32\dllcache\aic78u2.sys
2010-09-24 02:44:56 12800 -c--a-w- c:\windows\system32\dllcache\aha154x.sys
2010-09-23 02:33:06 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\SecondLife
2010-09-18 23:58:12 73728 ----a-w- c:\windows\system32\kdfapi.dll
2010-09-18 23:58:12 61440 ----a-w- c:\windows\system32\kdfmod.dll
2010-09-18 23:58:12 47104 ----a-w- c:\windows\system32\Kdfhok.dll
2010-09-18 23:58:12 159744 ----a-w- c:\windows\system32\kdfmgr.exe
2010-09-18 23:58:10 373248 ----a-w- c:\windows\system32\kdfinj.dll
2010-09-18 23:58:09 -------- d-----w- c:\windows\kdefense

==================== Find3M ====================

2010-10-13 23:34:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-18 20:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 19:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 19:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-03 18:56:02 2396672 ----a-w- c:\windows\system32\opinstaller.msi
2010-09-03 01:39:18 345216 ----a-w- c:\windows\system32\NowCDNUp2.exe
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 02:12:06 57344 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-26 02:11:58 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-26 02:10:36 4390912 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-26 02:03:38 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-08-26 02:01:14 15876096 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-26 01:57:40 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-26 01:56:36 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-08-26 01:52:24 3927936 ----a-w- c:\windows\system32\ati3duag.dll
2010-08-26 01:39:14 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-26 01:39:02 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-26 01:38:50 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-08-26 01:38:38 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-26 01:38:26 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-08-26 01:37:20 2603520 ----a-w- c:\windows\system32\ativvaxx.dll
2010-08-26 01:37:00 606208 ----a-w- c:\windows\system32\ati2evxx.exe
2010-08-26 01:35:32 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-08-26 01:30:56 626688 ----a-w- c:\windows\system32\atikvmag.dll
2010-08-26 01:30:54 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-08-26 01:29:10 188416 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-26 01:28:54 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-08-26 01:23:34 688128 ----a-w- c:\windows\system32\ati2cqag.dll
2010-08-26 01:22:08 64512 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-26 01:22:08 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-28 02:44:10 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-28 02:44:10 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-28 02:44:10 107808 ----a-w- c:\windows\system32\dns-sd.exe

============= FINISH: 15:12:03.04 ===============

Attached Files


  • 0

#12
azarl
Posted 19 October 2010 - 03:21 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
» Step 1 «
Clear Cache/Temp Files
Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

» Step 2 «
Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

» Step 3 «
Kaspersky WebScanner
Please do an online scan with Kaspersky WebScanner

Kaspersky online scanner uses JAVA technology to perform the scan. If you do not have the latest JAVA version, follow the instructions below under Upgrading Java, to download and install the latest vision.

Upgrading Java
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 21.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u21-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u21-windows-i586-p.exe and select "Run as an Administrator.")
Running Kaspersky WebScanner
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure the following is checked.
    • Spyware, Adware, Diallers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.

  • 0

#13
LoneWolf217
Posted 20 October 2010 - 05:12 PM

LoneWolf217

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hey Azarl! Here are the logs you've requested.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4887

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/19/2010 6:58:28 PM
mbam-log-2010-10-19 (18-58-28).txt

Scan type: Quick scan
Objects scanned: 153620
Time elapsed: 4 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)





--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Wednesday, October 20, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Wednesday, October 20, 2010 12:00:57
Records in database: 4189449
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Objects scanned: 507353
Threats found: 4
Infected objects found: 8
Suspicious objects found: 0
Scan duration: 05:13:56


File name / Threat / Threats count
C:\System Volume Information\_restore{2D255E3F-3A49-40C3-B95C-4771DF64F8C2}\RP293\A0067481.rbf Infected: Trojan-Downloader.Win32.Agent.dwvj 1
C:\System Volume Information\_restore{2D255E3F-3A49-40C3-B95C-4771DF64F8C2}\RP326\A0089266.DLL Infected: Packed.Win32.Krap.hc 1
C:\System Volume Information\_restore{2D255E3F-3A49-40C3-B95C-4771DF64F8C2}\RP326\A0089268.DLL Infected: Packed.Win32.Krap.hc 1
C:\System Volume Information\_restore{2D255E3F-3A49-40C3-B95C-4771DF64F8C2}\RP326\A0089657.DLL Infected: Packed.Win32.Krap.hc 1
C:\_OTL\MovedFiles\10182010_144238\C_Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\gvtlf.dll Infected: not-a-virus:AdWare.Win32.Gamevance.dvo 1
C:\_OTL\MovedFiles\10182010_144238\C_Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations\{91A3E893-3836-437A-81FD-BAAFFBD0814F}\MediaSPace.msi Infected: Trojan-Downloader.Win32.Agent.dwvj 1
C:\_OTL\MovedFiles\10182010_144238\C_Documents and Settings\Owner\My Documents\Monopoly Here & Now\Monopoly.exe Infected: Trojan-GameThief.Win32.Magania.dvyw 1
C:\_OTL\MovedFiles\10182010_144238\E_\Monopoly Here & Now\Monopoly.exe Infected: Trojan-GameThief.Win32.Magania.dvyw 1

Selected area has been scanned.
  • 0

#14
azarl
Posted 21 October 2010 - 08:40 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
There's a few bits in the restore points we'll deal with later. The rest are files we've already dealt with

Before we move on to the next stage, how does your system seem now?
Are you still experiencing any problems?
  • 0

#15
azarl
Posted 21 October 2010 - 08:42 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
There's a few bits in the restore points we'll deal with later. The rest are files we've already dealt with

Before we move on to the next stage, how does your system seem now?
Are you still experiencing any problems?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP