Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

kanef


  • This topic is locked This topic is locked

#1
pam_m

pam_m

    Member

  • Member
  • PipPip
  • 19 posts
Hi there

I have been asked by a friend to have a look at her computer.

I know I am meant to do logs and everything but this computer I have been asked to have a look at will not do anything at all!!!

When I get to the log on screen I have had a VRTA.tmp - Application Error Come up. (The instruction at "0x73434932" referenced memory at "0x00000000". The memory could not be "read"

Then once I enter the password to log in I get:

cli.exe - Application Error.

and I get a kanef.exe error, then it blue screened on me!

I tried starting it in Safe mode and it told me I needed to do a system restore.

Can not open internet explorer to download anything, can not open system restore.

Can not add it using a usb as it wont work (and research says it will infect my usb stick)

I am stuck as to what I can do for this computer, your help would be hugely appreciated!

Thanks
Pam
  • 0

Advertisements


#2
mitch8

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Hello pam_m, and welcome to GeeksToGo! My name is Mitch8 and I will be helping you with your problem. Here are a few things I would like to point out:
  • Please post your logs, don't attach them unless stated.
  • Please read my posts carefully and if you have any questions ask.
  • Stay with this topic until I tell you that your system is clean. Malware can still be on your system even if you don't notice it.

Do you have a blank CD and another computer? If you do follow the instructions below.

Please print these instruction out so that you know what you are doing

OTLPENet.exe
MD5=085B26F68D95909649C2403323078FAF
127,227,083bytes / 121.3MB

  • Download OTLPENet.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :D

  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#3
pam_m

pam_m

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi thanks for you help, think I am going to have to give up on it for now as the keyboard and mouse on it are not working and I need to go and find one which probably won't work as the USB was having issues I think.

Anyway will let you know if we get anywhere, but thanks again
  • 0

#4
mitch8

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
OK, just reply back if you need help again.
  • 0

#5
pam_m

pam_m

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hello again

Is there a way I can fix it by putting the hard drive into an external hard drive case?
  • 0

#6
mitch8

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Does your keyboard not work in just windows or is it totally broken? To see if you keyboard will work outside of windows press and hold your "F8 Key" when you first turn on your computer. If this works it should bring up the Windows Advanced Options Menu.
  • 0

#7
pam_m

pam_m

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I am able to use enter and the F keys in the set up bios but no where else, need to enter password for windows to start up
  • 0

#8
pam_m

pam_m

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Ok I have it plugged into my lap top via external hardrive, the whole time it is in my Eset smart security suite has been picking up virus there are heaps of them!!

Now the Hardrive is showing up as G drive and H drive.....will the OTL haved scanned them??

Here is the OTL log files

OTL logfile created on: 19/01/2011 10:27:43 p.m. - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Chelle\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

956.00 Mb Total Physical Memory | 271.00 Mb Available Physical Memory | 28.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 1428 2856 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 73.59 Gb Free Space | 49.38% Space Free | Partition Type: NTFS
Drive F: | 971.63 Mb Total Space | 727.27 Mb Free Space | 74.85% Space Free | Partition Type: FAT
Drive G: | 25.74 Gb Total Space | 6.36 Gb Free Space | 24.69% Space Free | Partition Type: FAT32
Drive H: | 26.22 Gb Total Space | 24.23 Gb Free Space | 92.38% Space Free | Partition Type: FAT32

Computer Name: TIGER | User Name: Chelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/18 11:35:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chelle\My Documents\Downloads\OTL.exe
PRC - [2010/12/15 22:03:04 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/15 22:03:03 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/13 08:29:50 | 000,546,464 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
PRC - [2010/08/13 13:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/06/03 13:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/02/18 12:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/02/02 01:10:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/02 01:10:10 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/11/02 21:38:58 | 000,167,936 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2008/05/28 05:23:42 | 000,360,448 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe
PRC - [2008/05/08 10:11:58 | 004,787,712 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008/04/29 10:33:28 | 000,417,792 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2008/04/15 12:43:38 | 000,034,304 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2008/04/15 01:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 02:11:12 | 000,450,648 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2008/04/14 02:10:52 | 000,467,028 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2008/02/20 11:08:46 | 000,472,320 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2008/02/20 11:06:58 | 001,443,072 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2007/11/22 13:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe
PRC - [2007/10/08 13:02:46 | 000,262,144 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2007/10/08 13:02:46 | 000,032,768 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2007/04/14 14:16:16 | 000,311,296 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\DDWMon.exe
PRC - [2007/04/10 14:07:02 | 000,159,744 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2007/04/04 05:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/02/04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/03/16 18:58:00 | 000,974,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2005/01/17 21:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004/12/30 20:32:20 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe


========== Modules (SafeList) ==========

MOD - [2011/01/18 11:35:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chelle\My Documents\Downloads\OTL.exe
MOD - [2007/02/05 09:29:04 | 000,139,264 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpHookSE4.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/08/13 13:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/04/15 12:43:38 | 000,034,304 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2008/04/14 02:10:52 | 000,467,028 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2008/02/20 11:14:52 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2008/02/20 11:08:46 | 000,472,320 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2007/11/22 13:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005/01/17 21:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)


========== Driver Services (SafeList) ==========

DRV - [2008/11/02 21:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/05/22 21:53:58 | 000,154,624 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTS5121.sys -- (RSUSBSTOR)
DRV - [2008/05/21 17:48:46 | 006,018,464 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2008/04/15 01:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/09 23:01:16 | 004,703,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/08 18:45:42 | 001,309,504 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/02/20 11:11:14 | 000,054,280 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2008/02/20 11:11:12 | 000,030,728 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2008/02/20 11:11:08 | 000,071,176 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2008/02/20 11:02:22 | 000,029,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2008/02/20 11:01:30 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008/02/08 09:46:36 | 000,057,408 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2008/01/04 03:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/12/17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/12/06 22:41:42 | 000,220,032 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/11/01 05:26:36 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/11/01 05:25:32 | 000,211,456 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/11/01 05:25:22 | 000,731,520 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/04/05 04:56:48 | 000,005,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2007/03/27 08:22:18 | 000,105,856 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf)
DRV - [2007/02/23 11:10:30 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/02/20 08:15:32 | 000,134,016 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trudf.sys -- (trudf)
DRV - [2003/01/29 19:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1263678744-2206532455-627344432-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://beta.nzdating.com/
IE - HKU\S-1-5-21-1263678744-2206532455-627344432-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1263678744-2206532455-627344432-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}:0.6.7
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/15 22:03:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/15 22:03:11 | 000,000,000 | ---D | M]

[2009/01/14 09:27:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chelle\Application Data\Mozilla\Extensions
[2011/01/19 17:52:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\d2rtoj3o.default\extensions
[2010/10/08 22:51:13 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\d2rtoj3o.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010/08/08 13:48:05 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\d2rtoj3o.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/02/11 22:14:28 | 000,000,000 | ---D | M] (Ad blocker) -- C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\d2rtoj3o.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}
[2010/10/08 22:51:13 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\d2rtoj3o.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2010/07/29 10:31:17 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\d2rtoj3o.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2009/07/02 09:52:21 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\d2rtoj3o.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010/04/11 20:40:47 | 000,000,000 | ---D | M] ("Trademe Feedback Checker") -- C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\d2rtoj3o.default\extensions\[email protected]
[2011/01/14 10:32:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/26 15:12:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/05/13 12:31:51 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/04/12 18:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/09/15 12:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
[2010/07/13 05:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2009/04/20 22:16:40 | 000,000,740 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-1263678744-2206532455-627344432-1005..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-1263678744-2206532455-627344432-1005..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\Chelle\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1263678744-2206532455-627344432-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/...oader.5.1.4.cab (Bebo Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory....ap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Chelle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chelle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/17 11:58:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/12/22 00:43:06 | 000,000,061 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/04/06 19:11:32 | 000,000,050 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2005/12/22 00:43:06 | 000,000,061 | RHS- | M] () - H:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{064f01c0-2390-11e0-aa9d-00226959367f}\Shell\AutoRun\command - "" = G:\w9uxx92.exe
O33 - MountPoints2\{064f01c0-2390-11e0-aa9d-00226959367f}\Shell\open\Command - "" = G:\w9uxx92.exe
O33 - MountPoints2\{064f01c1-2390-11e0-aa9d-00226959367f}\Shell\AutoRun\command - "" = H:\w9uxx92.exe
O33 - MountPoints2\{064f01c1-2390-11e0-aa9d-00226959367f}\Shell\open\Command - "" = H:\w9uxx92.exe
O33 - MountPoints2\{5f8fc043-f015-11dd-aa42-00226959367f}\Shell\AutoRun\command - "" = Launch.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/18 11:43:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2008/07/17 15:45:03 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

========== Files - Modified Within 30 Days ==========

[2011/01/19 22:22:35 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\mrkt.sys
[2011/01/19 22:15:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/19 14:46:33 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/01/19 14:46:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/19 14:46:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/19 14:46:01 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/19 14:43:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/19 14:43:05 | 1002,434,560 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/18 11:51:00 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\OGADaily.job
[2011/01/15 20:35:47 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Chelle\My Documents\~$ndie Harris Omg.doc
[2011/01/14 12:52:24 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Chelle\My Documents\~$OCOLATE CAKE.doc
[2011/01/12 16:32:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/07 15:56:29 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\Chelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/22 10:22:46 | 000,005,752 | ---- | M] () -- C:\Documents and Settings\Chelle\.recently-used.xbel
[2010/12/21 14:49:29 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\Chelle\My Documents\Christmas 2010.xls

========== Files Created - No Company Name ==========

[2011/01/19 22:22:35 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\mrkt.sys
[2011/01/15 20:35:47 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Chelle\My Documents\~$ndie Harris Omg.doc
[2011/01/14 12:52:24 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Chelle\My Documents\~$OCOLATE CAKE.doc
[2010/12/22 10:22:46 | 000,005,752 | ---- | C] () -- C:\Documents and Settings\Chelle\.recently-used.xbel
[2010/08/22 12:00:03 | 000,150,192 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/04/20 23:02:59 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/03/09 18:00:41 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/11/05 12:05:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Chelle\Application Data\wklnhst.dat
[2009/07/31 14:58:42 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/03/02 14:37:26 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2009/02/01 22:09:25 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/02/01 22:09:18 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/02/01 22:09:17 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/02/01 22:09:17 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/02/01 22:09:09 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/01/16 21:51:14 | 000,050,176 | ---- | C] () -- C:\Documents and Settings\Chelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/16 15:09:32 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/01/14 16:51:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/14 06:19:58 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/01/14 06:19:58 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/01/14 06:19:58 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/01/14 06:19:58 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/01/14 06:19:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/01/14 06:19:56 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/01/14 06:18:11 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2009/01/14 06:18:11 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2009/01/14 06:18:11 | 000,009,484 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2009/01/14 06:18:11 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2009/01/14 06:07:03 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2009/01/14 06:06:20 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll
[2008/07/18 05:20:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/07/17 15:45:03 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2008/07/17 13:14:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2008/07/17 13:05:20 | 006,184,960 | ---- | C] () -- C:\WINDOWS\System32\RTS5121icon.dll
[2008/07/17 12:06:20 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2008/07/17 11:40:34 | 000,002,392 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/07/17 11:40:24 | 001,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll
[2008/07/17 04:47:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9DA44E6B

< End of report >

Extras:

OTL Extras logfile created on: 19/01/2011 10:27:43 p.m. - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Chelle\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

956.00 Mb Total Physical Memory | 271.00 Mb Available Physical Memory | 28.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 1428 2856 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 73.59 Gb Free Space | 49.38% Space Free | Partition Type: NTFS
Drive F: | 971.63 Mb Total Space | 727.27 Mb Free Space | 74.85% Space Free | Partition Type: FAT
Drive G: | 25.74 Gb Total Space | 6.36 Gb Free Space | 24.69% Space Free | Partition Type: FAT32
Drive H: | 26.22 Gb Total Space | 24.23 Gb Free Space | 92.38% Space Free | Partition Type: FAT32

Computer Name: TIGER | User Name: Chelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1263678744-2206532455-627344432-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{07F58BB0-50D4-4477-B491-A97B2AD059B6}" = TOSHIBA Hotkey Utility
"{10CE1EA2-12E9-11D3-825E-00C04F6843FE}" = Microsoft Office Sounds
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}" = Atheros Client Utility
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 20
"{26D3E377-1DCA-4043-9410-B4A9BACF1033}" = Nero 7 Ultra Edition
"{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{400830CA-F056-4BBE-80A3-9DF9CA4FB889}" = TOSHIBA Direct Disc Writer
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61B84435-7A82-4F5C-87EC-1071EC28D72D}" = TOSHIBA Utilities
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ADD0603-16EF-400D-9F9E-486432835002}" = OpenOffice.org 3.2
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6ECB944F-D027-4E8A-9906-70E77C005AD5}" = ESET Smart Security
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{81B3BEF9-5D97-4096-86E9-5B48A5BC32D0}" = Motorola Driver Installation 3.4.0
"{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}" = TOSHIBA Power Saver
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB4EDC19-3B5E-4838-80E7-92454323B0FE}" = Garmin VoiceStudio v2.10
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C02A6D5F-0FE1-46DE-B483-2BD33A226BCF}" = TOSHIBA TouchPad ON/Off Utility
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D10CB652-9332-4242-B7A9-2D61570144F7}" = USB 2.0 Card Reader
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 Evaluation
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E8F728D0-C3F0-42EB-BBC2-C4A38A577CB1}" = Motorola Phone Tools
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Auto Outlook Express Backup_is1" = Auto Outlook Express Backup v.2.0.2
"BFGC" = Big Fish Games Client
"BFG-Rainbow Web" = Rainbow Web
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Chopper_is1" = Chopper XP 2.3
"CNXT_MODEM_PCI_VEN_14F1&DEV_2C06&SUBSYS_14F10000" = Soft Modem with SmartCP
"Composer for Ringtone Pro V2.0_is1" = Composer for Ringtone Pro V2.0
"CSCLIB" = Canon Camera Support Core Library
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DPP" = Canon Utilities Digital Photo Professional 3.3
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.2.0
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InfraRecorder" = InfraRecorder
"InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool
"InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D WIA Driver
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.5.3 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nvu_is1" = Nvu 1.0PR
"OJOsoft Total Video Converter_is1" = OJOsoft Total Video Converter
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PowerISO" = PowerISO
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Recuva" = Recuva
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Vuze" = Vuze
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1263678744-2206532455-627344432-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 19/01/2011 2:01:16 a.m. | Computer Name = TIGER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5938

Error - 19/01/2011 2:01:18 a.m. | Computer Name = TIGER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 19/01/2011 2:01:18 a.m. | Computer Name = TIGER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7922

Error - 19/01/2011 2:01:18 a.m. | Computer Name = TIGER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7922

Error - 19/01/2011 2:01:20 a.m. | Computer Name = TIGER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 19/01/2011 2:01:20 a.m. | Computer Name = TIGER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9922

Error - 19/01/2011 2:01:20 a.m. | Computer Name = TIGER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9922

Error - 19/01/2011 2:42:21 a.m. | Computer Name = TIGER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 19/01/2011 2:42:21 a.m. | Computer Name = TIGER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2470813

Error - 19/01/2011 2:42:21 a.m. | Computer Name = TIGER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2470813

[ System Events ]
Error - 18/01/2011 8:36:36 p.m. | Computer Name = TIGER | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 18/01/2011 8:36:36 p.m. | Computer Name = TIGER | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 18/01/2011 8:36:36 p.m. | Computer Name = TIGER | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 18/01/2011 8:36:37 p.m. | Computer Name = TIGER | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 18/01/2011 8:36:37 p.m. | Computer Name = TIGER | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 18/01/2011 8:36:37 p.m. | Computer Name = TIGER | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 18/01/2011 8:36:38 p.m. | Computer Name = TIGER | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 18/01/2011 9:43:25 p.m. | Computer Name = TIGER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
atapi PCIIde

Error - 19/01/2011 12:49:51 a.m. | Computer Name = TIGER | Source = PlugPlayManager | ID = 12
Description = The device 'Generic- Multi-Card USB Device' (USBSTOR\Disk&Ven_Generic-&Prod_Multi-Card&Rev_1.00\00000)
disappeared from the system without first being prepared for removal.

Error - 19/01/2011 12:49:51 a.m. | Computer Name = TIGER | Source = PlugPlayManager | ID = 12
Description = The device 'Generic volume' (STORAGE\RemovableMedia\7&d7f206a&0&RM)
disappeared from the system without first being prepared for removal.


< End of report >
  • 0

#9
mitch8

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
OTL scans on the computer that it is currently running. So no, that OTL is no good if you scaned it on your clean computer.

Does your keyboard not work in just windows or is it totally broken? To see if you keyboard will work outside of windows press and hold your "F8 Key" when you first turn on your computer. If this works it should bring up the Windows Advanced Options Menu.
  • 0

#10
pam_m

pam_m

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
yes pressing f8 has opened the advanced options menu

right I got it to open with it las goodconfig here is the OTL log

OTL logfile created on: 12/22/2005 8:43:34 PM - Run
OTLPE by OldTimer - Version 3.1.44.0 Folder = E:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 194.00 Mb Available Physical Memory | 43.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25.74 Gb Total Space | 6.36 Gb Free Space | 24.71% Space Free | Partition Type: FAT32
Drive D: | 26.22 Gb Total Space | 24.23 Gb Free Space | 92.38% Space Free | Partition Type: FAT32
Drive E: | 436.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LILLY | User Name: meh
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - File not found [Auto] -- -- (LiveUpdate Notice Ex)
SRV - File not found [Auto] -- -- (CLTNetCnService)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2008/08/29 10:00:30 | 000,033,752 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper) getPlus®
SRV - [2008/01/29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2006/09/03 12:36:34 | 002,528,960 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate)
SRV - [2006/09/03 12:36:34 | 000,198,336 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/03/29 20:53:34 | 000,028,672 | ---- | M] (Acer Inc.) [Auto] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2006/01/09 13:56:04 | 000,057,344 | ---- | M] () [Auto] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System] -- -- (zaetqvposi3)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (pnicml)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2006/12/14 09:37:40 | 000,072,672 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2006/05/29 08:26:38 | 000,127,488 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006/05/29 08:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006/05/29 08:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006/05/29 08:26:36 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2006/04/14 15:27:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2006/04/14 15:27:44 | 000,069,632 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2006/04/14 15:27:44 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2006/04/06 19:10:42 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2006/03/21 23:56:24 | 001,522,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/02/16 18:51:36 | 004,156,416 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/01/25 10:44:52 | 000,488,448 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005/12/13 08:08:44 | 001,124,097 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/11/10 08:46:00 | 000,243,328 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/09/20 10:30:56 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/01/07 17:07:18 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/12/22 01:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/12/17 16:14:44 | 000,013,952 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2004/12/08 14:10:00 | 000,016,896 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2004/08/09 23:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/08/09 23:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004/08/04 05:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/04 05:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql1280.sys -- (ql1280)
DRV - [2004/08/04 05:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql12160.sys -- (ql12160)
DRV - [2004/08/04 05:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql1080.sys -- (ql1080)
DRV - [2004/08/04 05:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ultra.sys -- (ultra)
DRV - [2004/08/04 05:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2004/08/04 05:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2004/08/04 05:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi)
DRV - [2004/08/04 05:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\asc.sys -- (asc)
DRV - [2004/08/04 05:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sparrow.sys -- (Sparrow)
DRV - [2004/08/04 05:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mraid35x.sys -- (mraid35x)
DRV - [2004/08/04 05:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810)
DRV - [2004/08/04 05:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\asc3550.sys -- (asc3550)
DRV - [2004/08/04 05:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\cmdide.sys -- (CmdIde)
DRV - [2004/08/04 05:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde)
DRV - [2004/08/03 23:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\AMDAGP.SYS -- (amdagp)
DRV - [2004/08/03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SISAGP.SYS -- (sisagp)
DRV - [2004/07/20 02:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003/12/02 03:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:9090


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-551623571-147481271-2260666685-1008\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-551623571-147481271-2260666685-1008\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com
IE - HKU\S-1-5-21-551623571-147481271-2260666685-1008\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-551623571-147481271-2260666685-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



Hosts file not found
O2 - BHO: (351631 Class) - {6A26574A-DD6D-4382-8C76-0DF06C478D3A} - File not found
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (890166 Class) - {A48FE9AC-DD02-4FF7-9211-B7BA9A2C8BF2} - File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (367770 Class) - {CAD68085-8805-4FD3-AA1E-2E282ED7E7A2} - File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [8738A5] File not found
O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe ()
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [ImageItEncrypt] C:\WINDOWS\system32\ImageItEncrypt.exe ()
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [Microsoft Agent] File not found
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Regedit32] File not found
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [syncman] File not found
O4 - HKLM..\Run: [ysolss] File not found
O4 - HKU\.DEFAULT..\Run: [syncman] File not found
O4 - HKU\S-1-5-21-551623571-147481271-2260666685-1008..\Run: [cdoosoft] File not found
O4 - HKU\S-1-5-21-551623571-147481271-2260666685-1008..\Run: [kanef] File not found
O4 - HKU\S-1-5-21-551623571-147481271-2260666685-1008..\Run: [PcSync] File not found
O4 - HKU\S-1-5-21-551623571-147481271-2260666685-1008..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-551623571-147481271-2260666685-1008..\Run: [syncman] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\My Documents.exe ()
O4 - Startup: C:\Documents and Settings\meh\Start Menu\Programs\Startup\8738A5.lnk = File not found
O4 - Startup: C:\Documents and Settings\meh\Start Menu\Programs\Startup\WinUpdate.lnk = C:\Documents and Settings\meh\Application Data\Adobe\dlldrvdll21\msftstp.exe ()
O4 - Startup: C:\Documents and Settings\Guest\Start Menu\Programs\Startup\8738A5.lnk = File not found
O4 - Startup: C:\Documents and Settings\Guest\Start Menu\Programs\Startup\ReadMe.com ()
F3 - HKU\.DEFAULT WinNT: Load - (C:\WINDOWS\fonts\services.exe) - File not found
F3 - HKU\.DEFAULT WinNT: Run - (C:\WINDOWS\fonts\services.exe) - File not found
F3 - HKU\S-1-5-21-551623571-147481271-2260666685-1008 WinNT: Load - (C:\WINDOWS\fonts\services.exe) - File not found
F3 - HKU\S-1-5-21-551623571-147481271-2260666685-1008 WinNT: Run - (C:\WINDOWS\fonts\services.exe) - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 05dmc = C:\DOCUME~1\meh\LOCALS~1\Temp\kyw41f.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: exec = C:\WINDOWS\fonts\services.exe
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 1
O7 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1
O7 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\WINDOWS/system32/SVCH0ST.EXE) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\meh\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\meh\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/06 19:11:32 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2006/03/25 00:06:41 | 000,000,053 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{1ac36516-93f6-11db-9838-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{1ac36516-93f6-11db-9838-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1ac36516-93f6-11db-9838-806d6172696f}\Shell\AutoRun\command - "" = E:\reatogoMenu.exe -- [2005/07/17 10:36:50 | 000,240,128 | R--- | M] ()
O33 - MountPoints2\{23f33b62-72c0-11da-b089-0016366fe07f}\Shell\AutoRun\command - "" = F:\w9uxx92.exe
O33 - MountPoints2\{23f33b62-72c0-11da-b089-0016366fe07f}\Shell\open\Command - "" = F:\w9uxx92.exe
O33 - MountPoints2\{2a12eb3e-3844-11df-b037-0016366fe07f}\Shell - "" = AutoRun
O33 - MountPoints2\{2a12eb3e-3844-11df-b037-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{2a12eb3e-3844-11df-b037-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{2a12eb3e-3844-11df-b037-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2bf01712-1d35-11df-b010-0016366fe07f}\Shell - "" = AutoRun
O33 - MountPoints2\{2bf01712-1d35-11df-b010-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{2bf01712-1d35-11df-b010-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{2bf01712-1d35-11df-b010-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2ff5912c-2111-11df-b011-0016366fe07f}\Shell - "" = AutoRun
O33 - MountPoints2\{2ff5912c-2111-11df-b011-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{2ff5912c-2111-11df-b011-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{2ff5912c-2111-11df-b011-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7ffa7cba-5676-11df-b071-0016366fe07f}\Shell - "" = AutoRun
O33 - MountPoints2\{7ffa7cba-5676-11df-b071-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{7ffa7cba-5676-11df-b071-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{7ffa7cba-5676-11df-b071-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{809a9bb8-36f6-11df-b035-0016366fe07f}\Shell - "" = AutoRun
O33 - MountPoints2\{809a9bb8-36f6-11df-b035-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{82028094-17a0-11df-b00a-0016366fe07f}\Shell - "" = AutoRun
O33 - MountPoints2\{82028094-17a0-11df-b00a-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{82028094-17a0-11df-b00a-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{82028094-17a0-11df-b00a-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bb97d91a-d661-11de-afdf-0016366fe07f}\Shell - "" = AutoRun
O33 - MountPoints2\{bb97d91a-d661-11de-afdf-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{bb97d91a-d661-11de-afdf-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{bb97d91a-d661-11de-afdf-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cb75ef2c-3f64-11df-b03f-0016366fe07f}\Shell\AutoRun\command - "" = F:\Recycled.exe
O33 - MountPoints2\{f8ca9f46-4b61-11df-b04e-0016366fe07f}\Shell - "" = AutoRun
O33 - MountPoints2\{f8ca9f46-4b61-11df-b04e-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{f8ca9f46-4b61-11df-b04e-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
O33 - MountPoints2\{f8ca9f46-4b61-11df-b04e-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\C\Shell\AutoRun\command - "" = C:\w9uxx92.exe
O33 - MountPoints2\C\Shell\open\Command - "" = C:\w9uxx92.exe
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\w9uxx92.exe
O33 - MountPoints2\D\Shell\open\Command - "" = D:\w9uxx92.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\1\Command - "" = F:\Recycled.exe
O33 - MountPoints2\F\Shell\2\Command - "" = F:\Recycled.exe
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\1\Command - "" = G:\Recycled.exe
O33 - MountPoints2\G\Shell\2\Command - "" = G:\Recycled.exe
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk /p \??\F:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/05/19 17:42:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Favorites
[2010/05/19 17:33:22 | 000,000,000 | -HSD | C] -- C:\FOUND.003
[2010/05/19 13:25:30 | 000,000,000 | -HSD | C] -- C:\FOUND.002
[2010/05/18 19:11:12 | 000,000,000 | -HSD | C] -- C:\FOUND.001
[2010/05/18 15:26:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/05/12 02:11:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/05/11 21:30:28 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\meh\IECompatCache
[2010/05/08 19:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\My Documents\Avatar (2009) PROPER DVDSCR XviD-MAXSPEED
[2010/05/03 17:31:52 | 000,000,000 | -HSD | C] -- C:\FOUND.000
[2010/04/21 19:32:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\Media Player Classic
[2010/04/18 18:37:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\meh\My Documents\My Videos
[2010/02/27 16:54:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\meh\Start Menu\Programs\Administrative Tools
[2010/02/27 16:50:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\meh\My Documents\My Music
[2010/02/27 16:36:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\meh\Desktop\My Pictures
[2010/02/27 13:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\Adobe
[2010/02/27 13:55:56 | 000,013,312 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcj.sys
[2010/02/27 13:55:55 | 000,013,312 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcm.sys
[2010/02/27 13:55:55 | 000,008,704 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdc.sys
[2010/02/27 13:55:54 | 000,127,488 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcd.sys
[2010/02/27 13:55:54 | 000,030,720 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010/02/27 13:55:54 | 000,004,608 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdlog.dll
[2010/02/27 11:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\Identities
[2010/02/26 21:33:46 | 000,246,784 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\ActiveSkin.ocx
[2010/02/20 16:22:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/01/14 14:35:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\Nokia Multimedia Player
[2010/01/14 14:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\.SimpleCenter
[2010/01/14 14:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\Nokia
[2010/01/14 08:35:33 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\meh\PrivacIE
[2010/01/13 14:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\i4j_jres
[2010/01/13 14:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\SimpleCenter
[2010/01/13 14:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/01/13 14:06:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\PC Suite
[2010/01/13 14:06:33 | 000,050,688 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll
[2010/01/13 14:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2010/01/13 14:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010/01/12 18:07:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\WMTools Downloaded Files
[2009/12/15 17:10:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\Powercinema
[2009/12/15 16:44:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\C59472
[2009/12/15 16:44:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\C56C59
[2009/12/15 16:43:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\E8738A
[2009/12/15 16:43:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\00FAD6
[2009/11/30 11:30:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\meh\IETldCache
[2009/11/29 19:37:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/11/29 19:35:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/11/29 19:35:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/11/28 06:33:35 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2009/11/28 05:37:27 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2009/11/28 05:37:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2009/11/24 14:19:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\Apple
[2009/11/24 14:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\Macromedia
[2009/11/21 20:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\Google
[2009/11/21 20:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\Google
[2009/11/21 18:28:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\Leadertech
[2009/11/21 18:28:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\Adobe
[2009/11/21 17:21:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\CyberLink
[2009/11/21 16:54:43 | 000,000,000 | --SD | C] -- C:\Documents and Settings\meh\Application Data\Microsoft
[2009/11/21 16:54:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\meh\SendTo
[2009/11/21 16:54:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\meh\Application Data
[2009/11/21 16:54:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\meh\Start Menu\Programs\Startup
[2009/11/21 16:54:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\meh\Start Menu
[2009/11/21 16:54:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\meh\My Documents
[2009/11/21 16:54:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\meh\Favorites
[2009/11/21 16:54:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\meh\Start Menu\Programs\Accessories
[2009/11/21 16:54:43 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\meh\Cookies
[2009/11/21 16:54:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\meh\Templates
[2009/11/21 16:54:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\meh\PrintHood
[2009/11/21 16:54:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\meh\NetHood
[2009/11/21 16:54:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\meh\Local Settings
[2009/11/21 16:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\Microsoft Help
[2009/11/21 16:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\Microsoft
[2009/11/21 16:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\Identities
[2009/11/21 16:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Desktop
[2009/11/21 16:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\ATI
[2009/11/21 16:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\ATI
[2009/11/21 16:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\ApplicationHistory
[2009/11/21 16:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\Apple Computer
[2009/11/21 16:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Application Data\Apple Computer
[2009/11/21 16:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\Local Settings\Application Data\Acer Arcade
[2009/10/21 03:58:48 | 000,263,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2009/10/01 09:12:17 | 000,345,600 | R--- | C] (Apple Computer, Inc.) -- C:\WINDOWS\System\QTIM32.DLL
[2009/09/28 14:26:57 | 000,000,000 | ---D | C] -- C:\101plg
[2009/08/21 10:57:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/08/17 23:33:52 | 001,193,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\FM20.DLL
[2009/04/29 17:12:44 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/04/29 17:12:44 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/04/29 17:12:43 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/04/29 17:12:43 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/04/29 17:12:42 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/04/29 17:12:42 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/04/29 17:12:41 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/04/29 17:12:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/04/26 18:09:20 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/04/26 18:09:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/04/26 18:09:19 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/04/26 18:09:19 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/04/26 18:09:19 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/04/26 18:09:18 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/04/26 18:09:17 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/04/26 18:09:16 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/04/26 18:09:16 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/04/26 18:09:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/04/26 18:09:15 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/04/26 18:09:14 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/04/26 18:09:14 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/04/26 18:09:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/04/26 18:09:13 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/04/26 18:09:13 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/04/26 18:09:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/04/26 18:09:11 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/04/26 18:09:09 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/04/26 18:09:05 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/04/26 18:09:03 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/04/26 18:09:03 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/04/26 18:09:00 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/04/17 12:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Digitalmax PhotoStyler
[2009/04/09 16:06:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/04/09 16:00:32 | 000,090,112 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2009/03/08 14:22:30 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll.mui
[2009/03/08 14:21:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe.mui
[2009/03/08 14:20:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll.mui
[2009/03/08 04:34:48 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[2009/03/08 04:32:52 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2009/03/08 04:32:26 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2009/03/08 04:31:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2009/03/08 04:31:52 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2009/03/08 04:22:46 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2009/03/08 04:11:12 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
[2009/02/26 17:57:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Reader Rabbit Creative Studio
[2009/02/06 21:07:58 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dat
[2009/01/07 18:20:54 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqmapi.dll
[2009/01/07 18:20:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nlsdl.dll
[2009/01/07 18:20:36 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\idndl.dll
[2009/01/07 18:20:18 | 000,265,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdbg2.dll
[2008/12/10 14:31:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\351631
[2008/11/17 17:26:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\367770
[2008/11/05 13:50:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\890166
[2008/11/05 13:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\tinyproxy
[2008/10/22 07:53:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2008/09/21 11:25:07 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll
[2008/09/21 11:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2008/09/21 11:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2008/09/21 11:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2008/09/21 11:01:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2008/09/21 10:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2008/09/21 10:54:27 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2008/09/16 17:58:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2008/09/16 16:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2008/09/09 08:28:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\O12FGH67KLAN0D23
[2008/08/28 10:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008/07/09 10:48:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2008/06/29 08:07:56 | 000,394,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VBRUN300.DLL
[2008/06/29 08:05:45 | 000,000,000 | ---D | C] -- C:\101aasg
[2008/06/22 17:21:26 | 000,000,000 | ---D | C] -- C:\Program Files\Eureka
[2008/06/19 14:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2008/06/19 14:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2008/06/19 13:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2008/06/15 11:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\Red Orb
[2008/06/11 08:05:24 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2008/06/05 10:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008/06/04 16:55:01 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2008/06/04 16:54:59 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2008/06/01 12:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Toolbar
[2008/06/01 12:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Favorites
[2008/06/01 12:19:05 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\WindowsLiveInstaller
[2008/06/01 12:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2008/05/31 09:53:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2008/05/31 09:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Enlight
[2008/05/13 18:29:34 | 000,069,632 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfgif13n.dll
[2008/05/13 18:29:31 | 000,206,336 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltefx13n.dll
[2008/05/13 18:29:30 | 000,462,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn13n.dll
[2008/05/13 18:29:30 | 000,450,560 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltimg13n.dll
[2008/05/13 18:29:30 | 000,401,408 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfcmp13n.dll
[2008/05/13 18:29:30 | 000,299,008 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltdis13n.dll
[2008/05/13 18:29:30 | 000,163,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil13n.dll
[2008/05/13 18:29:30 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp13n.dll
[2008/04/13 13:58:51 | 000,000,000 | ---D | C] -- C:\Program Files\Garfield
[2008/03/27 10:45:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/03/07 10:45:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2008/03/07 10:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2008/03/07 10:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2008/03/07 10:43:22 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2008/03/07 10:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2008/03/07 09:52:12 | 000,140,288 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM78.DLL
[2008/03/07 08:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2008/03/06 19:42:51 | 000,000,000 | ---D | C] -- C:\UbiSoft
[2008/03/06 19:42:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\UbiSoft
[2008/03/05 20:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2008/03/05 18:31:15 | 000,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2008/03/05 18:31:15 | 000,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2008/01/31 23:13:18 | 000,090,112 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2008/01/31 23:13:18 | 000,057,344 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2007/12/27 15:52:38 | 000,013,568 | ---- | C] (iRiver, Inc.) -- C:\WINDOWS\System32\drivers\D30.SYS
[2007/11/05 18:20:49 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2007/11/05 15:54:35 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2007/11/05 15:54:35 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2007/11/05 15:54:34 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2007/11/05 15:54:34 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2007/11/05 15:54:34 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2007/11/05 15:54:33 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2007/11/05 15:54:33 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2007/11/05 15:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2007/11/05 15:44:15 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2007/09/18 17:53:28 | 000,013,568 | ---- | C] (iRiver, Inc.) -- C:\WINDOWS\System32\drivers\D27.SYS
[2007/08/28 14:10:43 | 000,139,264 | ---- | C] (Lexar Media, Inc.) -- C:\WINDOWS\System32\LxrSII1.dll
[2007/07/03 17:50:32 | 000,000,000 | ---D | C] -- C:\internet
[2007/07/03 09:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\Nodtronics
[2007/07/02 19:37:35 | 000,298,496 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2007/07/02 18:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mindscape
[2007/07/02 16:42:58 | 000,000,000 | ---D | C] -- C:\Team17
[2007/07/02 10:48:21 | 000,000,000 | ---D | C] -- C:\hegames
[2007/07/02 07:02:54 | 000,000,000 | ---D | C] -- C:\Program Files\THQ
[2007/06/29 19:00:59 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2007/06/21 17:55:28 | 000,000,000 | ---D | C] -- C:\101kbg
[2007/06/21 17:17:00 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2007/06/21 17:17:00 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2007/06/21 17:16:59 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2007/06/21 17:16:59 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2007/06/21 17:16:58 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2007/06/21 17:16:48 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2007/06/21 17:16:47 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2007/06/21 17:16:47 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2007/06/21 17:16:47 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2007/06/21 17:16:46 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2007/06/21 17:16:46 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2007/06/21 17:16:45 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2007/06/21 17:16:45 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2007/06/21 17:16:45 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2007/06/21 17:16:43 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2007/06/21 15:39:55 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2007/06/19 19:02:10 | 000,188,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGDE.DLL
[2007/06/19 19:02:10 | 000,006,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGDIB.DRV
[2007/06/19 19:02:10 | 000,005,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGPAL.WND
[2007/06/19 19:02:09 | 000,092,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WING.DLL
[2007/06/19 19:02:09 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WING32.DLL
[2007/06/19 18:16:05 | 000,274,432 | ---- | C] (Riverdeep Interactive Learning Limited) -- C:\WINDOWS\TLCUninstall.exe
[2007/06/18 15:11:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\BBSTORE
[2007/06/18 15:10:54 | 000,000,000 | ---D | C] -- C:\Program Files\The Learning Company
[2007/06/18 13:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Knowledge Adventure
[2007/06/17 16:43:56 | 000,000,000 | ---D | C] -- C:\Program Files\Zero G Registry
[2007/06/17 16:43:56 | 000,000,000 | ---D | C] -- C:\Program Files\THQ(2)
[2007/06/11 17:46:28 | 000,015,240 | ---- | C] (iRiver, Inc.) -- C:\WINDOWS\System32\drivers\D5.sys
[2007/05/21 22:19:58 | 000,053,248 | ---- | C] (Dream To Reality Co., Ltd.) -- C:\WINDOWS\System32\csd_iriver_lib.dll
[2007/02/28 22:55:14 | 002,185,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2007/02/28 22:53:04 | 002,142,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2007/02/28 22:15:59 | 002,020,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2007/02/28 22:15:56 | 002,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2007/02/04 17:00:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2007/02/04 16:57:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2007/01/22 12:07:18 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2007/01/21 21:10:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2007/01/21 21:09:59 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2007/01/21 21:09:58 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2007/01/21 19:49:56 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2007/01/20 20:13:21 | 000,000,000 | -HSD | C] -- C:\Recycled
[2007/01/16 21:01:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2007/01/16 21:00:29 | 000,000,000 | ---D | C] -- C:\Program Files\iriver
[2007/01/15 16:37:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2007/01/03 22:29:00 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2007/01/03 22:28:53 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2007/01/03 22:28:47 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2007/01/03 22:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Start Menu
[2007/01/03 22:15:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2007/01/03 22:15:07 | 000,360,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\mp3fhg.acm
[2007/01/03 22:15:07 | 000,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2007/01/03 22:15:06 | 000,630,784 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll
[2007/01/03 22:15:06 | 000,446,464 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp31vfw.dll
[2007/01/03 22:15:06 | 000,438,272 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2007/01/03 22:15:05 | 001,024,000 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivx.dll
[2007/01/03 22:15:05 | 000,286,720 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxVfWCodec.dll
[2007/01/03 22:15:04 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMV9VCM.dll
[2007/01/03 22:15:04 | 000,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssldivx.dll
[2007/01/03 22:15:02 | 001,044,480 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libdivx.dll
[2007/01/03 22:15:02 | 000,593,920 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI11.dll
[2007/01/03 22:15:02 | 000,339,968 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpus11.dll
[2007/01/03 22:15:02 | 000,294,912 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpu11.dll
[2007/01/03 22:15:02 | 000,200,704 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dtu100.dll
[2007/01/03 22:15:02 | 000,086,016 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpl100.dll
[2007/01/03 22:15:02 | 000,057,344 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpv11.dll
[2007/01/03 22:15:01 | 000,574,976 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2007/01/03 22:14:56 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2007/01/03 22:14:55 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll
[2007/01/03 22:14:54 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2006/12/25 22:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\Launch Manager
[2006/12/25 22:13:23 | 000,147,456 | ---- | C] (Dritek System Inc.) -- C:\WINDOWS\UNINST32.EXE
[2006/12/25 22:13:23 | 000,049,152 | ---- | C] (Dritek System Inc.) -- C:\WINDOWS\System32\QtBtLib.dll
[2006/12/25 22:13:22 | 000,016,896 | ---- | C] (Dritek System Inc.) -- C:\WINDOWS\System32\drivers\DKbFltr.SYS
[2006/12/25 22:13:22 | 000,005,120 | ---- | C] (Dritek System Inc.) -- C:\WINDOWS\System32\FILTRCOI.DLL
[2006/12/25 22:12:53 | 000,935,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ERUpdateHidden.EXE
[2006/12/25 22:12:53 | 000,258,048 | ---- | C] (Acer Inc.) -- C:\WINDOWS\System32\Uninstall_eRecovery.exe
[2006/12/25 22:12:53 | 000,258,048 | ---- | C] (Acer Inc.) -- C:\WINDOWS\System32\CheckD2DSystem.exe
[2006/12/25 22:12:53 | 000,159,744 | ---- | C] (acer inc.) -- C:\WINDOWS\System32\CloseProcessWindow.dll
[2006/12/25 22:12:53 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2006/12/25 22:11:30 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acpimof.dll
[2006/12/25 22:11:30 | 000,045,056 | ---- | C] (Acer Labs USA) -- C:\WINDOWS\System32\Epm-Po.dll
[2006/12/25 22:10:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Acer
[2006/12/25 22:09:03 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2006/11/25 01:14:26 | 000,048,640 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\B10USBDMB.sys
[2006/10/26 14:10:06 | 000,033,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\FM20ENU.DLL
[2006/10/26 13:45:04 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WISPTIS.EXE
[2006/10/26 13:45:04 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\INKED.DLL
[2006/10/03 19:47:52 | 000,109,360 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2006/09/12 08:36:25 | 005,010,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\KB912945.EXE
[2006/09/12 08:36:25 | 000,180,224 | ---- | C] (Acer Inc.) -- C:\WINDOWS\ADDITEM.EXE
[2006/07/24 10:50:40 | 000,047,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VBAME.DLL
[2006/07/24 10:50:40 | 000,039,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SCP32.DLL
[2006/07/24 10:50:38 | 000,125,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2006/06/02 07:47:07 | 000,163,840 | ---- | C] (America Online) -- C:\WINDOWS\System32\dllcache\jgdw400.dll
[2006/06/02 07:47:07 | 000,027,648 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\dllcache\jgpl400.dll
[2006/05/05 22:41:45 | 000,453,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2006/04/12 20:52:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2006/04/06 19:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2006/04/06 19:47:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2006/04/06 19:46:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2006/04/06 19:18:06 | 000,000,000 | ---D | C] -- C:\Acer
[2006/04/06 19:17:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2006/04/06 19:14:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2006/04/06 19:11:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2006/04/06 19:10:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\NewTech Infosystems
[2006/04/06 19:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\NewTech Infosystems
[2006/04/06 19:10:42 | 000,006,144 | ---- | C] (NewTech Infosystems, Inc.) -- C:\WINDOWS\System32\drivers\NTIDrvr.sys
[2006/04/06 19:06:20 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2006/04/06 19:06:12 | 000,000,000 | ---D | C] -- C:\Program Files\Acer
[2006/04/06 19:05:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2006/04/06 19:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2006/04/06 19:05:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Adobe
[2006/04/06 19:04:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\tiinst
[2006/04/06 19:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Acer Inc
[2006/04/06 19:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2006/04/06 19:01:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2006/04/06 19:00:14 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2006/04/06 18:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2006/04/06 18:54:16 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2006/04/06 18:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2006/04/06 18:54:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2006/04/06 18:53:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2006/04/06 18:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2006/04/06 18:53:38 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2006/04/06 18:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2006/04/06 18:53:12 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2006/04/06 18:51:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2006/04/06 18:51:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2006/04/06 18:51:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2006/04/06 18:51:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\NetworkService\Local Settings
[2006/04/06 18:51:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Local Settings
[2006/04/06 18:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2006/04/06 18:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2006/04/06 18:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data
[2006/04/06 18:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data
[2006/04/06 18:47:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2006/04/06 18:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2006/04/06 18:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2006/04/06 18:46:14 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2006/04/06 18:46:14 | 000,000,000 | ---D | C] -- C:\Program Files
[2006/04/06 18:46:12 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2006/04/06 18:46:12 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2006/04/06 18:46:02 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2006/04/06 18:45:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2006/04/06 18:45:48 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2006/04/06 18:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2006/04/06 18:45:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2006/04/06 18:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2006/04/06 18:45:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2006/04/06 18:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2006/04/06 18:45:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2006/04/06 18:45:42 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2006/04/06 18:45:42 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2006/04/06 18:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2006/04/06 18:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2006/04/06 18:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2006/04/06 18:45:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2006/04/06 18:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2006/04/06 18:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2006/04/06 18:44:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\FxsTmp
[2006/04/06 18:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2006/04/06 18:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2006/04/06 18:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2006/04/06 18:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2006/04/06 18:44:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2006/04/06 18:44:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2006/04/06 18:42:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2006/04/06 18:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2006/04/06 18:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2006/04/06 18:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2006/04/06 18:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2006/04/06 18:41:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\Cookies
[2006/04/06 18:41:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\LocalService\Cookies
[2006/04/06 18:41:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2006/04/06 18:41:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2006/04/06 18:41:34 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006/04/06 18:41:34 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/04/06 18:41:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2006/04/06 18:40:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Modem
[2006/04/06 18:40:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Lan
[2006/04/06 18:40:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\CCD
[2006/04/06 18:40:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\802BGB
[2006/04/06 18:40:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\chipset
[2006/04/06 18:40:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ATIV
[2006/04/06 18:40:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\802BG
[2006/04/06 18:37:18 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2006/04/06 18:37:18 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2006/04/06 18:37:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2006/04/06 18:37:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2006/03/31 18:19:42 | 000,014,544 | ---- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\TVicPort.sys
[2006/03/31 18:19:42 | 000,008,704 | ---- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\TVicPort64.sys
[2006/03/31 18:19:42 | 000,006,144 | ---- | C] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport64.sys
[2006/03/31 18:19:42 | 000,006,080 | ---- | C] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport.sys
[2006/03/24 17:47:08 | 000,602,112 | ---- | C] (acer inc.) -- C:\WINDOWS\System32\Acer.Empowering.Windows.Forms.dll
[2006/03/21 23:56:44 | 000,257,536 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2006/03/21 23:56:24 | 001,522,688 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2006/03/21 23:50:50 | 000,114,688 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2006/03/21 23:50:30 | 000,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2006/03/21 23:50:24 | 000,041,984 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2006/03/21 23:50:12 | 000,061,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll
[2006/03/21 23:48:20 | 000,053,248 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL
[2006/03/21 23:42:24 | 000,307,200 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2006/03/21 23:40:12 | 002,662,688 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2006/03/21 23:33:42 | 001,130,752 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2006/03/21 23:33:04 | 006,684,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglx1.dll
[2006/03/21 23:24:30 | 005,025,792 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglxx.dll
[2006/03/21 23:18:36 | 000,151,552 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll
[2006/03/21 23:17:54 | 000,017,408 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll
[2006/03/21 23:17:10 | 000,040,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll
[2006/03/21 23:12:24 | 000,258,048 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2006/03/21 22:38:46 | 000,286,720 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2006/03/17 13:38:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2006/03/16 13:56:22 | 000,524,288 | ---- | C] (Acer Inc.) -- C:\WINDOWS\Alaunch.exe
[2006/02/23 23:36:54 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4r.dll
[2006/02/23 23:36:54 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2006/02/22 11:20:14 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2006/02/22 11:19:36 | 000,069,632 | ---- | C] (Acer Inc.) -- C:\WINDOWS\System32\eRecUtil.dll
[2006/02/21 10:40:08 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2006/02/21 10:40:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2006/02/21 10:40:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2006/02/21 10:40:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2006/02/21 10:40:08 | 000,000,000 | ---D | C] -- C:\i386
[2006/02/21 10:40:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2006/02/21 10:40:04 | 000,000,000 | ---D | C] -- C:\Sysinfo
[2006/02/21 10:40:04 | 000,000,000 | ---D | C] -- C:\Book
[2006/02/16 18:51:36 | 004,156,416 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.Sys
[2006/02/14 16:19:18 | 000,086,016 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2006/02/14 16:17:26 | 002,809,856 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2006/02/14 16:16:12 | 009,711,616 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2006/02/07 17:29:48 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2006/01/31 18:59:04 | 005,937,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2006/01/25 10:44:52 | 000,488,448 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\ar5211.sys
[2006/01/19 18:19:06 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[2006/01/10 13:58:40 | 000,266,240 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.Cpl
[2006/01/09 14:32:34 | 002,158,592 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2006/01/09 11:08:42 | 001,506,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2006/01/09 11:08:42 | 001,206,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2006/01/09 11:08:42 | 000,914,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2006/01/09 11:08:42 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2006/01/09 11:08:40 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2006/01/09 11:08:40 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2006/01/09 11:08:40 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2006/01/09 11:08:40 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2006/01/09 11:08:40 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2006/01/09 11:08:40 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[2006/01/09 11:08:40 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2006/01/09 11:08:38 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\danim.dll
[2006/01/09 11:08:38 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\danim.dll
[2006/01/09 11:08:38 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2006/01/09 11:08:38 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[2006/01/09 11:08:38 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2006/01/09 11:08:38 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2006/01/09 11:08:38 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2006/01/09 11:08:38 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdfview.dll
[2006/01/09 11:08:38 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll
[2006/01/09 11:08:38 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[2006/01/09 11:08:38 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll
[2006/01/07 15:41:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2006/01/07 15:36:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lmmib2.dll
[2006/01/06 17:35:24 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2006/01/05 14:31:42 | 000,253,952 | ---- | C] (Acer Inc.) -- C:\WINDOWS\AArrange.exe
[2006/01/01 03:27:19 | 000,092,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WING.DLL
[2006/01/01 03:27:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WING32.DLL
[2005/12/23 02:21:38 | 000,000,000 | -HSD | C] -- C:\FOUND.005
[2005/12/23 00:46:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\meh\Recent
[2005/12/23 00:44:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\My Documents\VirtualDJ
[2005/12/22 20:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\meh\My Documents\ccsetup219
[2005/12/22 02:09:26 | 000,000,000 | -HSD | C] -- C:\FOUND.004
[2005/12/13 08:08:44 | 001,124,097 | ---- | C] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/08 18:45:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/05/05 21:20:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/05/04 15:27:12 | 000,026,279 | ---- | M] () -- C:\Documents and Settings\meh\My Documents\Skip APRIL.docx
[2010/02/28 13:32:12 | 000,000,285 | ---- | M] () -- C:\WINDOWS\shrek2tm.ini
[2010/02/20 16:38:12 | 000,382,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/20 16:38:12 | 000,053,838 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/11 02:13:02 | 000,946,338 | ---- | M] () -- C:\Documents and Settings\meh\Desktop\Justin_Bieber_One_Time.mp3
[2010/01/15 17:45:04 | 000,000,855 | ---- | M] () -- C:\Documents and Settings\meh\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2009/12/17 01:58:04 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/12/17 01:58:04 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/12/15 16:52:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/12/15 16:52:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/12/15 15:32:10 | 000,000,025 | ---- | M] () -- C:\WINDOWS\Pharaoh's Pitfalls.ini
[2009/11/30 11:30:42 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\meh\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2009/11/28 06:33:36 | 001,291,264 | ---- | M] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2009/11/28 06:33:36 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2009/11/28 05:37:28 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2009/11/28 05:37:28 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll
[2009/11/28 05:37:28 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2009/11/28 05:37:28 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2009/11/28 05:37:28 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2009/11/28 05:37:28 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2009/11/27 20:00:50 | 000,000,788 | ---- | M] () -- C:\WINDOWS\gojigsaw.ini
[2009/11/22 16:12:08 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonecookievault.prf
[2009/11/22 15:58:02 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonematchup.prf
[2009/11/21 20:41:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/11/21 20:41:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/11/21 18:54:52 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\meh\Desktop\My Computer.lnk
[2009/11/21 18:43:30 | 000,002,359 | ---- | M] () -- C:\Documents and Settings\meh\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2009/11/21 17:27:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/11/21 17:27:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/11/21 17:02:14 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\meh\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2009/11/21 17:02:14 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\meh\Desktop\Windows Media Player.lnk
[2009/11/21 16:55:04 | 000,000,126 | ---- | M] () -- C:\Documents and Settings\meh\Local Settings\Application Data\fusioncache.dat
[2009/11/21 01:43:50 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/11/21 01:43:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/11/20 23:28:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/11/20 23:28:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/11/20 21:14:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/11/20 21:14:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/11/20 16:35:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/11/20 16:35:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/11/20 16:10:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/11/20 16:10:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/11/20 13:44:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/11/20 13:44:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/11/20 13:34:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/11/20 13:34:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2009/11/20 08:45:42 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/11/20 08:45:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/11/19 18:28:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/11/19 18:28:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/11/17 20:34:32 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/11/17 20:34:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/11/16 21:52:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/11/16 21:52:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/11/15 17:28:58 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/11/15 17:28:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/11/14 19:57:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/11/14 19:57:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/11/14 10:19:00 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/11/14 10:19:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/11/13 21:02:22 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/11/13 21:02:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/11/12 21:50:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/11/12 21:50:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/11/11 21:06:28 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/11/11 21:06:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/11/08 17:23:00 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezoneezmatchup.prf
[2009/10/21 19:00:56 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2009/10/21 19:00:56 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2009/10/21 19:00:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2009/10/21 19:00:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2009/10/21 03:58:48 | 000,263,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2009/10/18 10:05:12 | 000,000,935 | ---- | M] () -- C:\WINDOWS\cncscore.ini
[2009/10/18 09:03:12 | 000,000,779 | ---- | M] () -- C:\WINDOWS\TetrisPk.ini
[2009/10/13 23:53:30 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll
[2009/10/13 23:53:30 | 000,266,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2009/10/13 02:54:18 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll
[2009/10/13 02:54:18 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2009/10/13 02:54:18 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll
[2009/10/13 02:54:18 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2009/10/01 09:12:56 | 000,000,311 | ---- | M] () -- C:\WINDOWS\QTW.INI
[2009/10/01 09:12:18 | 000,000,030 | ---- | M] () -- C:\WINDOWS\RESULT.QTW
[2009/10/01 09:12:08 | 000,000,502 | ---- | M] () -- C:\WINDOWS\WININI.QTW
[2009/10/01 09:12:08 | 000,000,231 | ---- | M] () -- C:\WINDOWS\SYSINI.QTW
[2009/09/30 13:51:24 | 000,000,604 | ---- | M] () -- C:\WINDOWS\Spiderman.INI
[2009/09/30 13:07:14 | 000,000,097 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2009/09/28 15:12:28 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonefleebees.prf
[2009/09/28 11:49:40 | 000,000,402 | ---- | M] () -- C:\WINDOWS\Nodgames.ini
[2009/09/28 11:17:52 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonepopping.prf
[2009/09/28 11:13:32 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezoneblingball.prf
[2009/09/28 11:12:02 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonevern.prf
[2009/09/28 11:03:34 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonehippymonkey.prf
[2009/09/25 18:56:36 | 001,506,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2009/09/25 18:56:36 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2009/09/25 18:56:32 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\danim.dll
[2009/09/25 18:56:32 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\danim.dll
[2009/09/25 18:56:32 | 001,023,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2009/09/25 18:56:32 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdfview.dll
[2009/09/25 18:56:32 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll
[2009/09/18 22:56:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2009/09/18 22:33:46 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2009/09/12 12:14:12 | 000,000,017 | ---- | M] () -- C:\WINDOWS\compedia.ini
[2009/09/12 03:03:38 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2009/09/05 09:45:26 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2009/08/26 21:16:38 | 000,247,326 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\strmdll.dll
[2009/08/26 21:16:38 | 000,247,326 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/08/25 22:47:14 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2009/08/17 23:33:52 | 001,193,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\FM20.DLL
[2009/08/15 01:19:42 | 001,850,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2009/08/15 01:19:42 | 001,850,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2009/08/06 19:24:18 | 000,327,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/08/06 19:24:18 | 000,327,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/08/06 19:24:18 | 000,209,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/08/06 19:24:18 | 000,021,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/08/06 19:24:10 | 000,217,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/08/06 19:24:10 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/08/06 19:24:10 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/08/06 19:24:10 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/08/06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/08/06 19:24:06 | 000,015,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/08/06 19:24:04 | 000,096,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2009/08/06 19:24:04 | 000,096,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2009/08/06 19:23:54 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/08/06 19:23:54 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/08/06 19:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/08/06 19:23:46 | 000,274,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009/08/06 19:23:46 | 000,016,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2009/08/05 21:11:48 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009/08/05 21:11:48 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/08/05 01:51:18 | 002,185,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/08/05 01:49:00 | 002,142,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2009/08/05 01:49:00 | 002,142,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/08/05 01:02:00 | 002,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/08/05 01:02:00 | 002,020,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/08/05 01:02:00 | 002,020,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2009/07/31 17:57:32 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/07/18 06:55:28 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2009/07/18 05:27:48 | 001,435,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\query.dll
[2009/07/18 05:27:48 | 001,435,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2009/07/13 02:18:36 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009/07/13 02:18:34 | 004,960,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2009/06/25 20:17:28 | 000,729,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2009/06/25 20:17:28 | 000,729,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/06/25 20:17:28 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll
[2009/06/25 20:17:28 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2009/06/25 20:17:28 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll
[2009/06/25 20:17:28 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll
[2009/06/22 23:35:44 | 000,092,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys
[2009/06/22 19:44:32 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll
[2009/06/22 19:44:32 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2009/06/22 17:25:32 | 013,020,986 | ---- | M] () -- C:\Documents and Settings\meh\Desktop\save-video.mp4
[2009/06/17 02:55:16 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2009/06/17 02:55:16 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2009/06/17 02:55:16 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2009/06/17 02:55:16 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2009/06/12 23:50:54 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2009/06/12 23:50:54 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2009/06/10 18:32:40 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll
[2009/06/05 19:42:38 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/05/31 14:29:36 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2009/05/24 14:49:30 | 000,005,694 | ---- | M] () -- C:\Sdicon32.ico
[2009/05/20 12:44:42 | 002,355,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVCore.dll
[2009/05/20 12:44:42 | 002,355,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2009/05/08 03:44:00 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll
[2009/05/08 03:44:00 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll
[2009/04/16 03:11:20 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2009/04/11 01:31:44 | 006,276,021 | ---- | M] () -- C:\Documents and Settings\meh\Desktop\He_Said.mp3
[2009/04/10 01:01:42 | 000,530,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2009/04/10 01:01:42 | 000,530,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009/03/22 02:18:58 | 000,986,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2009/03/08 16:23:26 | 000,000,816 | ---- | M] () -- C:\WINDOWS\hegames.ini
[2009/03/08 14:22:30 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll.mui
[2009/03/08 14:21:06 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe.mui
[2009/03/08 14:20:54 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll.mui
[2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2009/03/08 14:09:26 | 000,391,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2009/03/08 14:09:26 | 000,391,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2009/03/08 04:41:16 | 005,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/03/08 04:35:10 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009/03/08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2009/03/08 04:34:56 | 001,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2009/03/08 04:34:52 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2009/03/08 04:34:52 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2009/03/08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2009/03/08 04:34:48 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[2009/03/08 04:34:30 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2009/03/08 04:34:30 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2009/03/08 04:34:28 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2009/03/08 04:34:28 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2009/03/08 04:34:18 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2009/03/08 04:34:18 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2009/03/08 04:34:18 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2009/03/08 04:33:48 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2009/03/08 04:33:40 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2009/03/08 04:33:40 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2009/03/08 04:33:26 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2009/03/08 04:33:26 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2009/03/08 04:33:08 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll
[2009/03/08 04:33:08 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2009/03/08 04:33:06 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2009/03/08 04:33:06 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2009/03/08 04:33:02 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll
[2009/03/08 04:33:02 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[2009/03/08 04:32:56 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
[2009/03/08 04:32:56 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\admparse.dll
[2009/03/08 04:32:54 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2009/03/08 04:32:54 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2009/03/08 04:32:52 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakui.dll
[2009/03/08 04:32:52 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
[2009/03/08 04:32:52 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[2009/03/08 04:32:50 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iesetup.dll
[2009/03/08 04:32:50 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
[2009/03/08 04:32:50 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll
[2009/03/08 04:32:50 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[2009/03/08 04:32:48 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2009/03/08 04:32:46 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll
[2009/03/08 04:32:46 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[2009/03/08 04:32:26 | 000,594,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2009/03/08 04:32:04 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2009/03/08 04:32:04 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2009/03/08 04:31:56 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2009/03/08 04:31:56 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2009/03/08 04:31:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[2009/03/08 04:31:52 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2009/03/08 04:31:38 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\imgutil.dll
[2009/03/08 04:31:38 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
[2009/03/08 04:31:36 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[2009/03/08 04:31:36 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2009/03/08 04:31:26 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2009/03/08 04:31:18 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmler.dll
[2009/03/08 04:31:18 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
[2009/03/08 04:31:02 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[2009/03/08 04:31:02 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
[2009/03/08 04:31:02 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2009/03/08 04:30:56 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2009/03/08 04:24:28 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2009/03/08 04:22:46 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[2009/03/08 04:22:38 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msls31.dll
[2009/03/08 04:22:38 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
[2009/03/08 04:15:06 | 000,057,667 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[2009/03/08 04:11:12 | 000,445,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
[2009/03/07 02:00:22 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pdh.dll
[2009/02/12 22:20:42 | 000,005,630 | ---- | M] () -- C:\WINDOWS\System32\IE8Eula.rtf
[2009/02/12 16:36:50 | 000,000,029 | ---- | M] () -- C:\WINDOWS\CDMKR32.INI
[2009/02/12 16:34:24 | 000,000,783 | ---- | M] () -- C:\WINDOWS\NTIWVEDT.INI
[2009/02/07 06:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netlogon.dll
[2009/02/07 06:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netlogon.dll
[2009/02/06 21:54:18 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe
[2009/02/06 21:07:58 | 003,698,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dat
[2009/01/17 09:19:32 | 000,000,001 | -H-- | M] () -- C:\WINDOWS\f49f4daa.dat
[2009/01/17 09:19:32 | 000,000,001 | -H-- | M] () -- C:\WINDOWS\be49f4daa.dat
[2009/01/07 18:21:00 | 000,026,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/01/07 18:20:58 | 000,016,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/01/07 18:20:54 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqmapi.dll
[2009/01/07 18:20:38 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nlsdl.dll
[2009/01/07 18:20:36 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\idndl.dll
[2009/01/07 18:20:20 | 000,008,798 | ---- | M] () -- C:\WINDOWS\System32\icrav03.rat
[2009/01/07 18:20:20 | 000,001,988 | ---- | M] () -- C:\WINDOWS\System32\ticrf.rat
[2009/01/07 18:20:18 | 000,265,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdbg2.dll
[2009/01/02 17:18:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\f49f4d98.dat
[2008/12/11 23:57:22 | 000,333,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2008/12/04 09:12:48 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2008/11/05 13:50:36 | 000,000,001 | -H-- | M] () -- C:\WINDOWS\tmark2.dat
[2008/11/05 13:50:00 | 000,000,001 | -H-- | M] () -- C:\WINDOWS\bemark2.dat
[2008/11/05 13:44:20 | 000,000,001 | -H-- | M] () -- C:\WINDOWS\fmark2.dat
[2008/10/25 00:10:42 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2008/10/24 02:01:36 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2008/10/16 05:57:56 | 000,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2008/10/01 08:18:58 | 000,058,760 | ---- | M] () -- C:\symlcsv1.exe
[2008/08/28 13:34:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008/08/24 14:41:56 | 000,000,114 | ---- | M] () -- C:\WINDOWS\WINCHESS.INI
[2008/08/14 22:51:44 | 000,138,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2008/08/02 10:30:08 | 000,001,537 | ---- | M] () -- C:\WINDOWS\disney.ini
[2008/07/28 17:44:36 | 000,000,291 | ---- | M] () -- C:\WINDOWS\MOONSHOT.ini
[2008/07/28 17:37:16 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonesantabutt.prf
[2008/07/20 11:31:56 | 000,000,000 | ---- | M] () -- C:\!¢
[2008/07/20 10:49:32 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008/07/09 08:13:02 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonenitroburners.prf
[2008/07/08 08:32:22 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll
[2008/07/06 17:20:24 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezoneamoeba.prf
[2008/07/04 01:16:58 | 008,454,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2008/06/29 17:51:50 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonewrongtennis.prf
[2008/06/29 17:50:10 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonebunyip.prf
[2008/06/29 17:00:40 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezoneezslots.prf
[2008/06/29 16:59:52 | 000,000,081 | ---- | M] () -- C:\WINDOWS\sub.ini
[2008/06/29 16:50:18 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonevalet.prf
[2008/06/29 16:48:32 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonebirdsnbees.prf
[2008/06/29 10:26:04 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonesurfing.prf
[2008/06/29 10:19:10 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezoneslots.prf
[2008/06/29 10:16:54 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonekangaboxing.prf
[2008/06/29 10:14:10 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonejanitorjoe.prf
[2008/06/29 09:53:24 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonehalloween.prf
[2008/06/29 09:46:06 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonespaceracers.prf
[2008/06/29 09:35:08 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonebugganut.prf
[2008/06/29 09:34:18 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonebugga.prf
[2008/06/29 09:13:54 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezoneslugshoot.prf
[2008/06/29 09:11:56 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonelazerburn.prf
[2008/06/29 08:58:14 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonezoogs.prf
[2008/06/29 08:57:02 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonefatboy.prf
[2008/06/29 08:52:08 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezoneeddie.prf
[2008/06/29 08:27:30 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonedownhill.prf
[2008/06/29 08:24:18 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezoneflies.prf
[2008/06/29 08:20:06 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonecatburglar.prf
[2008/06/29 08:18:36 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonecookiebumper.prf
[2008/06/29 08:10:20 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonebangbuck.prf
[2008/06/25 04:23:06 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mscms.dll
[2008/06/25 04:23:06 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll
[2008/06/21 05:41:10 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2008/06/21 05:41:10 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2008/06/20 22:45:14 | 000,360,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2008/06/20 21:52:06 | 000,225,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2008/06/20 21:52:06 | 000,225,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2008/06/14 09:14:28 | 000,000,826 | ---- | M] () -- C:\WINDOWS\7THLEVEL.INI
[2008/06/14 01:10:50 | 000,272,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2008/06/13 02:16:46 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2008/06/13 02:16:46 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2008/06/13 02:16:46 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2008/06/13 02:16:46 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2008/06/13 02:16:46 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2008/06/13 02:16:46 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2008/06/13 02:16:46 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2008/06/13 02:16:46 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2008/06/13 02:16:46 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxclu.dll
[2008/06/13 02:16:46 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll
[2008/06/13 02:16:46 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2008/06/13 02:16:46 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2008/06/10 11:37:02 | 001,026,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMNetmgr.dll
[2008/06/10 11:37:02 | 001,026,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMNetmgr.dll
[2008/06/10 09:17:42 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe
[2008/06/10 09:17:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2008/06/04 18:17:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\PowerReg.dat
[2008/05/30 14:19:18 | 000,507,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2008/05/30 14:18:52 | 000,238,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2008/05/30 14:17:30 | 000,065,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2008/05/30 14:17:00 | 000,025,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2008/05/30 14:11:46 | 003,850,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2008/05/30 14:11:46 | 001,491,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2008/05/30 14:11:46 | 000,467,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2008/05/15 17:29:58 | 000,000,083 | ---- | M] () -- C:\WINDOWS\wwp.INI
[2008/05/09 00:28:50 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\RMCast.sys
[2008/05/09 00:28:50 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2008/05/02 02:30:34 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2008/04/12 06:50:44 | 000,683,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2008/03/27 20:12:54 | 000,151,583 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msjint40.dll
[2008/03/27 20:12:54 | 000,151,583 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjint40.dll
[2008/03/25 16:50:58 | 000,838,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswdat10.dll
[2008/03/25 16:50:58 | 000,838,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswdat10.dll
[2008/03/25 16:50:58 | 000,621,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswstr10.dll
[2008/03/25 16:50:58 | 000,621,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswstr10.dll
[2008/03/25 16:50:58 | 000,355,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxbde40.dll
[2008/03/25 16:50:58 | 000,355,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxbde40.dll
[2008/03/25 16:50:56 | 000,264,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstext40.dll
[2008/03/25 16:50:56 | 000,264,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstext40.dll
[2008/03/25 16:50:52 | 000,559,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrepl40.dll
[2008/03/25 16:50:52 | 000,559,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrepl40.dll
[2008/03/25 16:50:50 | 000,322,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd3x40.dll
[2008/03/25 16:50:50 | 000,322,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd3x40.dll
[2008/03/25 16:50:48 | 000,432,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd2x40.dll
[2008/03/25 16:50:48 | 000,432,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd2x40.dll
[2008/03/25 16:50:46 | 000,355,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspbde40.dll
[2008/03/25 16:50:46 | 000,355,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspbde40.dll
[2008/03/25 16:50:44 | 000,219,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msltus40.dll
[2008/03/25 16:50:44 | 000,219,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msltus40.dll
[2008/03/25 16:50:42 | 000,248,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msjtes40.dll
[2008/03/25 16:50:42 | 000,248,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjtes40.dll
[2008/03/25 16:50:42 | 000,060,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msjter40.dll
[2008/03/25 16:50:42 | 000,060,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjter40.dll
[2008/03/25 16:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msjetol1.dll
[2008/03/25 16:50:34 | 001,516,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msjet40.dll
[2008/03/25 16:50:34 | 001,516,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjet40.dll
[2008/03/25 16:50:30 | 000,326,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msexcl40.dll
[2008/03/25 16:50:30 | 000,326,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexcl40.dll
[2008/03/25 16:50:28 | 000,518,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msexch40.dll
[2008/03/25 16:50:28 | 000,518,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexch40.dll
[2008/03/25 16:50:26 | 000,554,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008/03/08 10:21:46 | 000,002,349 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2008/03/05 16:03:54 | 000,479,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2008/03/05 16:03:20 | 000,238,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2008/03/05 16:00:06 | 000,025,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2008/03/05 15:56:58 | 003,786,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2008/03/05 15:56:58 | 001,420,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2008/02/20 17:32:44 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll
[2008/02/05 23:07:36 | 000,462,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2008/01/31 23:13:18 | 000,090,112 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2008/01/31 23:13:18 | 000,057,344 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2007/12/27 15:52:38 | 000,013,568 | ---- | M] (iRiver, Inc.) -- C:\WINDOWS\System32\drivers\D30.SYS
[2007/12/18 22:51:36 | 000,179,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxdav.sys
[2007/12/05 07:38:14 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2007/11/23 17:07:44 | 000,001,764 | ---- | M] () -- C:\WINDOWS\EReg196.dat
[2007/10/27 17:40:06 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmasf.dll
[2007/10/27 17:40:06 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2007/10/22 03:39:54 | 000,267,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2007/10/22 03:37:16 | 000,017,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2007/10/12 15:14:00 | 003,734,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2007/10/12 15:14:00 | 001,374,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2007/10/07 17:08:30 | 000,002,728 | ---- | M] () -- C:\WINDOWS\System32\mini_spectrum2.swf
[2007/10/02 09:56:34 | 000,444,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2007/09/18 17:53:28 | 000,013,568 | ---- | M] (iRiver, Inc.) -- C:\WINDOWS\System32\drivers\D27.SYS
[2007/07/20 00:57:12 | 000,267,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2007/07/19 18:14:42 | 003,727,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2007/07/19 18:14:42 | 001,358,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2007/07/19 18:14:42 | 000,444,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2007/07/03 19:47:38 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonemosaic.prf
[2007/07/03 09:25:46 | 000,000,379 | ---- | M] () -- C:\WINDOWS\HAVOC.INI
[2007/06/28 20:02:18 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonejigsaw.prf
[2007/06/26 19:15:38 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonecookiemusic.prf
[2007/06/26 07:27:08 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezonedidgeridoo.prf
[2007/06/25 13:39:20 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezoneminer.prf
[2007/06/21 19:09:02 | 000,004,096 | ---- | M] () -- C:\WINDOWS\d3dx.dat
[2007/06/21 18:21:28 | 000,000,017 | ---- | M] () -- C:\WINDOWS\Ezoneknighty.prf
[2007/06/20 20:46:04 | 000,266,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2007/06/18 15:10:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SETUP32.INI
[2007/06/18 13:45:46 | 000,000,361 | ---- | M] () -- C:\WINDOWS\System32\QuickTime.qtp
[2007/06/18 13:44:02 | 000,000,110 | ---- | M] () -- C:\WINDOWS\ka.ini
[2007/06/13 23:23:08 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2007/06/13 23:23:08 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2007/06/11 17:46:28 | 000,015,240 | ---- | M] (iRiver, Inc.) -- C:\WINDOWS\System32\drivers\D5.sys
[2007/05/21 22:19:58 | 000,053,248 | ---- | M] (Dream To Reality Co., Ltd.) -- C:\WINDOWS\System32\csd_iriver_lib.dll
[2007/05/17 04:12:16 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2007/05/17 04:12:12 | 000,510,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2007/05/17 04:12:00 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2007/05/16 16:45:16 | 003,497,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2007/05/16 16:45:16 | 001,124,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2007/05/16 16:45:16 | 000,443,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2007/04/23 23:32:54 | 000,364,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\update.sys
[2007/04/19 05:12:24 | 002,854,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msi.dll
[2007/04/04 18:55:00 | 000,261,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2007/04/04 18:53:42 | 000,081,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2007/04/02 18:58:18 | 000,546,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hhctrl.ocx
[2007/04/02 18:58:18 | 000,546,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hhctrl.ocx
[2007/03/18 02:43:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll
[2007/03/18 02:43:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2007/03/15 16:57:58 | 000,443,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2007/03/12 16:42:30 | 003,495,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2007/03/12 16:42:30 | 001,123,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2007/03/10 02:46:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentdpv.dll
[2007/03/09 04:36:28 | 000,577,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2007/03/09 04:36:28 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mf3216.dll
[2007/03/09 04:36:28 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mf3216.dll
[2007/03/05 12:42:18 | 000,015,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2007/02/10 00:10:36 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntfs.sys
[2007/02/06 09:17:02 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnphost.dll
[2007/02/04 21:03:08 | 003,072,054 | ---- | M] () -- C:\WINDOWS\wallpaper.bmp
[2007/01/24 15:27:30 | 000,255,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2007/01/16 21:01:44 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2006/12/27 02:07:24 | 000,536,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2006/12/27 02:07:24 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2006/12/27 02:07:24 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2006/12/27 02:07:24 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2006/12/25 22:20:56 | 000,000,083 | ---- | M] () -- C:\WINDOWS\ALaunch.ini
[2006/12/25 22:19:36 | 000,000,092 | ---- | M] () -- C:\WINDOWS\GridV.UNI
[2006/12/25 22:13:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\NT.INI
[2006/12/25 22:13:28 | 000,000,083 | ---- | M] () -- C:\WINDOWS\QtZgAcer.UNI
[2006/12/25 22:09:04 | 000,037,462 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2006/12/25 01:00:08 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2006/12/20 10:52:18 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll
[2006/12/20 07:16:48 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaservc.dll
[2006/12/14 09:37:40 | 000,072,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2006/12/08 12:02:00 | 000,251,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2006/11/29 13:06:18 | 003,426,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2006/11/28 03:54:06 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2006/11/28 03:54:06 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msftedit.dll
[2006/11/28 03:54:06 | 000,433,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\riched20.dll
[2006/11/28 03:54:06 | 000,433,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched20.dll
[2006/11/25 01:14:26 | 000,048,640 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\B10USBDMB.sys
[2006/11/09 10:58:06 | 000,139,264 | ---- | M] (Lexar Media, Inc.) -- C:\WINDOWS\System32\LxrSII1.dll
[2006/11/02 08:17:46 | 000,927,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40u.dll
[2006/11/02 08:17:46 | 000,927,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2006/10/26 19:56:10 | 000,032,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll
[2006/10/26 14:10:06 | 000,033,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\FM20ENU.DLL
[2006/10/26 13:45:04 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WISPTIS.EXE
[2006/10/26 13:45:04 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\INKED.DLL
[2006/10/20 02:56:32 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sxs.dll
[2006/10/20 02:56:32 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sxs.dll
[2006/10/17 05:15:00 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oledlg.dll
[2006/10/17 05:15:00 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledlg.dll
[2006/10/14 21:13:26 | 000,981,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42u.dll
[2006/10/14 21:13:26 | 000,981,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll
[2006/10/14 01:35:12 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nwprovau.dll
[2006/10/14 01:35:12 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwprovau.dll
[2006/10/13 03:02:52 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentdp2.dll
[2006/10/13 00:09:54 | 000,256,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsvr.exe
[2006/10/03 19:47:52 | 000,109,360 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2006/09/28 16:05:56 | 000,237,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2006/09/28 16:05:20 | 002,414,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2006/09/12 08:36:26 | 000,001,077 | ---- | M] () -- C:\WINDOWS\HotFix.bat
[2006/08/26 04:45:58 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2006/08/22 04:05:26 | 000,498,742 | ---- | M] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2006/08/22 01:21:06 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2006/08/21 22:14:58 | 000,128,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2006/08/21 22:14:58 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2006/08/21 22:14:58 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2006/08/17 00:58:06 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2006/07/28 09:30:32 | 000,236,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2006/07/28 09:30:14 | 000,062,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2006/07/24 10:50:40 | 000,047,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\VBAME.DLL
[2006/07/24 10:50:40 | 000,039,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SCP32.DLL
[2006/07/24 10:50:38 | 000,125,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2006/07/21 21:24:44 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hlink.dll
[2006/07/21 21:24:44 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hlink.dll
[2006/07/19 02:21:40 | 000,000,084 | ---- | M] () -- C:\WINDOWS\EMEAPAGE.INI
[2006/07/17 20:30:54 | 000,159,821 | ---- | M] () -- C:\WINDOWS\EMEAPAGE.EXE
[2006/06/27 06:37:10 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasadhlp.dll
[2006/06/27 06:37:10 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasadhlp.dll
[2006/06/22 23:47:18 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmans.dll
[2006/06/22 18:06:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ciodm.dll
[2006/06/22 18:06:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ciodm.dll
[2006/06/14 22:00:46 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2006/06/14 21:47:46 | 000,172,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2006/06/14 21:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2006/06/02 07:47:08 | 000,163,840 | ---- | M] (America Online) -- C:\WINDOWS\System32\jgdw400.dll
[2006/06/02 07:47:08 | 000,163,840 | ---- | M] (America Online) -- C:\WINDOWS\System32\dllcache\jgdw400.dll
[2006/06/02 07:47:08 | 000,027,648 | ---- | M] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgpl400.dll
[2006/06/02 07:47:08 | 000,027,648 | ---- | M] (Johnson-Grace Company) -- C:\WINDOWS\System32\dllcache\jgpl400.dll
[2006/05/31 07:24:16 | 000,230,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2006/05/29 08:26:38 | 000,127,488 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcd.sys
[2006/05/29 08:26:36 | 000,050,688 | ---- | M] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll
[2006/05/29 08:26:36 | 000,030,720 | ---- | M] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2006/05/29 08:26:36 | 000,013,312 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcm.sys
[2006/05/29 08:26:36 | 000,013,312 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcj.sys
[2006/05/29 08:26:36 | 000,008,704 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdc.sys
[2006/05/29 08:26:34 | 000,004,608 | ---- | M] (Nokia) -- C:\WINDOWS\System32\nmwcdlog.dll
[2006/05/20 01:59:42 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhcpcsvc.dll
[2006/05/20 01:59:42 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iphlpapi.dll
[2006/05/20 01:59:42 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iphlpapi.dll
[2006/05/05 22:47:58 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdbss.sys
[2006/05/02 17:27:06 | 000,935,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ERUpdateHidden.EXE
[2006/04/14 15:27:46 | 000,014,544 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\TVicPort.sys
[2006/04/14 15:27:46 | 000,008,704 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\TVicPort64.sys
[2006/04/14 15:27:46 | 000,006,144 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport64.sys
[2006/04/14 15:27:44 | 000,069,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\int15.sys
[2006/04/14 15:27:44 | 000,008,704 | ---- | M] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2006/04/14 15:27:44 | 000,006,080 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport.sys
[2006/04/12 20:52:06 | 000,000,076 | RHS- | M] () -- C:\Preload.aaa
[2006/04/12 20:45:58 | 000,000,061 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2006/04/12 20:45:54 | 000,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf
[2006/04/07 15:53:22 | 000,000,687 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2006/04/07 15:53:22 | 000,000,079 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2006/04/06 20:56:54 | 000,000,666 | ---- | M] () -- C:\WINDOWS\CLEANUP.CMD
[2006/04/06 19:17:48 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2006/04/06 19:17:48 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2006/04/06 19:11:52 | 000,001,024 | RH-- | M] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/04/06 19:11:32 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/04/06 19:10:46 | 000,001,024 | RH-- | M] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/04/06 19:10:46 | 000,001,024 | RH-- | M] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/04/06 19:10:46 | 000,001,024 | RH-- | M] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/04/06 19:10:46 | 000,001,024 | RH-- | M] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/04/06 19:10:42 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\System32\drivers\NTIDrvr.sys
[2006/04/06 18:53:22 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\meh\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2006/04/06 18:47:04 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2006/04/06 18:47:04 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/04/06 18:47:04 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/04/06 18:47:04 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/04/06 18:47:02 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2006/04/06 18:47:02 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2006/04/06 18:46:54 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2006/04/06 18:45:34 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/04/06 18:44:58 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2006/03/31 12:40:58 | 002,388,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2006/03/31 12:39:48 | 000,229,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2006/03/31 12:39:24 | 000,062,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2006/03/30 13:06:04 | 000,258,048 | ---- | M] (Acer Inc.) -- C:\WINDOWS\System32\CheckD2DSystem.exe
[2006/03/24 17:47:08 | 000,602,112 | ---- | M] (acer inc.) -- C:\WINDOWS\System32\Acer.Empowering.Windows.Forms.dll
[2006/03/23 18:44:22 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2006/03/23 12:02:52 | 000,258,048 | ---- | M] (Acer Inc.) -- C:\WINDOWS\System32\Uninstall_eRecovery.exe
[2006/03/22 00:12:36 | 000,027,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2006/03/21 23:56:44 | 000,257,536 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2006/03/21 23:56:24 | 001,522,688 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2006/03/21 23:50:50 | 000,114,688 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2006/03/21 23:50:30 | 000,026,112 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2006/03/21 23:50:24 | 000,041,984 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2006/03/21 23:50:12 | 000,061,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll
[2006/03/21 23:48:20 | 000,053,248 | ---- | M] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL
[2006/03/21 23:42:24 | 000,307,200 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2006/03/21 23:40:12 | 002,662,688 | ---- | M] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2006/03/21 23:33:42 | 001,130,752 | ---- | M] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2006/03/21 23:33:04 | 006,684,672 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglx1.dll
[2006/03/21 23:24:30 | 005,025,792 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglxx.dll
[2006/03/21 23:18:36 | 000,151,552 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll
[2006/03/21 23:17:54 | 000,017,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll
[2006/03/21 23:17:10 | 000,040,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll
[2006/03/21 23:12:24 | 000,258,048 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2006/03/21 22:38:46 | 000,286,720 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2006/03/17 13:38:02 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2006/03/15 22:56:22 | 000,524,288 | ---- | M] (Acer Inc.) -- C:\WINDOWS\Alaunch.exe
[2006/03/11 12:57:08 | 000,540,178 | ---- | M] () -- C:\WINDOWS\System32\x264vfw.dll
[2006/03/10 14:15:44 | 000,036,404 | ---- | M] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/03/02 08:42:42 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2006/03/02 08:42:42 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2006/02/24 11:28:24 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\setup.iss
[2006/02/24 05:00:00 | 005,010,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\KB912945.EXE
[2006/02/23 23:36:54 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4r.dll
[2006/02/23 23:36:54 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2006/02/22 11:20:14 | 000,331,776 | ---- | M] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2006/02/22 11:20:14 | 000,053,248 | ---- | M] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2006/02/22 11:19:36 | 000,069,632 | ---- | M] (Acer Inc.) -- C:\WINDOWS\System32\eRecUtil.dll
[2006/02/16 18:51:36 | 004,156,416 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.Sys
[2006/02/16 15:39:12 | 000,045,056 | ---- | M] (Acer Labs USA) -- C:\WINDOWS\System32\Epm-Po.dll
[2006/02/15 13:22:26 | 000,142,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2006/02/14 16:19:18 | 000,086,016 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2006/02/14 16:17:26 | 002,809,856 | R--- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2006/02/14 16:16:12 | 009,711,616 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2006/02/13 16:29:26 | 000,121,995 | ---- | M] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/02/08 17:44:06 | 001,114,674 | ---- | M] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2006/02/08 17:44:06 | 000,000,929 | ---- | M] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2006/02/03 08:43:16 | 002,332,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2006/02/03 08:42:06 | 000,230,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2006/02/03 08:41:26 | 000,014,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2006/01/27 14:36:06 | 000,006,144 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006/01/25 21:48:04 | 000,006,005 | ---- | M] () -- C:\WINDOWS\System32\atifglpf.xml
[2006/01/25 10:44:52 | 000,488,448 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\ar5211.sys
[2006/01/19 18:19:06 | 000,049,152 | ---- | M] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[2006/01/18 20:47:36 | 000,574,976 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2006/01/10 13:58:40 | 000,266,240 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.Cpl
[2006/01/09 14:32:34 | 002,158,592 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2006/01/09 13:56:04 | 000,057,344 | ---- | M] () -- C:\WINDOWS\System32\LxrSII1s.exe
[2006/01/07 14:44:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System\My Documents.exe
[2006/01/07 14:44:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ .com
[2006/01/06 19:01:12 | 000,130,560 | ---- | M] () -- C:\Documents and Settings\meh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/01/06 17:35:00 | 003,596,288 | ---- | M] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/01/06 17:35:00 | 000,593,920 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI11.dll
[2006/01/06 17:35:00 | 000,200,704 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dtu100.dll
[2006/01/06 17:34:58 | 000,339,968 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpus11.dll
[2006/01/06 17:34:58 | 000,294,912 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpu11.dll
[2006/01/06 17:17:36 | 001,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libdivx.dll
[2006/01/06 17:17:36 | 000,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssldivx.dll
[2006/01/05 14:31:42 | 000,253,952 | ---- | M] (Acer Inc.) -- C:\WINDOWS\AArrange.exe
[2006/01/04 16:35:06 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webclnt.dll
[2006/01/01 03:32:04 | 000,002,095 | ---- | M] () -- C:\VirtualDJ Local Database v5.xml
[2005/12/30 20:18:26 | 000,180,224 | ---- | M] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/12/30 20:10:30 | 000,761,856 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/12/30 14:02:40 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\ImageItEncrypt.exe
[2005/12/26 22:35:12 | 000,086,016 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpl100.dll
[2005/12/24 05:21:18 | 000,000,000 | ---- | M] () -- C:\www.lilly.com
[2005/12/24 05:21:18 | 000,000,000 | ---- | M] () -- C:\Pictures from www.lilly.exe
[2005/12/23 00:47:50 | 000,056,572 | ---- | M] () -- C:\Documents and Settings\meh\My Documents\cc_20051223_004742.reg
[2005/12/22 23:51:42 | 000,000,342 | ---- | M] () -- C:\Documents and Settings\meh\My Documents\cc_20051222_235133.reg
[2005/12/22 20:58:10 | 000,217,948 | ---- | M] () -- C:\Documents and Settings\meh\My Documents\cc_20051222_205757.reg
[2005/12/22 20:42:02 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2005/12/22 20:40:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2005/12/22 20:40:20 | 467,849,216 | -HS- | M] () -- C:\hiberfil.sys
[2005/12/22 02:33:58 | 000,000,212 | RHS- | M] () -- C:\boot.ini
[2005/12/22 02:17:56 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\meh\Video.lnk
[2005/12/22 02:17:54 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\meh\Pictures.lnk
[2005/12/22 02:17:54 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\meh\Passwords.lnk
[2005/12/22 02:17:54 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\meh\New Folder.lnk
[2005/12/22 02:17:54 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\meh\Music.lnk
[2005/12/22 02:17:54 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\meh\Documents.lnk
[2005/12/22 01:05:02 | 000,231,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/12/22 00:47:48 | 000,374,940 | ---- | M] () -- C:\SERVICES_OUTPUT_INFORMATION_ABOUT_DEBUG
[2005/12/22 00:45:16 | 000,000,001 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\oashdihasidhasuidhiasdhiashdiuasdhasd
[2005/12/22 00:43:28 | 000,000,585 | ---- | M] () -- C:\Documents and Settings\meh\Start Menu\Programs\Startup\8738A5.lnk
[2005/12/22 00:35:20 | 000,000,001 | ---- | M] () -- C:\Documents and Settings\meh\oashdihasidhasuidhiasdhiashdiuasdhasd
[2005/12/22 00:34:24 | 000,000,840 | ---- | M] () -- C:\Documents and Settings\meh\Start Menu\Programs\Startup\WinUpdate.lnk
[2005/12/22 00:03:14 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2005/12/22 00:03:02 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C3AB96C7-64C5-4445-89DC-A3A2537A4207}.job
[2005/12/14 20:59:52 | 000,000,038 | ---- | M] () -- C:\WINDOWS\Acer.ini
[2005/12/14 20:56:06 | 000,191,488 | ---- | M] () -- C:\WINDOWS\Acer.scr
[2005/12/13 08:08:44 | 001,124,097 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys
[2005/12/09 09:12:02 | 000,016,384 | ---- | M] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2005/12/05 18:09:18 | 002,323,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2005/12/05 18:07:30 | 000,061,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2005/12/02 16:42:38 | 000,630,784 | ---- | M] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll
[2005/11/29 16:27:06 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/08 16:45:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Fonts\LILLY.exe
[2010/05/11 21:26:26 | 000,000,418 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C3AB96C7-64C5-4445-89DC-A3A2537A4207}.job
[2010/05/08 19:03:04 | 006,276,021 | ---- | C] () -- C:\Documents and Settings\meh\Desktop\He_Said.mp3
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track17.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track16.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track15.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track14.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track13.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track12.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track11.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track10.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track09.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track08.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track07.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track06.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track05.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track04.cda
[2010/05/07 16:28:14 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Track03.cda
[2010/04/29 19:16:40 | 000,026,279 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\Skip APRIL.docx
[2010/04/14 12:31:52 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\meh\Video.lnk
[2010/04/14 12:31:52 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\meh\Pictures.lnk
[2010/04/14 12:31:52 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\meh\Passwords.lnk
[2010/04/14 12:31:52 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\meh\New Folder.lnk
[2010/04/14 12:31:52 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\meh\Music.lnk
[2010/04/14 12:31:52 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\meh\Documents.lnk
[2010/03/02 19:31:37 | 000,946,338 | ---- | C] () -- C:\Documents and Settings\meh\Desktop\Justin_Bieber_One_Time.mp3
[2010/02/28 16:21:27 | 013,020,986 | ---- | C] () -- C:\Documents and Settings\meh\Desktop\save-video.mp4
[2010/02/28 13:32:11 | 000,000,285 | ---- | C] () -- C:\WINDOWS\shrek2tm.ini
[2010/02/26 21:33:46 | 000,162,304 | ---- | C] () -- C:\UNWISE.EXE
[2010/02/26 21:33:46 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2010/01/15 17:45:02 | 000,000,855 | ---- | C] () -- C:\Documents and Settings\meh\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2009/12/15 16:44:02 | 000,000,585 | ---- | C] () -- C:\Documents and Settings\meh\Start Menu\Programs\Startup\8738A5.lnk
[2009/11/22 16:12:06 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonecookievault.prf
[2009/11/22 15:58:01 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonematchup.prf
[2009/11/21 18:54:50 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\meh\Desktop\My Computer.lnk
[2009/11/21 18:43:29 | 000,002,359 | ---- | C] () -- C:\Documents and Settings\meh\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2009/11/21 18:13:18 | 000,130,560 | ---- | C] () -- C:\Documents and Settings\meh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/21 17:02:13 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\meh\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2009/11/21 16:54:51 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\meh\Desktop\Windows Media Player.lnk
[2009/11/21 16:54:44 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\meh\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2009/11/21 16:54:44 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\meh\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2009/11/21 16:54:43 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\meh\Local Settings\Application Data\fusioncache.dat
[2009/11/08 17:22:58 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezoneezmatchup.prf
[2009/10/14 19:09:39 | 000,000,025 | ---- | C] () -- C:\WINDOWS\Pharaoh's Pitfalls.ini
[2009/10/01 09:12:06 | 000,000,502 | ---- | C] () -- C:\WINDOWS\WININI.QTW
[2009/10/01 09:12:06 | 000,000,311 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2009/10/01 09:12:06 | 000,000,231 | ---- | C] () -- C:\WINDOWS\SYSINI.QTW
[2009/10/01 09:09:08 | 000,000,030 | ---- | C] () -- C:\WINDOWS\RESULT.QTW
[2009/09/28 15:12:26 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonefleebees.prf
[2009/09/28 14:33:45 | 000,000,788 | ---- | C] () -- C:\WINDOWS\gojigsaw.ini
[2009/09/28 11:17:51 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonepopping.prf
[2009/09/28 11:13:31 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezoneblingball.prf
[2009/09/28 11:12:00 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonevern.prf
[2009/09/28 11:03:33 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonehippymonkey.prf
[2009/06/21 10:23:26 | 000,000,017 | ---- | C] () -- C:\WINDOWS\compedia.ini
[2009/05/31 14:29:35 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/05/24 14:49:28 | 000,005,694 | ---- | C] () -- C:\Sdicon32.ico
[2009/04/12 13:56:10 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/09 16:06:52 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/02/12 22:20:42 | 000,005,630 | ---- | C] () -- C:\WINDOWS\System32\IE8Eula.rtf
[2009/02/12 16:36:49 | 000,000,029 | ---- | C] () -- C:\WINDOWS\CDMKR32.INI
[2009/02/12 16:34:23 | 000,000,783 | ---- | C] () -- C:\WINDOWS\NTIWVEDT.INI
[2009/01/07 18:20:20 | 000,008,798 | ---- | C] () -- C:\WINDOWS\System32\icrav03.rat
[2009/01/07 18:20:20 | 000,001,988 | ---- | C] () -- C:\WINDOWS\System32\ticrf.rat
[2009/01/02 17:18:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\f49f4d98.dat
[2008/12/04 09:12:46 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2008/12/04 09:12:45 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2008/11/07 18:57:41 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\be49f4daa.dat
[2008/11/07 16:40:28 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\f49f4daa.dat
[2008/11/05 13:50:35 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\tmark2.dat
[2008/11/05 13:49:58 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\bemark2.dat
[2008/11/05 13:44:19 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\fmark2.dat
[2008/10/18 18:35:28 | 000,000,268 | -H-- | C] () -- C:\sqmdata19.sqm
[2008/10/18 18:35:28 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2008/10/17 17:01:33 | 000,000,268 | -H-- | C] () -- C:\sqmdata18.sqm
[2008/10/17 17:01:33 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2008/10/16 21:21:23 | 000,000,268 | -H-- | C] () -- C:\sqmdata17.sqm
[2008/10/16 21:21:23 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2008/10/15 16:46:14 | 000,000,268 | -H-- | C] () -- C:\sqmdata16.sqm
[2008/10/15 16:46:14 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2008/10/14 19:50:48 | 000,000,268 | -H-- | C] () -- C:\sqmdata15.sqm
[2008/10/14 19:50:48 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2008/10/13 20:22:31 | 000,000,268 | -H-- | C] () -- C:\sqmdata14.sqm
[2008/10/13 20:22:31 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2008/10/13 15:54:54 | 000,000,268 | -H-- | C] () -- C:\sqmdata13.sqm
[2008/10/13 15:54:54 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2008/10/12 19:49:47 | 000,000,268 | -H-- | C] () -- C:\sqmdata12.sqm
[2008/10/12 19:49:47 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2008/10/12 18:27:08 | 000,000,268 | -H-- | C] () -- C:\sqmdata11.sqm
[2008/10/12 18:27:08 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2008/10/09 16:10:20 | 000,000,268 | -H-- | C] () -- C:\sqmdata10.sqm
[2008/10/09 16:10:20 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2008/10/08 21:03:47 | 000,000,268 | -H-- | C] () -- C:\sqmdata09.sqm
[2008/10/08 21:03:47 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2008/10/07 21:52:46 | 000,000,268 | -H-- | C] () -- C:\sqmdata08.sqm
[2008/10/07 21:52:46 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2008/10/06 18:55:54 | 000,000,268 | -H-- | C] () -- C:\sqmdata07.sqm
[2008/10/06 18:55:54 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt07.sqm
[2008/10/04 19:37:40 | 000,000,268 | -H-- | C] () -- C:\sqmdata06.sqm
[2008/10/04 19:37:40 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt06.sqm
[2008/10/01 19:47:24 | 000,000,268 | -H-- | C] () -- C:\sqmdata05.sqm
[2008/10/01 19:47:24 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt05.sqm
[2008/10/01 08:18:57 | 000,058,760 | ---- | C] () -- C:\symlcsv1.exe
[2008/09/25 14:00:40 | 000,000,268 | -H-- | C] () -- C:\sqmdata04.sqm
[2008/09/25 14:00:40 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt04.sqm
[2008/09/24 20:59:07 | 000,000,268 | -H-- | C] () -- C:\sqmdata03.sqm
[2008/09/24 20:59:07 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt03.sqm
[2008/09/24 08:38:22 | 000,000,268 | -H-- | C] () -- C:\sqmdata02.sqm
[2008/09/24 08:38:22 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt02.sqm
[2008/08/28 13:34:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/08/23 12:03:03 | 000,000,268 | -H-- | C] () -- C:\sqmdata01.sqm
[2008/08/23 12:03:02 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt01.sqm
[2008/08/02 10:43:23 | 000,000,097 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/07/28 17:37:15 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonesantabutt.prf
[2008/07/20 14:23:31 | 000,000,268 | -H-- | C] () -- C:\sqmdata00.sqm
[2008/07/20 14:23:31 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt00.sqm
[2008/07/20 11:31:54 | 000,000,000 | ---- | C] () -- C:\!¢
[2008/07/20 10:49:30 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008/07/09 08:13:01 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonenitroburners.prf
[2008/07/06 17:20:22 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezoneamoeba.prf
[2008/06/29 18:05:06 | 000,000,291 | ---- | C] () -- C:\WINDOWS\MOONSHOT.ini
[2008/06/29 17:58:06 | 000,000,402 | ---- | C] () -- C:\WINDOWS\Nodgames.ini
[2008/06/29 17:51:49 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonewrongtennis.prf
[2008/06/29 17:50:09 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonebunyip.prf
[2008/06/29 17:00:39 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezoneezslots.prf
[2008/06/29 16:59:50 | 000,000,081 | ---- | C] () -- C:\WINDOWS\sub.ini
[2008/06/29 16:50:17 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonevalet.prf
[2008/06/29 16:48:31 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonebirdsnbees.prf
[2008/06/29 10:26:03 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonesurfing.prf
[2008/06/29 10:19:09 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezoneslots.prf
[2008/06/29 10:16:52 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonekangaboxing.prf
[2008/06/29 10:14:09 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonejanitorjoe.prf
[2008/06/29 09:53:22 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonehalloween.prf
[2008/06/29 09:46:04 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonespaceracers.prf
[2008/06/29 09:35:07 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonebugganut.prf
[2008/06/29 09:34:16 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonebugga.prf
[2008/06/29 09:13:53 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezoneslugshoot.prf
[2008/06/29 09:11:55 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonelazerburn.prf
[2008/06/29 08:58:13 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonezoogs.prf
[2008/06/29 08:57:01 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonefatboy.prf
[2008/06/29 08:52:06 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezoneeddie.prf
[2008/06/29 08:27:28 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonedownhill.prf
[2008/06/29 08:24:17 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezoneflies.prf
[2008/06/29 08:20:04 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonecatburglar.prf
[2008/06/29 08:18:34 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonecookiebumper.prf
[2008/06/29 08:10:18 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonebangbuck.prf
[2008/06/20 09:29:23 | 000,000,114 | ---- | C] () -- C:\WINDOWS\WINCHESS.INI
[2008/06/04 18:17:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2008/06/01 12:26:11 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2008/05/15 17:29:56 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2008/03/07 09:52:13 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS78.DLL
[2008/03/07 08:48:57 | 000,002,728 | ---- | C] () -- C:\WINDOWS\System32\mini_spectrum2.swf
[2007/11/23 17:07:41 | 000,001,764 | ---- | C] () -- C:\WINDOWS\EReg196.dat
[2007/08/28 14:10:43 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2007/08/28 14:10:43 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\LxrSII1s.exe
[2007/08/28 14:10:43 | 000,023,934 | ---- | C] () -- C:\WINDOWS\LxrEncVlt.ico
[2007/08/28 14:10:43 | 000,003,262 | ---- | C] () -- C:\WINDOWS\LxrSgeEnc.ico
[2007/07/03 19:50:35 | 000,000,779 | ---- | C] () -- C:\WINDOWS\TetrisPk.ini
[2007/07/03 19:47:36 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonemosaic.prf
[2007/07/03 09:25:43 | 000,000,379 | ---- | C] () -- C:\WINDOWS\HAVOC.INI
[2007/07/02 14:15:09 | 000,000,826 | ---- | C] () -- C:\WINDOWS\7THLEVEL.INI
[2007/07/02 10:47:47 | 000,000,816 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007/06/28 20:02:17 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonejigsaw.prf
[2007/06/26 19:15:36 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonecookiemusic.prf
[2007/06/26 07:27:07 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezonedidgeridoo.prf
[2007/06/25 13:39:19 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezoneminer.prf
[2007/06/21 19:09:01 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/06/21 18:21:26 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Ezoneknighty.prf
[2007/06/19 18:06:44 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Spiderman.INI
[2007/06/19 07:30:13 | 000,001,537 | ---- | C] () -- C:\WINDOWS\disney.ini
[2007/06/18 15:10:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/06/18 13:45:44 | 000,000,361 | ---- | C] () -- C:\WINDOWS\System32\QuickTime.qtp
[2007/06/18 13:44:01 | 000,000,110 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/02/04 21:03:07 | 003,072,054 | ---- | C] () -- C:\WINDOWS\wallpaper.bmp
[2007/01/03 22:15:13 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007/01/03 22:15:05 | 000,540,178 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2007/01/03 22:15:04 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/01/03 22:15:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/01/03 22:15:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/01/03 22:14:59 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/01/03 22:14:55 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006/12/25 22:21:43 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ImageItEncrypt.exe
[2006/12/25 22:19:35 | 000,000,092 | ---- | C] () -- C:\WINDOWS\GridV.UNI
[2006/12/25 22:13:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NT.INI
[2006/12/25 22:13:27 | 000,000,083 | ---- | C] () -- C:\WINDOWS\QtZgAcer.UNI
[2006/12/25 22:12:53 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\setup.iss
[2006/12/25 01:00:06 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2006/09/12 08:36:25 | 000,159,821 | ---- | C] () -- C:\WINDOWS\EMEAPAGE.EXE
[2006/09/12 08:36:25 | 000,000,084 | ---- | C] () -- C:\WINDOWS\EMEAPAGE.INI
[2006/04/12 20:52:06 | 000,000,076 | RHS- | C] () -- C:\Preload.aaa
[2006/04/12 20:46:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/04/12 20:45:58 | 000,001,158 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2006/04/12 20:45:58 | 000,000,212 | RHS- | C] () -- C:\boot.ini
[2006/04/12 20:45:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/04/12 20:45:54 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\$ncsp$.inf
[2006/04/06 20:02:18 | 000,382,260 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/04/06 20:02:16 | 000,053,838 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/04/06 19:17:48 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2006/04/06 19:17:48 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2006/04/06 19:16:48 | 000,231,984 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/04/06 19:11:52 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/04/06 19:11:32 | 000,000,050 | ---- | C] () -- C:\AUTOEXEC.BAT
[2006/04/06 19:10:46 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/04/06 19:10:46 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/04/06 19:10:46 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/04/06 19:10:46 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/04/06 18:50:26 | 000,037,462 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2006/04/06 18:47:04 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2006/04/06 18:47:04 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2006/04/06 18:47:04 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2006/04/06 18:47:04 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2006/04/06 18:47:02 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2006/04/06 18:47:02 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2006/04/06 18:47:02 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2006/04/06 18:46:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/04/06 18:45:34 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/04/06 18:44:58 | 000,000,535 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2006/03/31 18:19:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2006/03/31 18:19:42 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2006/03/22 00:12:36 | 000,027,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2006/03/10 14:15:44 | 000,036,404 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/02/22 11:20:14 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2006/02/13 16:29:26 | 000,121,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/02/08 17:44:06 | 001,114,674 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2006/02/08 17:44:06 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2006/01/25 21:48:04 | 000,006,005 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2006/01/07 14:44:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System\My Documents.exe
[2006/01/07 14:44:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ .com
[2006/01/01 03:25:08 | 000,002,095 | ---- | C] () -- C:\VirtualDJ Local Database v5.xml
[2005/12/31 08:52:51 | 000,000,935 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2005/12/24 05:21:17 | 000,000,000 | ---- | C] () -- C:\www.lilly.com
[2005/12/24 05:21:17 | 000,000,000 | ---- | C] () -- C:\Pictures from www.lilly.exe
[2005/12/23 00:47:46 | 000,056,572 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\cc_20051223_004742.reg
[2005/12/22 23:51:38 | 000,000,342 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\cc_20051222_235133.reg
[2005/12/22 20:58:01 | 000,217,948 | ---- | C] () -- C:\Documents and Settings\meh\My Documents\cc_20051222_205757.reg
[2005/12/22 02:50:46 | 000,374,940 | ---- | C] () -- C:\SERVICES_OUTPUT_INFORMATION_ABOUT_DEBUG
[2005/12/22 00:35:19 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\meh\oashdihasidhasuidhiasdhiashdiuasdhasd
[2005/12/22 00:28:12 | 000,000,840 | ---- | C] () -- C:\Documents and Settings\meh\Start Menu\Programs\Startup\WinUpdate.lnk
[2005/12/22 00:27:08 | 467,849,216 | -HS- | C] () -- C:\hiberfil.sys
[2005/12/14 20:59:52 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005/12/14 20:56:06 | 000,191,488 | ---- | C] () -- C:\WINDOWS\Acer.scr
[2005/03/28 15:45:26 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
[2004/12/17 16:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/04 05:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/13 18:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2009/11/21 18:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\meh\Application Data\Leadertech
[2010/01/13 14:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\meh\Application Data\PC Suite
[2010/01/14 14:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\meh\Application Data\Nokia
[2010/01/14 14:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\meh\Application Data\Nokia Multimedia Player
[2010/10/08 18:45:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2005/12/22 00:03:02 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C3AB96C7-64C5-4445-89DC-A3A2537A4207}.job

========== Purity Check ==========


< End of report >

Edited by pam_m, 19 January 2011 - 03:36 PM.

  • 0

Advertisements


#11
mitch8

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Your keyboard is working fine. Follow the steps in post 2 to burn the CD and this will allow you to scan with OTL. You will have to put your hard drive back into your computer.

EDIT: I see you have the OTL log posted. I will look at it and post back soon.
  • 0

#12
pam_m

pam_m

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
ok I got it to go here is the log

Edited by mitch8, 19 January 2011 - 03:42 PM.
Removed log, it is already posted

  • 0

#13
mitch8

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Hi,

Your flash drive appears to be infected. Please do not use it until we clean it later.

Boot into the OTLPE CD. Go to the internet and find this post.

Run OTL on the disc
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    DRV - File not found [Kernel | System] -- -- (zaetqvposi3)
    IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:9090
    O2 - BHO: (351631 Class) - {6A26574A-DD6D-4382-8C76-0DF06C478D3A} - File not found
    O2 - BHO: (890166 Class) - {A48FE9AC-DD02-4FF7-9211-B7BA9A2C8BF2} - File not found
    O2 - BHO: (367770 Class) - {CAD68085-8805-4FD3-AA1E-2E282ED7E7A2} - File not found
    O4 - HKLM..\Run: [8738A5] File not found
    O4 - HKLM..\Run: [Microsoft Agent] File not found
    O4 - HKLM..\Run: [Regedit32] File not found
    O4 - HKLM..\Run: [syncman] File not found
    O4 - HKLM..\Run: [ysolss] File not found
    O4 - HKU\.DEFAULT..\Run: [syncman] File not found
    O4 - HKU\S-1-5-21-551623571-147481271-2260666685-1008..\Run: [cdoosoft] File not found
    O4 - HKU\S-1-5-21-551623571-147481271-2260666685-1008..\Run: [kanef] File not found
    O4 - HKU\S-1-5-21-551623571-147481271-2260666685-1008..\Run: [PcSync] File not found
    O4 - HKU\S-1-5-21-551623571-147481271-2260666685-1008..\Run: [syncman] File not found
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\My Documents.exe ()
    O4 - Startup: C:\Documents and Settings\meh\Start Menu\Programs\Startup\8738A5.lnk = File not found
    O4 - Startup: C:\Documents and Settings\meh\Start Menu\Programs\Startup\WinUpdate.lnk = C:\Documents and Settings\meh\Application Data\Adobe\dlldrvdll21\msftstp.exe ()
    O4 - Startup: C:\Documents and Settings\Guest\Start Menu\Programs\Startup\8738A5.lnk = File not found
    O4 - Startup: C:\Documents and Settings\Guest\Start Menu\Programs\Startup\ReadMe.com ()
    F3 - HKU\.DEFAULT WinNT: Load - (C:\WINDOWS\fonts\services.exe) - File not found
    F3 - HKU\.DEFAULT WinNT: Run - (C:\WINDOWS\fonts\services.exe) - File not found
    F3 - HKU\S-1-5-21-551623571-147481271-2260666685-1008 WinNT: Load - (C:\WINDOWS\fonts\services.exe) - File not found
    F3 - HKU\S-1-5-21-551623571-147481271-2260666685-1008 WinNT: Run - (C:\WINDOWS\fonts\services.exe) - File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 05dmc = C:\DOCUME~1\meh\LOCALS~1\Temp\kyw41f.exe
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: exec = C:\WINDOWS\fonts\services.exe
    O7 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 1
    O7 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1
    O7 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O7 - HKU\S-1-5-21-551623571-147481271-2260666685-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
    O20 - HKLM Winlogon: Shell - (C:\WINDOWS/system32/SVCH0ST.EXE) - File not found
    O33 - MountPoints2\{23f33b62-72c0-11da-b089-0016366fe07f}\Shell\AutoRun\command - "" = F:\w9uxx92.exe
    O33 - MountPoints2\{23f33b62-72c0-11da-b089-0016366fe07f}\Shell\open\Command - "" = F:\w9uxx92.exe
    O33 - MountPoints2\{2a12eb3e-3844-11df-b037-0016366fe07f}\Shell - "" = AutoRun
    O33 - MountPoints2\{2a12eb3e-3844-11df-b037-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{2a12eb3e-3844-11df-b037-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{2a12eb3e-3844-11df-b037-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{2bf01712-1d35-11df-b010-0016366fe07f}\Shell - "" = AutoRun
    O33 - MountPoints2\{2bf01712-1d35-11df-b010-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{2bf01712-1d35-11df-b010-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{2bf01712-1d35-11df-b010-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{2ff5912c-2111-11df-b011-0016366fe07f}\Shell - "" = AutoRun
    O33 - MountPoints2\{2ff5912c-2111-11df-b011-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{2ff5912c-2111-11df-b011-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{2ff5912c-2111-11df-b011-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{7ffa7cba-5676-11df-b071-0016366fe07f}\Shell - "" = AutoRun
    O33 - MountPoints2\{7ffa7cba-5676-11df-b071-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{7ffa7cba-5676-11df-b071-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{7ffa7cba-5676-11df-b071-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{809a9bb8-36f6-11df-b035-0016366fe07f}\Shell - "" = AutoRun
    O33 - MountPoints2\{809a9bb8-36f6-11df-b035-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{82028094-17a0-11df-b00a-0016366fe07f}\Shell - "" = AutoRun
    O33 - MountPoints2\{82028094-17a0-11df-b00a-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{82028094-17a0-11df-b00a-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{82028094-17a0-11df-b00a-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{bb97d91a-d661-11de-afdf-0016366fe07f}\Shell - "" = AutoRun
    O33 - MountPoints2\{bb97d91a-d661-11de-afdf-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{bb97d91a-d661-11de-afdf-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{bb97d91a-d661-11de-afdf-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{cb75ef2c-3f64-11df-b03f-0016366fe07f}\Shell\AutoRun\command - "" = F:\Recycled.exe
    O33 - MountPoints2\{f8ca9f46-4b61-11df-b04e-0016366fe07f}\Shell - "" = AutoRun
    O33 - MountPoints2\{f8ca9f46-4b61-11df-b04e-0016366fe07f}\Shell\1\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{f8ca9f46-4b61-11df-b04e-0016366fe07f}\Shell\2\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\{f8ca9f46-4b61-11df-b04e-0016366fe07f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\C\Shell\AutoRun\command - "" = C:\w9uxx92.exe
    O33 - MountPoints2\C\Shell\open\Command - "" = C:\w9uxx92.exe
    O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\w9uxx92.exe
    O33 - MountPoints2\D\Shell\open\Command - "" = D:\w9uxx92.exe
    O33 - MountPoints2\F\Shell - "" = AutoRun
    O33 - MountPoints2\F\Shell\1\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\F\Shell\2\Command - "" = F:\Recycled.exe
    O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\1\Command - "" = G:\Recycled.exe
    O33 - MountPoints2\G\Shell\2\Command - "" = G:\Recycled.exe
    O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
    
    :Services
    
    :Reg
    
    :Files
    
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]
    
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Does it turn on normally? If so follow the instructions bellow.

Download ComboFix here :

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you don't know how to disable them then just continue on.

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.
  • 0

#14
pam_m

pam_m

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
combofix froze and now the keyboard and mouse are not working again :-( I could get into f8 and select last good config again but once I get to the windows log on screen it packs up again.
  • 0

#15
mitch8

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Hi,

Boot into OTLPE. See If c:\ComboFix.txt exists. If so then post it here. Run a quick scan with OTL and post that log here.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP