Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Windows XP won't boot

Started by graham179328 , Jan 19 2011 05:19 PM

This topic is locked

#1
graham179328

Posted 19 January 2011 - 05:19 PM

Member

Member
29 posts

I have a Dell Dimension E520. Windows XP won’t boot. It goes through the Dell screen, then the black screen that says Serial ATA…, then black screen with blue bar that says Dell, then finally the Windows XP screen and the loop starts all over again. Also won't power down, have to unplug.

Please help.

Edited by graham179328, 19 January 2011 - 05:19 PM.

#2
Salagubang

Posted 26 January 2011 - 12:19 AM

Trusted Helper

Malware Removal
3,891 posts

Hi graham179328,

Welcome to Geekstogo. My name is Salagubang and I'll be helping you with this problem.

Please read all of my response through at least once before attempting to follow the procedures described. I would recommend printing them out, if you can, as you can check off each step as you complete it. If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you
English is not my first language, so please do not use slang or idioms, as this makes it difficult to understand for me.

Step One

Restart your computer with Automatic Restart on System Failure disabled

You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
Use your up arrow key to highlight "Disable Automatic Restart on System Failure" then hit enter.
If windows failed to boot, windows will not restart and will show a blue screen indicating the source of the error as shown in the example below
Copy the technical information (as shown in the above example enclosed in red boxes) and post it on your next response.

Step Two

On the clean computer.

Download the attached Scan.txt and save it to your USB stick.
scan.txt 377bytes 217 downloads
Download OTLPENet.exe to your desktop
Ensure that you have a blank CD in the drive
Double click OTLPENet.exe and this will then open imgburn to burn the file to CD

On the infected computer.

Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
Double-click on the OTLPE icon.
Select the Windows folder of the infected drive if it asks for a location
When asked "Do you wish to load the remote registry", select Yes
When asked "Do you wish to load remote user profile(s) for scanning", select Yes
Ensure the box "Automatically Load All Remaining Users" is checked and press OK
OTL should now start.
Double click Custom scans and fixes box, a dialogue box will appear. Choose the scan.txt saved previously on your USB drive.
Press Run Scan to start the scan.
When finished, the file will be saved in drive C:\OTL.txt
Copy this file to your USB drive if you do not have internet connection on this system.
Right click the file and select send to : select the USB drive.
Confirm that it has copied to the USB drive by selecting it
You can backup any files that you wish from this OS
Please post the contents of the C:\OTL.txt file in your reply.

#3
graham179328

Posted 27 January 2011 - 08:37 PM

Member

Topic Starter
Member
29 posts

Technical information:

STOP: 0X0000007B (0XBA4CB524, 0XC0000034, 0X00000000, 0X00000000)

and OTL.txt file:

OTL logfile created on: 1/27/2011 3:14:14 AM - Run
OTLPE by OldTimer - Version 3.1.44.1 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.77 Gb Total Space | 160.52 Gb Free Space | 69.86% Space Free | Partition Type: NTFS
Drive H: | 1.88 Gb Total Space | 1.88 Gb Free Space | 100.00% Space Free | Partition Type: FAT
Drive X: | 436.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [On_Demand] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/02/19 08:34:32 | 000,233,472 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/08/24 08:42:50 | 001,245,064 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/08/04 10:20:16 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/04/07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/02/21 17:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/22 03:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2005/12/12 14:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) [Auto] -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (bvrp_pci)
DRV - [2010/06/13 18:59:18 | 000,052,736 | ---- | M] () [Kernel | Disabled] -- C:\WINDOWS\PRAGMAxylnostyci\PRAGMAd.sys -- (PRAGMAxylnostyci)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/10 03:00:00 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100613.018\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/05/10 03:00:00 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100613.018\NAVENG.SYS -- (NAVENG)
DRV - [2009/11/19 22:02:58 | 000,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100604.001\SymIDSco.sys -- (SYMIDSCO)
DRV - [2009/02/19 11:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 000,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 000,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/02/19 08:34:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/01/09 06:25:06 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/09/05 13:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/31 20:51:16 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 20:51:16 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 20:51:16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/09/17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/08 19:39:56 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/06/09 11:30:48 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\iastor.sys -- (iaStor)
DRV - [2007/01/25 12:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2006/11/29 00:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\APLMp50.sys -- (APLMp50)
DRV - [2006/07/24 09:20:00 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/07/19 14:42:16 | 000,230,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2006/06/07 14:08:58 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/06/05 02:39:56 | 000,024,064 | ---- | M] (Intel Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006/01/10 10:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/12 02:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/09/08 04:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 04:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 04:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 04:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 04:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 04:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 04:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 11:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 11:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 04:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/04/07 16:18:34 | 000,003,840 | ---- | M] () [Kernel | System] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2004/08/04 05:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/04 05:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2004/08/04 05:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2004/08/04 05:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2004/08/04 05:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004/08/04 05:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2004/08/04 05:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2004/08/04 05:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2004/08/04 05:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2004/08/04 05:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2004/08/04 05:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2004/08/04 05:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2004/08/04 05:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2004/08/04 05:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2004/08/04 05:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2004/08/04 05:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2004/08/03 23:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/03 21:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/11/17 13:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 13:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 13:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jim_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\JJ_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\JJ_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\JJ_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\JJ_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\JJ_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Melissa_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Melissa_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/30 19:15:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/07 15:34:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/08 16:10:54 | 000,000,000 | ---D | M]

[2009/01/21 06:30:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Extensions
[2009/01/21 06:30:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\xad2nuvb.default\extensions
[2010/06/13 10:40:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/11/30 19:15:31 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD
[2009/03/31 21:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2009/12/13 01:35:11 | 000,000,909 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\JJ_ON_C\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\Melissa_ON_C\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\Jim_ON_C..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jim_ON_C..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\JJ_ON_C..\Run: [Internet Security 2010] File not found
O4 - HKU\Melissa_ON_C..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\Melissa_ON_C..\Run: [Defense Center] C:\Program Files\Defense Center\defcnt.exe ()
O4 - HKU\Melissa_ON_C..\Run: [Microsoft Works Update Detection] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\Jim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JJ_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JJ_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Melissa_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Melissa_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {76A2A0AB-38B7-46DB-8E47-F10CDE4D7920} http://aerial.leepa....plugins/NCS.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.74.166 68.87.68.166
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ComPlusSetup: DllName - C:\WINDOWS\system32\catsrvut.dll - C:\WINDOWS\system32\catsrvut.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{3eec293f-e7b1-11dd-8ff3-0019d14f44ea}\Shell - "" = AutoRun
O33 - MountPoints2\{3eec293f-e7b1-11dd-8ff3-0019d14f44ea}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3eec293f-e7b1-11dd-8ff3-0019d14f44ea}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/01/15 14:58:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2011/01/15 03:51:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/01/15 03:51:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/01/15 03:51:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/01/15 03:51:00 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/01/15 03:51:00 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/01/15 03:51:00 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/01/15 03:50:59 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/01/15 03:50:59 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/01/15 03:50:58 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/01/15 03:50:58 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/01/15 03:50:58 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/01/15 03:50:56 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/01/15 03:50:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/01/15 03:50:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/01/15 03:50:54 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/01/15 03:50:54 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/01/15 03:50:54 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/01/15 03:50:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/01/15 03:50:54 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/01/15 03:50:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/01/15 03:50:53 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/01/15 03:50:53 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/01/15 03:50:51 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/01/15 03:50:50 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/01/15 03:50:49 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2011/01/15 03:50:49 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2011/01/15 03:50:49 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2011/01/15 03:50:49 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/01/15 03:50:49 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2011/01/15 03:50:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/01/15 03:50:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2011/01/15 03:50:48 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2011/01/15 03:50:48 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2011/01/15 03:50:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2011/01/15 03:50:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/01/15 03:50:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/01/15 03:50:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/01/15 03:50:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/01/15 03:50:47 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2011/01/15 03:50:47 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/01/15 03:50:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/01/15 03:50:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/01/15 03:50:47 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/01/15 03:50:47 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/01/15 03:50:47 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/01/15 03:50:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/01/15 03:50:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/01/15 03:50:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/01/15 03:50:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/01/15 03:50:46 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/01/15 03:50:46 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/01/15 03:50:46 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/01/15 03:50:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/01/15 03:50:43 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/01/15 03:50:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/01/15 03:50:42 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/01/15 03:50:42 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/01/15 03:50:42 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/01/15 03:50:42 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2011/01/15 03:50:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2011/01/15 03:50:40 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/01/15 03:50:40 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/01/15 03:50:38 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2011/01/15 03:50:38 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2011/01/15 03:50:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/01/15 03:50:38 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/01/15 03:50:36 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/01/15 03:50:36 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plugin.ocx
[2011/01/15 03:50:36 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/01/15 03:50:36 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/01/15 03:50:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/01/15 03:50:35 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/01/15 03:50:35 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2011/01/15 03:50:35 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/01/15 03:50:35 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/01/15 03:50:34 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/01/15 03:50:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2011/01/15 03:50:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2011/01/15 03:50:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/01/15 03:50:31 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/01/15 03:50:28 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/01/15 03:50:28 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2011/01/15 03:50:25 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/01/15 03:50:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/01/15 03:50:20 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/01/15 03:50:20 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/01/15 03:50:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2011/01/15 03:50:19 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/01/15 03:50:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2011/01/15 03:50:18 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2011/01/15 03:50:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2011/01/15 03:50:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/01/15 03:50:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/01/15 03:50:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/01/15 03:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/01/15 03:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/01/15 03:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/01/15 03:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/01/15 03:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/01/15 03:50:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/01/15 03:50:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/01/15 03:50:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/01/15 03:50:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2011/01/15 03:50:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2011/01/15 03:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/01/15 03:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/01/15 03:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/01/15 03:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/01/15 03:50:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2011/01/15 03:50:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/01/15 03:50:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/01/15 03:50:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2011/01/15 03:50:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2011/01/15 03:50:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/01/15 03:50:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2011/01/15 03:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/01/15 03:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/01/15 03:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/01/15 03:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/01/15 03:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/01/15 03:50:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/01/15 03:50:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/01/15 03:50:12 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/01/15 03:50:11 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2011/01/15 03:50:10 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/01/15 03:50:10 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/01/15 03:50:10 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/01/15 03:50:10 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2011/01/15 03:50:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/01/15 03:50:09 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/01/15 03:50:09 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/01/15 03:50:09 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2011/01/15 03:50:09 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2011/01/15 03:50:09 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/01/15 03:50:09 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/01/15 03:50:09 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/01/15 03:50:09 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/01/15 03:50:09 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/01/15 03:50:08 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/01/15 03:50:08 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/01/15 03:50:08 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2011/01/15 03:50:08 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/01/15 03:50:08 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/01/15 03:50:08 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/01/15 03:50:08 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2011/01/15 03:50:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/01/15 03:50:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/01/15 03:50:06 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/01/15 03:50:03 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/01/15 03:50:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2011/01/15 03:50:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/01/15 03:50:00 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2011/01/15 03:50:00 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2011/01/15 03:50:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/01/15 03:49:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/01/15 03:49:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/01/15 03:49:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2011/01/15 03:49:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2011/01/15 03:49:58 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2011/01/15 03:49:58 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/01/15 03:49:58 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/01/15 03:49:58 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/01/15 03:49:58 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/01/15 03:49:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2011/01/15 03:49:52 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2011/01/15 03:49:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/01/15 03:49:50 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2011/01/15 03:49:49 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/01/15 03:49:49 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/01/15 03:49:49 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/01/15 03:49:49 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/01/15 03:49:49 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/01/15 03:49:49 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/01/15 03:49:48 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/01/15 03:49:48 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2011/01/15 03:49:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/01/15 03:49:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/01/15 03:49:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/01/15 03:49:48 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/01/15 03:49:47 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2011/01/15 03:49:47 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/01/15 03:49:47 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/01/15 03:49:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/01/15 03:49:38 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2011/01/15 03:49:38 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2011/01/15 03:49:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/01/15 03:49:32 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2011/01/15 03:49:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2011/01/15 03:49:31 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2011/01/15 03:49:31 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2011/01/15 03:49:27 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2011/01/15 03:49:27 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2011/01/15 03:49:27 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2011/01/15 03:49:27 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2011/01/15 03:49:26 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2011/01/15 03:49:26 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2011/01/15 03:49:26 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2011/01/15 03:49:26 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2011/01/15 03:49:26 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2011/01/15 03:49:26 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2011/01/15 03:49:26 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2011/01/15 03:49:26 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2011/01/15 03:49:26 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2011/01/15 03:49:26 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2011/01/15 03:49:25 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2011/01/15 03:49:25 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2011/01/15 03:49:25 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2011/01/15 03:49:25 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2011/01/15 03:49:24 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2011/01/15 03:49:24 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2011/01/15 03:49:24 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2011/01/15 03:49:02 | 000,000,000 | ---D | C] -- C:\294d2075ea3213fc2ffb
[2011/01/15 03:48:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/01/15 03:17:59 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/01/15 03:17:59 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/01/15 03:17:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/01/15 03:17:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/01/15 02:55:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2011/01/15 02:02:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood.Tmp
[2005/05/11 22:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/15 12:13:21 | 000,247,904 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/15 03:53:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/15 03:53:39 | 000,000,287 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/01/15 03:52:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/15 03:48:46 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/01/15 03:48:45 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/01/15 03:48:45 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/01/15 03:48:38 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/01/15 03:47:11 | 000,023,428 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/01/15 03:47:06 | 000,443,900 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/01/15 03:47:06 | 000,072,572 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/01/15 03:46:40 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/01/15 03:46:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/01/15 03:45:08 | 000,003,292 | ---- | M] () -- C:\WINDOWS\System32\$WINNT$.PNF
[2011/01/15 03:21:58 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2011/01/15 03:16:16 | 3219,038,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/15 03:01:50 | 000,004,878 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/01/15 02:57:11 | 000,420,013 | ---- | M] () -- C:\WINDOWS\setupapi.old
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/15 03:50:35 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/01/15 03:50:17 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/01/15 03:50:10 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/01/15 03:50:09 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/01/15 03:50:08 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/01/15 03:50:04 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/01/15 03:50:02 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/01/15 03:50:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/01/15 03:49:49 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/01/15 03:45:08 | 000,003,292 | ---- | C] () -- C:\WINDOWS\System32\$WINNT$.PNF
[2011/01/15 03:17:54 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/01/15 03:17:54 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2011/01/15 03:17:54 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/01/15 03:17:54 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/01/15 03:17:54 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2011/01/15 03:17:54 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/01/15 03:17:54 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/01/15 03:17:54 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2011/01/15 03:17:54 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/01/15 03:17:54 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/01/15 03:17:54 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2011/01/15 03:17:54 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/01/15 03:17:54 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/01/15 03:17:54 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/01/15 03:17:54 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/01/15 03:17:53 | 000,382,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/01/15 02:02:32 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011/01/15 02:01:54 | 000,420,013 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2010/06/01 18:09:10 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/06/01 18:09:10 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/06/01 18:08:29 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Melissa\Application Data\$_hpcst$.hpc
[2009/10/27 17:47:36 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\JJ\Local Settings\Application Data\fusioncache.dat
[2009/10/27 17:47:32 | 000,263,168 | ---- | C] () -- C:\Documents and Settings\JJ\TRANSFORMS=1033.mst
[2009/06/19 19:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/12/20 11:56:22 | 000,000,400 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/10/16 19:13:58 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2008/02/04 17:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/11/10 14:56:09 | 000,000,187 | ---- | C] () -- C:\WINDOWS\sc.INI
[2007/11/10 13:52:52 | 000,000,137 | ---- | C] () -- C:\WINDOWS\ae_mini.INI
[2007/11/10 13:49:25 | 000,000,019 | ---- | C] () -- C:\WINDOWS\1stsr.INI
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/09/07 22:17:41 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2007/09/02 21:00:56 | 000,000,140 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/09/02 15:33:34 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Melissa\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/09/01 16:14:56 | 001,936,528 | ---- | C] () -- C:\WINDOWS\System32\ltmm15.dll
[2007/08/31 23:11:03 | 000,000,067 | ---- | C] () -- C:\WINDOWS\StationRipper.INI
[2007/06/16 12:23:33 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\fusioncache.dat
[2007/06/16 12:23:32 | 000,263,168 | ---- | C] () -- C:\Documents and Settings\Jim\TRANSFORMS=1033.mst
[2007/06/14 12:28:49 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007/06/14 12:28:17 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/06/14 12:20:50 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/06/14 11:47:09 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7Q.DLL
[2007/06/13 20:00:42 | 000,263,168 | ---- | C] () -- C:\Documents and Settings\Melissa\TRANSFORMS=1033.mst
[2007/06/13 20:00:42 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Melissa\Local Settings\Application Data\fusioncache.dat
[2007/06/13 20:00:16 | 000,263,168 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\TRANSFORMS=1033.mst
[2007/06/13 20:00:16 | 000,000,128 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat
[2007/06/09 11:38:25 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/06/09 11:32:35 | 000,000,500 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/06/09 11:09:36 | 000,001,122 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/03/09 02:12:32 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/03/06 04:14:48 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/01/25 12:31:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/11/10 00:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 05:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 05:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

========== LOP Check ==========

[2009/12/12 00:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ\Application Data\GetRightToGo
[2009/12/04 13:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ\Application Data\IObit
[2009/11/05 11:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ\Application Data\TuneUp Software
[2009/11/05 12:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2009/04/24 18:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Canon
[2009/09/21 19:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Command & Conquer 3 Tiberium Wars
[2010/04/21 16:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Facebook
[2007/09/01 16:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\GetRightToGo
[2008/01/10 06:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\GlarySoft
[2007/06/14 12:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Hot Keyboard
[2009/03/16 14:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\IObit
[2009/11/28 20:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\iWin
[2007/07/14 19:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Leadertech
[2009/09/08 15:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\NationRed
[2009/08/31 08:56:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\NewSoft
[2010/06/01 18:10:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\PC Suite
[2010/06/01 18:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Samsung
[2007/06/14 12:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\ScanSoft
[2009/11/30 17:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\TuneUp Software
[2009/10/10 17:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\uTorrent
[2009/05/11 15:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\webex
[2010/06/10 17:35:44 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2010/06/08 09:45:49 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job

========== Purity Check ==========

========== Custom Scans ==========

< MD5 for: EXPLORER.EXE >
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2004/08/04 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: SVCHOST.EXE >
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
[2004/08/04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2004/08/10 12:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/01/15 03:46:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/01/15 14:45:36 | 000,021,840 | ---- | M] () -- C:\bootex.log
[2004/08/10 12:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/06/09 11:12:12 | 000,006,774 | RH-- | M] () -- C:\dell.sdr
[2011/01/15 03:16:16 | 3219,038,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/15 03:21:58 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/10 12:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2009/04/08 22:04:04 | 000,000,370 | -H-- | M] () -- C:\IPH.PH
[2004/08/10 12:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 04:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/05/31 23:38:06 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/01/15 03:16:14 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/02/01 19:31:33 | 000,042,803 | ---- | M] () -- C:\TaxReturn.pdf
[2007/06/29 19:10:16 | 000,000,027 | ---- | M] () -- C:\wizard.txt

< %systemroot%\*. /mp /s >

< c:\windows\minidump\*.* >

< CREATERESTOREPOINT >

< %systemroot%\System32\config\*.sav >
[2011/01/14 22:14:25 | 004,112,384 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011/01/15 03:01:57 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2011/01/14 22:14:25 | 043,515,904 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011/01/14 22:14:25 | 002,936,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< c:\system volume information|_REGISTRY_MACHINE_SYSTEM;true;true;true /FP >
[2010/03/16 10:52:25 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1020\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/17 11:52:25 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1021\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/18 14:50:21 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1022\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/19 15:53:32 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1023\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/20 16:49:31 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1024\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/21 18:03:24 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1025\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/22 18:06:19 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1026\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/23 18:42:57 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1027\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/24 18:50:41 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1028\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/25 19:25:55 | 006,127,616 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1029\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/26 19:35:41 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1030\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/27 20:35:40 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1031\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/29 15:52:00 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1032\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/30 16:40:26 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1033\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/31 06:00:13 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1034\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/01 06:33:20 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1035\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/02 07:21:19 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1036\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/03 15:20:44 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1037\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/04 15:53:31 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1038\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/05 16:53:31 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1039\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/06 17:05:30 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1040\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/07 15:26:14 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1041\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/07 15:26:54 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1042\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/08 16:19:50 | 006,135,808 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1043\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/09 17:07:50 | 006,135,808 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1044\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/10 18:07:52 | 006,135,808 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1045\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/11 19:43:38 | 006,135,808 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1046\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/12 20:45:22 | 006,135,808 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1047\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/13 17:20:56 | 006,152,192 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1048\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/14 18:03:50 | 006,139,904 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1049\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/15 18:22:36 | 006,168,576 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1050\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/17 11:39:58 | 006,176,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1051\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/20 18:58:43 | 006,176,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1052\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/21 15:45:50 | 006,176,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1053\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/22 17:12:53 | 006,180,864 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1054\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/23 17:25:25 | 006,180,864 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1055\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/24 18:14:21 | 006,180,864 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1056\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/26 20:54:00 | 006,184,960 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1057\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/27 05:35:17 | 006,184,960 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1058\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/27 05:38:50 | 006,184,960 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1059\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/27 05:39:24 | 006,184,960 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1060\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/27 05:39:59 | 006,184,960 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1061\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/28 06:03:32 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1062\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/29 06:15:31 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1063\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/30 07:15:32 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1064\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/03 20:38:51 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1065\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/04 21:14:47 | 006,201,344 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1066\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/05 21:15:12 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1067\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/06 21:40:22 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1068\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/08 05:53:08 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1069\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/09 06:41:54 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1070\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/10 07:41:53 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1071\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/11 07:54:23 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1072\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/12 08:53:54 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1073\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/13 06:00:14 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1074\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/14 06:53:53 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1075\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/15 14:48:30 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1076\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/16 16:36:24 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1077\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/17 17:25:18 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1078\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/18 18:19:23 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1079\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/19 18:37:28 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1080\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/20 19:07:02 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1081\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/21 19:10:51 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1082\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/22 12:36:28 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1083\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/23 13:07:02 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1084\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/24 13:55:01 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1085\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/25 14:07:15 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1086\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/26 06:00:13 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1087\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/27 06:55:26 | 006,225,920 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1088\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/28 08:09:16 | 006,225,920 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1089\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/29 08:35:55 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1090\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/30 09:09:55 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1091\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/31 09:21:54 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1092\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/01 10:35:20 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1093\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/01 18:07:42 | 006,201,344 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1094\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/02 16:29:17 | 006,266,880 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1095\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/03 17:21:50 | 006,266,880 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1096\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/04 06:00:13 | 006,266,880 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1097\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/05 06:35:51 | 006,303,744 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1098\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/06 07:21:50 | 006,303,744 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1099\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/07 08:21:50 | 006,303,744 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1100\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/08 08:35:10 | 006,352,896 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1101\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/09 15:54:03 | 006,324,224 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1102\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/10 14:00:08 | 006,324,224 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1103\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/11 14:12:48 | 006,324,224 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1104\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/12 15:14:42 | 006,324,224 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1105\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/13 16:29:36 | 006,324,224 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1106\snapshot\_REGISTRY_MACHINE_SYSTEM

< c:\system volume information|_REGISTRY_MACHINE_SOFTWARE;true;true;true /FP >
[2010/03/16 10:52:25 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1020\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/17 11:52:25 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1021\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/18 14:50:20 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1022\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/19 15:53:32 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1023\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/20 16:49:31 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1024\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/21 18:03:23 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1025\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/22 18:06:19 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1026\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/23 18:42:57 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1027\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/24 18:50:41 | 043,311,104 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1028\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/25 19:25:55 | 043,110,400 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1029\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/26 19:35:40 | 043,110,400 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1030\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/27 20:35:40 | 043,110,400 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1031\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/29 15:52:00 | 043,114,496 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1032\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/30 16:40:25 | 043,114,496 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1033\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/31 06:00:13 | 043,114,496 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1034\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/01 06:33:20 | 043,139,072 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1035\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/02 07:21:19 | 043,139,072 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1036\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/03 15:20:43 | 043,139,072 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1037\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/04 15:53:31 | 043,143,168 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1038\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/05 16:53:31 | 043,143,168 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1039\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/06 17:05:30 | 043,143,168 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1040\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/07 15:26:14 | 043,143,168 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1041\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/07 15:26:54 | 043,143,168 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1042\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/08 16:19:50 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1043\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/09 17:07:50 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1044\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/10 18:07:52 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1045\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/11 19:43:37 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1046\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/12 20:45:22 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1047\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/13 17:20:56 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1048\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/14 18:03:49 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1049\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/15 18:22:36 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1050\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/17 11:39:55 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1051\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/20 18:58:42 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1052\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/21 15:45:50 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1053\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/22 17:12:53 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1054\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/23 17:25:25 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1055\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/24 18:14:20 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1056\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/26 20:54:00 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1057\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/27 05:35:17 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1058\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/27 05:38:50 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1059\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/27 05:39:24 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1060\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/27 05:39:58 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1061\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/28 06:03:31 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1062\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/29 06:15:30 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1063\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/30 07:15:31 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1064\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/03 20:38:51 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1065\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/04 21:14:46 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1066\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/05 21:15:12 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1067\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/06 21:40:22 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1068\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/08 05:53:08 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1069\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/09 06:41:54 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1070\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/10 07:41:52 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1071\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/11 07:54:23 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1072\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/12 08:53:54 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1073\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/13 06:00:14 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1074\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/14 06:53:52 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1075\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/15 14:48:29 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1076\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/16 16:36:23 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1077\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/17 17:25:17 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1078\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/18 18:19:22 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1079\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/19 18:37:28 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1080\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/20 19:07:01 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1081\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/21 19:10:51 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1082\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/22 12:36:27 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1083\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/23 13:07:01 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1084\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/24 13:55:01 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1085\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/25 14:07:15 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1086\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/26 06:00:13 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1087\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/27 06:55:25 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1088\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/28 08:09:16 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1089\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/29 08:35:54 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1090\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/30 09:09:54 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1091\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/31 09:21:54 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1092\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/01 10:35:20 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1093\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/01 18:07:42 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1094\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/02 16:29:17 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1095\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/03 17:21:50 | 043,425,792 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1096\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/04 06:00:13 | 043,425,792 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1097\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/05 06:35:51 | 043,573,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1098\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/06 07:21:50 | 043,573,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1099\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/07 08:21:50 | 043,573,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1100\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/08 08:35:10 | 043,573,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1101\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/09 15:54:03 | 043,581,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1102\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/10 14:00:08 | 043,581,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1103\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/11 14:12:47 | 043,794,432 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1104\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/12 15:14:42 | 043,794,432 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1105\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/13 16:29:36 | 043,794,432 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1106\snapshot\_REGISTRY_MACHINE_SOFTWARE

< End of report >

Thank you.

#4
Salagubang

Posted 27 January 2011 - 08:52 PM

Trusted Helper

Malware Removal
3,891 posts

Step One

Start OTLPE as you did previously from CD
Copy the attached Fix.txt to a USB

fix.txt 351bytes 218 downloads

Insert your USB drive with fix.txt on it
Start OTLPE
Drag and drop fix.txt into the Custom scans and fixes box
If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done to normal mode if possible
Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

Step Two

1. Insert your Windows XP CD into your CD and assure that your CD-ROM drive is capable of booting the CD.
2. Once you have booted from CD, do NOT select the option that states: Press F2 to initiate the Automated System Recovery (ASR) tool.
You’re going to proceed until you see the following screen, at which point you will press the “R” key to enter the recovery console:

Posted Image

3. After you have selected the appropriate option from step two, you will be prompted to select a valid Windows installation (typically number “1?).
Select the installation number, and hit Enter.
If there is an administrator password for the administrator account, enter it and hit Enter (if asked for the password, and you don't know it, you're out of luck).
You will be greeted with this screen, which indicates a recovery console at the ready:

Posted Image

4. In the command prompt type:

fixboot

5. Type "exit " to exit and then attempt to restart computer normally.

#5
graham179328

Posted 27 January 2011 - 11:43 PM

Member

Topic Starter
Member
29 posts

System is still looping with the reboot, here is the OTL:

OTL logfile created on: 1/27/2011 6:22:57 AM - Run
OTLPE by OldTimer - Version 3.1.44.1 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.77 Gb Total Space | 162.92 Gb Free Space | 70.91% Space Free | Partition Type: NTFS
Drive D: | 1.88 Gb Total Space | 1.88 Gb Free Space | 99.98% Space Free | Partition Type: FAT
Drive X: | 436.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [On_Demand] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/02/19 08:34:32 | 000,233,472 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/08/24 08:42:50 | 001,245,064 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/08/04 10:20:16 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/04/07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/02/21 17:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/22 03:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2005/12/12 14:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) [Auto] -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (bvrp_pci)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/10 03:00:00 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100613.018\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/05/10 03:00:00 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100613.018\NAVENG.SYS -- (NAVENG)
DRV - [2009/11/19 22:02:58 | 000,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100604.001\SymIDSco.sys -- (SYMIDSCO)
DRV - [2009/02/19 11:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 000,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 000,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/02/19 08:34:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/01/09 06:25:06 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/09/05 13:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/31 20:51:16 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 20:51:16 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 20:51:16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/09/17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/08 19:39:56 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/06/09 11:30:48 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\iastor.sys -- (iaStor)
DRV - [2007/01/25 12:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2006/11/29 00:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\APLMp50.sys -- (APLMp50)
DRV - [2006/07/24 09:20:00 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/07/19 14:42:16 | 000,230,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2006/06/07 14:08:58 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/06/05 02:39:56 | 000,024,064 | ---- | M] (Intel Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006/01/10 10:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/12 02:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/09/08 04:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 04:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 04:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 04:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 04:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 04:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 04:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 11:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 11:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 04:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/04/07 16:18:34 | 000,003,840 | ---- | M] () [Kernel | System] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2004/08/04 05:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/04 05:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2004/08/04 05:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2004/08/04 05:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2004/08/04 05:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004/08/04 05:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2004/08/04 05:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2004/08/04 05:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2004/08/04 05:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2004/08/04 05:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2004/08/04 05:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2004/08/04 05:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2004/08/04 05:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2004/08/04 05:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2004/08/04 05:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2004/08/04 05:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2004/08/03 23:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/03 21:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/11/17 13:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 13:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 13:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jim_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\JJ_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\JJ_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\JJ_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\JJ_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\JJ_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Melissa_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Melissa_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/30 19:15:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/07 15:34:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/08 16:10:54 | 000,000,000 | ---D | M]

[2009/01/21 06:30:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Extensions
[2009/01/21 06:30:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\xad2nuvb.default\extensions
[2010/06/13 10:40:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/11/30 19:15:31 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD
[2009/03/31 21:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2011/01/27 06:17:58 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\JJ_ON_C\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\Melissa_ON_C\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\Jim_ON_C..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jim_ON_C..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\Melissa_ON_C..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\Melissa_ON_C..\Run: [Defense Center] C:\Program Files\Defense Center\defcnt.exe ()
O4 - HKU\Melissa_ON_C..\Run: [Microsoft Works Update Detection] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\Jim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JJ_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JJ_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Melissa_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Melissa_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {76A2A0AB-38B7-46DB-8E47-F10CDE4D7920} http://aerial.leepa....plugins/NCS.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.74.166 68.87.68.166
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ComPlusSetup: DllName - C:\WINDOWS\system32\catsrvut.dll - C:\WINDOWS\system32\catsrvut.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{3eec293f-e7b1-11dd-8ff3-0019d14f44ea}\Shell - "" = AutoRun
O33 - MountPoints2\{3eec293f-e7b1-11dd-8ff3-0019d14f44ea}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3eec293f-e7b1-11dd-8ff3-0019d14f44ea}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/27 05:45:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/01/15 14:58:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2011/01/15 03:51:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/01/15 03:51:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/01/15 03:51:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/01/15 03:51:00 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/01/15 03:51:00 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/01/15 03:51:00 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/01/15 03:50:59 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/01/15 03:50:59 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/01/15 03:50:58 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/01/15 03:50:58 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/01/15 03:50:58 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/01/15 03:50:56 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/01/15 03:50:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/01/15 03:50:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/01/15 03:50:54 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/01/15 03:50:54 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/01/15 03:50:54 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/01/15 03:50:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/01/15 03:50:54 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/01/15 03:50:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/01/15 03:50:53 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/01/15 03:50:53 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/01/15 03:50:51 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/01/15 03:50:50 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/01/15 03:50:49 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2011/01/15 03:50:49 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2011/01/15 03:50:49 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2011/01/15 03:50:49 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/01/15 03:50:49 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2011/01/15 03:50:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/01/15 03:50:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2011/01/15 03:50:48 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2011/01/15 03:50:48 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2011/01/15 03:50:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2011/01/15 03:50:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/01/15 03:50:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/01/15 03:50:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/01/15 03:50:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/01/15 03:50:47 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2011/01/15 03:50:47 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/01/15 03:50:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/01/15 03:50:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/01/15 03:50:47 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/01/15 03:50:47 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/01/15 03:50:47 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/01/15 03:50:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/01/15 03:50:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/01/15 03:50:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/01/15 03:50:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/01/15 03:50:46 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/01/15 03:50:46 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/01/15 03:50:46 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/01/15 03:50:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/01/15 03:50:43 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/01/15 03:50:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/01/15 03:50:42 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/01/15 03:50:42 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/01/15 03:50:42 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/01/15 03:50:42 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2011/01/15 03:50:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2011/01/15 03:50:40 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/01/15 03:50:40 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/01/15 03:50:38 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2011/01/15 03:50:38 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2011/01/15 03:50:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/01/15 03:50:38 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/01/15 03:50:36 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/01/15 03:50:36 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plugin.ocx
[2011/01/15 03:50:36 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/01/15 03:50:36 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/01/15 03:50:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/01/15 03:50:35 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/01/15 03:50:35 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2011/01/15 03:50:35 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/01/15 03:50:35 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/01/15 03:50:34 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/01/15 03:50:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2011/01/15 03:50:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2011/01/15 03:50:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/01/15 03:50:31 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/01/15 03:50:28 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/01/15 03:50:28 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2011/01/15 03:50:25 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/01/15 03:50:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/01/15 03:50:20 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/01/15 03:50:20 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/01/15 03:50:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2011/01/15 03:50:19 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/01/15 03:50:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2011/01/15 03:50:18 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2011/01/15 03:50:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2011/01/15 03:50:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/01/15 03:50:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/01/15 03:50:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/01/15 03:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/01/15 03:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/01/15 03:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/01/15 03:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/01/15 03:50:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/01/15 03:50:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/01/15 03:50:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/01/15 03:50:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/01/15 03:50:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2011/01/15 03:50:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2011/01/15 03:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/01/15 03:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/01/15 03:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/01/15 03:50:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/01/15 03:50:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2011/01/15 03:50:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/01/15 03:50:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/01/15 03:50:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/01/15 03:50:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2011/01/15 03:50:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2011/01/15 03:50:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/01/15 03:50:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2011/01/15 03:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/01/15 03:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/01/15 03:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/01/15 03:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/01/15 03:50:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/01/15 03:50:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/01/15 03:50:13 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/01/15 03:50:12 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/01/15 03:50:11 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2011/01/15 03:50:10 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/01/15 03:50:10 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/01/15 03:50:10 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/01/15 03:50:10 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2011/01/15 03:50:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/01/15 03:50:09 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/01/15 03:50:09 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/01/15 03:50:09 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2011/01/15 03:50:09 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2011/01/15 03:50:09 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/01/15 03:50:09 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/01/15 03:50:09 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/01/15 03:50:09 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/01/15 03:50:09 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/01/15 03:50:08 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/01/15 03:50:08 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/01/15 03:50:08 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2011/01/15 03:50:08 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/01/15 03:50:08 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/01/15 03:50:08 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/01/15 03:50:08 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2011/01/15 03:50:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/01/15 03:50:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/01/15 03:50:06 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/01/15 03:50:03 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/01/15 03:50:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2011/01/15 03:50:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/01/15 03:50:00 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2011/01/15 03:50:00 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2011/01/15 03:50:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/01/15 03:49:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/01/15 03:49:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/01/15 03:49:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2011/01/15 03:49:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2011/01/15 03:49:58 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2011/01/15 03:49:58 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/01/15 03:49:58 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/01/15 03:49:58 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/01/15 03:49:58 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/01/15 03:49:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2011/01/15 03:49:52 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2011/01/15 03:49:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/01/15 03:49:50 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2011/01/15 03:49:49 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/01/15 03:49:49 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/01/15 03:49:49 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/01/15 03:49:49 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/01/15 03:49:49 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/01/15 03:49:49 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/01/15 03:49:48 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/01/15 03:49:48 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2011/01/15 03:49:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/01/15 03:49:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/01/15 03:49:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/01/15 03:49:48 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/01/15 03:49:47 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2011/01/15 03:49:47 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/01/15 03:49:47 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/01/15 03:49:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/01/15 03:49:38 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2011/01/15 03:49:38 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2011/01/15 03:49:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2011/01/15 03:49:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/01/15 03:49:32 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2011/01/15 03:49:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2011/01/15 03:49:31 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2011/01/15 03:49:31 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2011/01/15 03:49:27 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2011/01/15 03:49:27 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2011/01/15 03:49:27 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2011/01/15 03:49:27 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2011/01/15 03:49:26 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2011/01/15 03:49:26 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2011/01/15 03:49:26 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2011/01/15 03:49:26 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2011/01/15 03:49:26 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2011/01/15 03:49:26 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2011/01/15 03:49:26 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2011/01/15 03:49:26 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2011/01/15 03:49:26 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2011/01/15 03:49:26 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2011/01/15 03:49:25 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2011/01/15 03:49:25 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2011/01/15 03:49:25 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2011/01/15 03:49:25 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2011/01/15 03:49:24 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2011/01/15 03:49:24 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2011/01/15 03:49:24 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2011/01/15 03:49:02 | 000,000,000 | ---D | C] -- C:\294d2075ea3213fc2ffb
[2011/01/15 03:48:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/01/15 03:17:59 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/01/15 03:17:59 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/01/15 03:17:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/01/15 03:17:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/01/15 02:55:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2005/05/11 22:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll

========== Files - Modified Within 30 Days ==========

[2011/01/27 06:17:58 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/01/15 12:13:21 | 000,247,904 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/15 03:53:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/15 03:53:39 | 000,000,287 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/01/15 03:52:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/15 03:48:46 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/01/15 03:48:45 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/01/15 03:48:45 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/01/15 03:48:38 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/01/15 03:47:11 | 000,023,428 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/01/15 03:47:06 | 000,443,900 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/01/15 03:47:06 | 000,072,572 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/01/15 03:46:40 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/01/15 03:46:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/01/15 03:45:08 | 000,003,292 | ---- | M] () -- C:\WINDOWS\System32\$WINNT$.PNF
[2011/01/15 03:21:58 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2011/01/15 03:16:16 | 3219,038,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/15 03:01:50 | 000,004,878 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/01/15 02:57:11 | 000,420,013 | ---- | M] () -- C:\WINDOWS\setupapi.old

========== Files Created - No Company Name ==========

[2011/01/15 03:50:35 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/01/15 03:50:17 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/01/15 03:50:10 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/01/15 03:50:09 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/01/15 03:50:08 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/01/15 03:50:04 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/01/15 03:50:02 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/01/15 03:50:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/01/15 03:49:49 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/01/15 03:45:08 | 000,003,292 | ---- | C] () -- C:\WINDOWS\System32\$WINNT$.PNF
[2011/01/15 03:17:54 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/01/15 03:17:54 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2011/01/15 03:17:54 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/01/15 03:17:54 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/01/15 03:17:54 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2011/01/15 03:17:54 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/01/15 03:17:54 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/01/15 03:17:54 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2011/01/15 03:17:54 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/01/15 03:17:54 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/01/15 03:17:54 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2011/01/15 03:17:54 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/01/15 03:17:54 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/01/15 03:17:54 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/01/15 03:17:54 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/01/15 03:17:53 | 000,382,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/01/15 02:02:32 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011/01/15 02:01:54 | 000,420,013 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2010/06/01 18:09:10 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/06/01 18:09:10 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/06/01 18:08:29 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Melissa\Application Data\$_hpcst$.hpc
[2009/10/27 17:47:36 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\JJ\Local Settings\Application Data\fusioncache.dat
[2009/10/27 17:47:32 | 000,263,168 | ---- | C] () -- C:\Documents and Settings\JJ\TRANSFORMS=1033.mst
[2009/06/19 19:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/12/20 11:56:22 | 000,000,400 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/10/16 19:13:58 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2008/02/04 17:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/11/10 14:56:09 | 000,000,187 | ---- | C] () -- C:\WINDOWS\sc.INI
[2007/11/10 13:52:52 | 000,000,137 | ---- | C] () -- C:\WINDOWS\ae_mini.INI
[2007/11/10 13:49:25 | 000,000,019 | ---- | C] () -- C:\WINDOWS\1stsr.INI
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/09/07 22:17:41 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2007/09/02 21:00:56 | 000,000,140 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/09/02 15:33:34 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Melissa\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/09/01 16:14:56 | 001,936,528 | ---- | C] () -- C:\WINDOWS\System32\ltmm15.dll
[2007/08/31 23:11:03 | 000,000,067 | ---- | C] () -- C:\WINDOWS\StationRipper.INI
[2007/06/16 12:23:33 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\fusioncache.dat
[2007/06/16 12:23:32 | 000,263,168 | ---- | C] () -- C:\Documents and Settings\Jim\TRANSFORMS=1033.mst
[2007/06/14 12:28:49 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007/06/14 12:28:17 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/06/14 12:20:50 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/06/14 11:47:09 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7Q.DLL
[2007/06/13 20:00:42 | 000,263,168 | ---- | C] () -- C:\Documents and Settings\Melissa\TRANSFORMS=1033.mst
[2007/06/13 20:00:42 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Melissa\Local Settings\Application Data\fusioncache.dat
[2007/06/13 20:00:16 | 000,263,168 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\TRANSFORMS=1033.mst
[2007/06/13 20:00:16 | 000,000,128 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat
[2007/06/09 11:38:25 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/06/09 11:32:35 | 000,000,500 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/06/09 11:09:36 | 000,001,122 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/03/09 02:12:32 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/03/06 04:14:48 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/01/25 12:31:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/11/10 00:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 05:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 05:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
< End of report >

#6
Salagubang

Posted 27 January 2011 - 11:48 PM

Trusted Helper

Malware Removal
3,891 posts

Hi graham,

Did you perform repair install with this machine lately?

#7
Salagubang

Posted 27 January 2011 - 11:59 PM

Trusted Helper

Malware Removal
3,891 posts

Hi,

Our next best option now is to do a repair install as described here. It will replace all the missing files as well as cure some dodgy entries in the system.

Don't worry system repair won't delete your data, installed programs, personal information, or settings. It just repairs the operating system!
Please, have your Windows XP CD-KEY ready.

Boot from your Windows XP CD. Insert the Windows XP CD into your computer's CD-ROM or DVD-ROM drive, and then restart your computer.
When the "Press any key to boot from CD" message appears on the screen, press a key to start your computer from the Windows XP CD.
A blue screen will appear and begin loading Windows XP Setup from the CD.
When completed loading files, you will be presented with the following "Windows Setup" screen, and your first option. Select "To set up Windows XP now, press ENTER". DO NOT select Recovery Console.

When presented with the screen below. press the F8 key to continue.

Next, Windows Setup will find existing Windows XP installations. You will be asked to repair an existing XP installation, or install a fresh copy of Windows XP.
Press the R key.

Windows XP will appear to be installing itself for the first time, but it will retain all of your data and settings.
Follow the instructions that appear on the screen to reinstall Windows XP. After you repair Windows XP, you may have to reactivate your copy of Windows XP.
Run another OTL Scan and post the logs on your next reply

#8
Salagubang

Posted 31 January 2011 - 06:48 PM

Trusted Helper

Malware Removal
3,891 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

#9
SweetTech

Posted 05 February 2011 - 11:54 AM

Sir SpamAlot

Retired Staff
7,671 posts

Topic re-opened.

#10
graham179328

Posted 05 February 2011 - 01:42 PM

Member

Topic Starter
Member
29 posts

During Window XP installation, a Files Needed window appeared, it said:

The file ‘iaStor.sys’ on Intel Matrix Storage Manager Driver is needed. Type the path where the file is located and then click ok.
Copy files from:
C:\window\temp\iif\winall\driver

I clicked OK and nothing happened, so I clicked cancel and install continued.

And here is the OTL log:

OTL logfile created on: 2/4/2011 7:59:44 PM - Run
OTLPE by OldTimer - Version 3.1.44.1 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.77 Gb Total Space | 160.89 Gb Free Space | 70.02% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 171.94 Gb Free Space | 73.83% Space Free | Partition Type: NTFS
Drive I: | 1.88 Gb Total Space | 1.86 Gb Free Space | 99.02% Space Free | Partition Type: FAT
Drive X: | 436.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [On_Demand] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/02/19 08:34:32 | 000,233,472 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/08/24 08:42:50 | 001,245,064 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/08/04 10:20:16 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/04/07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/02/21 17:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/22 03:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2005/12/12 14:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) [Auto] -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (bvrp_pci)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/10 03:00:00 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100613.018\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/05/10 03:00:00 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100613.018\NAVENG.SYS -- (NAVENG)
DRV - [2009/11/19 22:02:58 | 000,268,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20100604.001\SymIDSco.sys -- (SYMIDSCO)
DRV - [2009/02/19 11:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/02/19 11:31:42 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/02/19 11:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 11:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 11:31:16 | 000,038,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/02/19 11:31:16 | 000,037,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/02/19 11:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 11:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2009/02/19 08:34:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/01/09 06:25:06 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/09/05 13:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/07/30 16:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/31 20:51:16 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 20:51:16 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 20:51:16 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/09/17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/08 19:39:56 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/06/09 11:30:48 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\iastor.sys -- (iaStor)
DRV - [2007/01/25 12:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2006/11/29 00:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\APLMp50.sys -- (APLMp50)
DRV - [2006/07/24 09:20:00 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/07/19 14:42:16 | 000,230,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2006/06/07 14:08:58 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/06/05 02:39:56 | 000,024,064 | ---- | M] (Intel Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006/01/10 10:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/12 02:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/09/08 04:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 04:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 04:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 04:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 04:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 04:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 04:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 11:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 11:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 04:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/04/07 16:18:34 | 000,003,840 | ---- | M] () [Kernel | System] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2004/08/04 05:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/04 05:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2004/08/04 05:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2004/08/04 05:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2004/08/04 05:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004/08/04 05:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2004/08/04 05:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2004/08/04 05:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2004/08/04 05:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2004/08/04 05:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2004/08/04 05:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2004/08/04 05:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2004/08/04 05:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2004/08/04 05:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2004/08/04 05:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2004/08/04 05:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2004/08/03 23:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/03 21:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/11/17 13:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 13:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 13:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jim_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\JJ_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\JJ_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\JJ_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\JJ_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\JJ_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070609
IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Melissa_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Melissa_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Melissa_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/30 19:15:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/07 15:34:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/08 16:10:54 | 000,000,000 | ---D | M]

[2009/01/21 06:30:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Extensions
[2009/01/21 06:30:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\xad2nuvb.default\extensions
[2010/06/13 10:40:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/11/30 19:15:31 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD
[2009/03/31 21:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2011/01/27 06:17:58 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\JJ_ON_C\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\Melissa_ON_C\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\Jim_ON_C..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jim_ON_C..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\Melissa_ON_C..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\Melissa_ON_C..\Run: [Defense Center] C:\Program Files\Defense Center\defcnt.exe ()
O4 - HKU\Melissa_ON_C..\Run: [Microsoft Works Update Detection] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\Jim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JJ_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JJ_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Melissa_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Melissa_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {76A2A0AB-38B7-46DB-8E47-F10CDE4D7920} http://aerial.leepa....plugins/NCS.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.74.166 68.87.68.166
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ComPlusSetup: DllName - C:\WINDOWS\system32\catsrvut.dll - C:\WINDOWS\system32\catsrvut.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{3eec293f-e7b1-11dd-8ff3-0019d14f44ea}\Shell - "" = AutoRun
O33 - MountPoints2\{3eec293f-e7b1-11dd-8ff3-0019d14f44ea}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3eec293f-e7b1-11dd-8ff3-0019d14f44ea}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/02/04 19:41:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/02/04 19:41:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/02/04 19:41:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/02/04 19:41:01 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/02/04 19:41:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/02/04 19:41:01 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/02/04 19:41:00 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/02/04 19:41:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/02/04 19:40:59 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/02/04 19:40:59 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/02/04 19:40:59 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/02/04 19:40:57 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/02/04 19:40:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/02/04 19:40:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/02/04 19:40:52 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/02/04 19:40:52 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/02/04 19:40:52 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/02/04 19:40:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/02/04 19:40:51 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/02/04 19:40:51 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/02/04 19:40:51 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/02/04 19:40:51 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/02/04 19:40:49 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/02/04 19:40:48 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/02/04 19:40:47 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2011/02/04 19:40:47 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2011/02/04 19:40:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/02/04 19:40:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2011/02/04 19:40:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/02/04 19:40:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2011/02/04 19:40:46 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2011/02/04 19:40:46 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2011/02/04 19:40:46 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2011/02/04 19:40:46 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2011/02/04 19:40:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/02/04 19:40:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/02/04 19:40:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/02/04 19:40:45 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2011/02/04 19:40:45 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/02/04 19:40:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/02/04 19:40:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/02/04 19:40:45 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/02/04 19:40:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/02/04 19:40:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/02/04 19:40:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/02/04 19:40:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/02/04 19:40:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/02/04 19:40:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/02/04 19:40:45 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/02/04 19:40:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/02/04 19:40:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/02/04 19:40:44 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/02/04 19:40:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/02/04 19:40:42 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/02/04 19:40:41 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/02/04 19:40:41 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/02/04 19:40:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/02/04 19:40:40 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/02/04 19:40:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2011/02/04 19:40:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2011/02/04 19:40:39 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/02/04 19:40:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/02/04 19:40:37 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2011/02/04 19:40:37 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2011/02/04 19:40:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/02/04 19:40:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/02/04 19:40:35 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/02/04 19:40:35 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/02/04 19:40:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/02/04 19:40:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/02/04 19:40:31 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/02/04 19:40:31 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/02/04 19:40:31 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plugin.ocx
[2011/02/04 19:40:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/02/04 19:40:30 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2011/02/04 19:40:30 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/02/04 19:40:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2011/02/04 19:40:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/02/04 19:40:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2011/02/04 19:40:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/02/04 19:40:25 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/02/04 19:40:24 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2011/02/04 19:40:22 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/02/04 19:40:22 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/02/04 19:40:16 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/02/04 19:40:16 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/02/04 19:40:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2011/02/04 19:40:15 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/02/04 19:40:14 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2011/02/04 19:40:14 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2011/02/04 19:40:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/02/04 19:40:13 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2011/02/04 19:40:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/02/04 19:40:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/02/04 19:40:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/02/04 19:40:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/02/04 19:40:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/02/04 19:40:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/02/04 19:40:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/02/04 19:40:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/02/04 19:40:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/02/04 19:40:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/02/04 19:40:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2011/02/04 19:40:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2011/02/04 19:40:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/02/04 19:40:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/02/04 19:40:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/02/04 19:40:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/02/04 19:40:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2011/02/04 19:40:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/02/04 19:40:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/02/04 19:40:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/02/04 19:40:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/02/04 19:40:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/02/04 19:40:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/02/04 19:40:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/02/04 19:40:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/02/04 19:40:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2011/02/04 19:40:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2011/02/04 19:40:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/02/04 19:40:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2011/02/04 19:40:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/02/04 19:40:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/02/04 19:40:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/02/04 19:40:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/02/04 19:40:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/02/04 19:40:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/02/04 19:40:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/02/04 19:40:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/02/04 19:40:08 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/02/04 19:40:07 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2011/02/04 19:40:06 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/02/04 19:40:06 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/02/04 19:40:06 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/02/04 19:40:06 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2011/02/04 19:40:06 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2011/02/04 19:40:06 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/02/04 19:40:06 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2011/02/04 19:40:06 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/02/04 19:40:06 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/02/04 19:40:05 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/02/04 19:40:05 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/02/04 19:40:05 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/02/04 19:40:05 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2011/02/04 19:40:05 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/02/04 19:40:05 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/02/04 19:40:05 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/02/04 19:40:05 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/02/04 19:40:05 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/02/04 19:40:04 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/02/04 19:40:04 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/02/04 19:40:04 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2011/02/04 19:40:04 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/02/04 19:40:04 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/02/04 19:40:02 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/02/04 19:39:59 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/02/04 19:39:59 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2011/02/04 19:39:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/02/04 19:39:56 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2011/02/04 19:39:56 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2011/02/04 19:39:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/02/04 19:39:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/02/04 19:39:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/02/04 19:39:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2011/02/04 19:39:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2011/02/04 19:39:54 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2011/02/04 19:39:54 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/02/04 19:39:54 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/02/04 19:39:54 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/02/04 19:39:54 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/02/04 19:39:54 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2011/02/04 19:39:48 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2011/02/04 19:39:47 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2011/02/04 19:39:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/02/04 19:39:45 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/02/04 19:39:45 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/02/04 19:39:45 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/02/04 19:39:45 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/02/04 19:39:45 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/02/04 19:39:44 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/02/04 19:39:44 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/02/04 19:39:44 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2011/02/04 19:39:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/02/04 19:39:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/02/04 19:39:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/02/04 19:39:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/02/04 19:39:43 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/02/04 19:39:43 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/02/04 19:39:42 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2011/02/04 19:39:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/02/04 19:39:34 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2011/02/04 19:39:34 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/02/04 19:39:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2011/02/04 19:39:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2011/02/04 19:39:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2011/02/04 19:39:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2011/02/04 19:39:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2011/02/04 19:39:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2011/02/04 19:39:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/02/04 19:39:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2011/02/04 19:39:28 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2011/02/04 19:39:28 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2011/02/04 19:39:28 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2011/02/04 19:39:24 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2011/02/04 19:39:24 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2011/02/04 19:39:24 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2011/02/04 19:39:24 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2011/02/04 19:39:23 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2011/02/04 19:39:23 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2011/02/04 19:39:23 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2011/02/04 19:39:23 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2011/02/04 19:39:23 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2011/02/04 19:39:23 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2011/02/04 19:39:23 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2011/02/04 19:39:23 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2011/02/04 19:39:23 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2011/02/04 19:39:22 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2011/02/04 19:39:22 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2011/02/04 19:39:22 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2011/02/04 19:39:22 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2011/02/04 19:39:22 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2011/02/04 19:39:21 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2011/02/04 19:39:21 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2011/02/04 19:39:21 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2011/02/04 19:26:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/02/04 19:26:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/02/04 19:26:32 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/02/04 19:26:32 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/01/28 20:32:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/01/27 05:45:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/01/15 14:58:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2011/01/15 03:48:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood.Tmp
[2011/01/15 02:55:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2005/05/11 22:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/04 19:43:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/04 19:43:40 | 000,000,287 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/02/04 19:42:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/04 19:38:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/02/04 19:38:42 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/02/04 19:38:42 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/02/04 19:38:34 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/04 19:37:06 | 000,023,428 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/04 19:37:00 | 000,443,900 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/04 19:37:00 | 000,072,572 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/04 19:36:36 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/02/04 19:36:08 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/02/04 19:35:52 | 000,003,292 | ---- | M] () -- C:\WINDOWS\System32\$WINNT$.PNF
[2011/02/04 19:30:27 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2011/02/04 19:25:12 | 3219,034,112 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/28 20:37:21 | 000,004,382 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/01/28 20:33:03 | 000,326,925 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2011/01/27 06:17:58 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/01/15 12:13:21 | 000,247,904 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/04 19:40:31 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/02/04 19:40:13 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/02/04 19:40:06 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/02/04 19:40:05 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/02/04 19:40:04 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/02/04 19:40:00 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/02/04 19:39:58 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/02/04 19:39:56 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/02/04 19:39:45 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/02/04 19:35:52 | 000,003,292 | ---- | C] () -- C:\WINDOWS\System32\$WINNT$.PNF
[2011/02/04 19:26:28 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2011/02/04 19:26:28 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/02/04 19:26:28 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2011/02/04 19:26:28 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/02/04 19:26:28 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2011/02/04 19:26:28 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/02/04 19:26:28 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/02/04 19:26:28 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/02/04 19:26:28 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/02/04 19:26:27 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/02/04 19:26:27 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2011/02/04 19:26:27 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/02/04 19:26:27 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/02/04 19:26:27 | 000,382,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/02/04 19:26:27 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/02/04 19:26:27 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/01/15 02:02:32 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011/01/15 02:01:54 | 000,326,925 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2010/06/01 18:09:10 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/06/01 18:09:10 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/06/01 18:08:29 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Melissa\Application Data\$_hpcst$.hpc
[2009/10/27 17:47:36 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\JJ\Local Settings\Application Data\fusioncache.dat
[2009/10/27 17:47:32 | 000,263,168 | ---- | C] () -- C:\Documents and Settings\JJ\TRANSFORMS=1033.mst
[2009/06/19 19:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/06/19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/12/20 11:56:22 | 000,000,400 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/10/16 19:13:58 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2008/02/04 17:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/11/10 14:56:09 | 000,000,187 | ---- | C] () -- C:\WINDOWS\sc.INI
[2007/11/10 13:52:52 | 000,000,137 | ---- | C] () -- C:\WINDOWS\ae_mini.INI
[2007/11/10 13:49:25 | 000,000,019 | ---- | C] () -- C:\WINDOWS\1stsr.INI
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/09/07 22:17:41 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2007/09/02 21:00:56 | 000,000,140 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/09/02 15:33:34 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Melissa\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/09/01 16:14:56 | 001,936,528 | ---- | C] () -- C:\WINDOWS\System32\ltmm15.dll
[2007/08/31 23:11:03 | 000,000,067 | ---- | C] () -- C:\WINDOWS\StationRipper.INI
[2007/06/16 12:23:33 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\fusioncache.dat
[2007/06/16 12:23:32 | 000,263,168 | ---- | C] () -- C:\Documents and Settings\Jim\TRANSFORMS=1033.mst
[2007/06/14 12:28:49 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007/06/14 12:28:17 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/06/14 12:20:50 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/06/14 11:47:09 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7Q.DLL
[2007/06/13 20:00:42 | 000,263,168 | ---- | C] () -- C:\Documents and Settings\Melissa\TRANSFORMS=1033.mst
[2007/06/13 20:00:42 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Melissa\Local Settings\Application Data\fusioncache.dat
[2007/06/13 20:00:16 | 000,263,168 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\TRANSFORMS=1033.mst
[2007/06/13 20:00:16 | 000,000,128 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat
[2007/06/09 11:38:25 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/06/09 11:32:35 | 000,000,500 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/06/09 11:09:36 | 000,001,122 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/03/09 02:12:32 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/03/06 04:14:48 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/01/25 12:31:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/11/10 00:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 05:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 05:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

========== LOP Check ==========

[2009/12/12 00:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ\Application Data\GetRightToGo
[2009/12/04 13:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ\Application Data\IObit
[2009/11/05 11:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JJ\Application Data\TuneUp Software
[2009/11/05 12:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2009/04/24 18:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Canon
[2009/09/21 19:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Command & Conquer 3 Tiberium Wars
[2010/04/21 16:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Facebook
[2007/09/01 16:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\GetRightToGo
[2008/01/10 06:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\GlarySoft
[2007/06/14 12:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Hot Keyboard
[2009/03/16 14:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\IObit
[2009/11/28 20:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\iWin
[2007/07/14 19:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Leadertech
[2009/09/08 15:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\NationRed
[2009/08/31 08:56:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\NewSoft
[2010/06/01 18:10:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\PC Suite
[2010/06/01 18:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\Samsung
[2007/06/14 12:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\ScanSoft
[2009/11/30 17:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\TuneUp Software
[2009/10/10 17:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\uTorrent
[2009/05/11 15:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Melissa\Application Data\webex
[2010/06/10 17:35:44 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2010/06/08 09:45:49 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job

========== Purity Check ==========

========== Custom Scans ==========

< MD5 for: EXPLORER.EXE >
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2004/08/04 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: SVCHOST.EXE >
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
[2004/08/04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2004/08/10 12:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/02/04 19:36:08 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/01/15 14:45:36 | 000,021,840 | ---- | M] () -- C:\bootex.log
[2004/08/10 12:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/06/09 11:12:12 | 000,006,774 | RH-- | M] () -- C:\dell.sdr
[2011/02/04 19:25:12 | 3219,034,112 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/04 19:30:27 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/10 12:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2009/04/08 22:04:04 | 000,000,370 | -H-- | M] () -- C:\IPH.PH
[2004/08/10 12:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 04:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/05/31 23:38:06 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/02/04 19:56:40 | 000,133,402 | ---- | M] () -- C:\OTL.Txt
[2011/02/04 19:25:09 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/02/01 19:31:33 | 000,042,803 | ---- | M] () -- C:\TaxReturn.pdf
[2007/06/29 19:10:16 | 000,000,027 | ---- | M] () -- C:\wizard.txt

< %systemroot%\*. /mp /s >

< c:\windows\minidump\*.* >

< CREATERESTOREPOINT >

< %systemroot%\System32\config\*.sav >
[2011/02/04 14:23:56 | 004,116,480 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011/01/28 20:37:24 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2011/02/04 14:23:56 | 043,515,904 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011/02/04 14:23:56 | 002,936,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< c:\system volume information|_REGISTRY_MACHINE_SYSTEM;true;true;true /FP >
[2010/03/16 10:52:25 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1020\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/17 11:52:25 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1021\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/18 14:50:21 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1022\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/19 15:53:32 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1023\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/20 16:49:31 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1024\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/21 18:03:24 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1025\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/22 18:06:19 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1026\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/23 18:42:57 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1027\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/24 18:50:41 | 008,224,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1028\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/25 19:25:55 | 006,127,616 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1029\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/26 19:35:41 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1030\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/27 20:35:40 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1031\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/29 15:52:00 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1032\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/30 16:40:26 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1033\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/03/31 06:00:13 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1034\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/01 06:33:20 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1035\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/02 07:21:19 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1036\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/03 15:20:44 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1037\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/04 15:53:31 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1038\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/05 16:53:31 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1039\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/06 17:05:30 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1040\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/07 15:26:14 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1041\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/07 15:26:54 | 006,131,712 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1042\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/08 16:19:50 | 006,135,808 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1043\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/09 17:07:50 | 006,135,808 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1044\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/10 18:07:52 | 006,135,808 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1045\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/11 19:43:38 | 006,135,808 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1046\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/12 20:45:22 | 006,135,808 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1047\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/13 17:20:56 | 006,152,192 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1048\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/14 18:03:50 | 006,139,904 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1049\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/15 18:22:36 | 006,168,576 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1050\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/17 11:39:58 | 006,176,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1051\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/20 18:58:43 | 006,176,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1052\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/21 15:45:50 | 006,176,768 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1053\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/22 17:12:53 | 006,180,864 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1054\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/23 17:25:25 | 006,180,864 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1055\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/24 18:14:21 | 006,180,864 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1056\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/26 20:54:00 | 006,184,960 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1057\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/27 05:35:17 | 006,184,960 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1058\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/27 05:38:50 | 006,184,960 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1059\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/27 05:39:24 | 006,184,960 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1060\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/27 05:39:59 | 006,184,960 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1061\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/28 06:03:32 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1062\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/29 06:15:31 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1063\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/04/30 07:15:32 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1064\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/03 20:38:51 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1065\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/04 21:14:47 | 006,201,344 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1066\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/05 21:15:12 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1067\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/06 21:40:22 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1068\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/08 05:53:08 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1069\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/09 06:41:54 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1070\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/10 07:41:53 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1071\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/11 07:54:23 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1072\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/12 08:53:54 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1073\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/13 06:00:14 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1074\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/14 06:53:53 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1075\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/15 14:48:30 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1076\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/16 16:36:24 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1077\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/17 17:25:18 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1078\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/18 18:19:23 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1079\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/19 18:37:28 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1080\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/20 19:07:02 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1081\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/21 19:10:51 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1082\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/22 12:36:28 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1083\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/23 13:07:02 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1084\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/24 13:55:01 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1085\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/25 14:07:15 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1086\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/26 06:00:13 | 006,205,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1087\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/27 06:55:26 | 006,225,920 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1088\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/28 08:09:16 | 006,225,920 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1089\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/29 08:35:55 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1090\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/30 09:09:55 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1091\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/05/31 09:21:54 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1092\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/01 10:35:20 | 006,197,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1093\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/01 18:07:42 | 006,201,344 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1094\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/02 16:29:17 | 006,266,880 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1095\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/03 17:21:50 | 006,266,880 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1096\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/04 06:00:13 | 006,266,880 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1097\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/05 06:35:51 | 006,303,744 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1098\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/06 07:21:50 | 006,303,744 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1099\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/07 08:21:50 | 006,303,744 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1100\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/08 08:35:10 | 006,352,896 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1101\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/09 15:54:03 | 006,324,224 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1102\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/10 14:00:08 | 006,324,224 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1103\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/11 14:12:48 | 006,324,224 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1104\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/12 15:14:42 | 006,324,224 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1105\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/06/13 16:29:36 | 006,324,224 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1106\snapshot\_REGISTRY_MACHINE_SYSTEM

< c:\system volume information|_REGISTRY_MACHINE_SOFTWARE;true;true;true /FP >
[2010/03/16 10:52:25 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1020\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/17 11:52:25 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1021\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/18 14:50:20 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1022\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/19 15:53:32 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1023\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/20 16:49:31 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1024\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/21 18:03:23 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1025\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/22 18:06:19 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1026\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/23 18:42:57 | 043,286,528 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1027\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/24 18:50:41 | 043,311,104 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1028\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/25 19:25:55 | 043,110,400 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1029\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/26 19:35:40 | 043,110,400 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1030\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/27 20:35:40 | 043,110,400 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1031\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/29 15:52:00 | 043,114,496 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1032\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/30 16:40:25 | 043,114,496 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1033\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/03/31 06:00:13 | 043,114,496 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1034\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/01 06:33:20 | 043,139,072 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1035\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/02 07:21:19 | 043,139,072 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1036\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/03 15:20:43 | 043,139,072 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1037\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/04 15:53:31 | 043,143,168 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1038\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/05 16:53:31 | 043,143,168 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1039\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/06 17:05:30 | 043,143,168 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1040\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/07 15:26:14 | 043,143,168 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1041\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/07 15:26:54 | 043,143,168 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1042\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/08 16:19:50 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1043\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/09 17:07:50 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1044\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/10 18:07:52 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1045\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/11 19:43:37 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1046\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/12 20:45:22 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1047\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/13 17:20:56 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1048\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/14 18:03:49 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1049\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/15 18:22:36 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1050\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/17 11:39:55 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1051\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/20 18:58:42 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1052\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/21 15:45:50 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1053\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/22 17:12:53 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1054\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/23 17:25:25 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1055\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/24 18:14:20 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1056\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/26 20:54:00 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1057\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/27 05:35:17 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1058\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/27 05:38:50 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1059\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/27 05:39:24 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1060\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/27 05:39:58 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1061\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/28 06:03:31 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1062\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/29 06:15:30 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1063\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/04/30 07:15:31 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1064\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/03 20:38:51 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1065\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/04 21:14:46 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1066\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/05 21:15:12 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1067\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/06 21:40:22 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1068\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/08 05:53:08 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1069\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/09 06:41:54 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1070\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/10 07:41:52 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1071\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/11 07:54:23 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1072\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/12 08:53:54 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1073\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/13 06:00:14 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1074\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/14 06:53:52 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1075\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/15 14:48:29 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1076\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/16 16:36:23 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1077\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/17 17:25:17 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1078\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/18 18:19:22 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1079\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/19 18:37:28 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1080\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/20 19:07:01 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1081\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/21 19:10:51 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1082\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/22 12:36:27 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1083\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/23 13:07:01 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1084\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/24 13:55:01 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1085\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/25 14:07:15 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1086\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/26 06:00:13 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1087\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/27 06:55:25 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1088\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/28 08:09:16 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1089\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/29 08:35:54 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1090\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/30 09:09:54 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1091\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/05/31 09:21:54 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1092\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/01 10:35:20 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1093\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/01 18:07:42 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1094\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/02 16:29:17 | 043,364,352 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1095\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/03 17:21:50 | 043,425,792 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1096\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/04 06:00:13 | 043,425,792 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1097\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/05 06:35:51 | 043,573,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1098\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/06 07:21:50 | 043,573,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1099\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/07 08:21:50 | 043,573,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1100\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/08 08:35:10 | 043,573,248 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1101\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/09 15:54:03 | 043,581,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1102\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/10 14:00:08 | 043,581,440 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1103\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/11 14:12:47 | 043,794,432 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1104\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/12 15:14:42 | 043,794,432 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1105\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/06/13 16:29:36 | 043,794,432 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1106\snapshot\_REGISTRY_MACHINE_SOFTWARE

< End of report >

#11
Salagubang

Posted 05 February 2011 - 07:09 PM

Trusted Helper

Malware Removal
3,891 posts

Hi,

Did the install able to finish? Please confirm if you can boot the machine into normal mode.

#12
graham179328

Posted 05 February 2011 - 08:13 PM

Member

Topic Starter
Member
29 posts

No, machine continues to loop the startup.

#13
Salagubang

Posted 05 February 2011 - 08:41 PM

Trusted Helper

Malware Removal
3,891 posts

Ok lets try a different tact.

What I would like you to try is go to BIOS and set the AHCI/SATA to compatibility mode. To do this:

Restart computer and press Del to enter BIOS.
Find and set the ACHI/SATA to compatibility mode (or Native IDE).
Save then restart the computer in normal mode.

#14
graham179328

Posted 05 February 2011 - 09:57 PM

Member

Topic Starter
Member
29 posts

Restarting from the Reatogo Desktop and then pressing delete doesn’t do anything but start the loop over.
I must need more detailed instructions.

#15
Salagubang

Posted 05 February 2011 - 10:06 PM

Trusted Helper

Malware Removal
3,891 posts

Remove the CD then restart your computer.

Restart your computer.
At the first text on the screen or when the Dell™ logo appears, tap <F2> until the message Entering Setup appears.
Look for SATA controller setting and note the choices. Choose compatibility mode (or Native IDE).
Save then restart the computer in normal mode.