Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Having acess issues in safe mode

Started by davis7457 , Mar 29 2011 05:04 PM

  • Please log in to reply

#1
davis7457
Posted 29 March 2011 - 05:04 PM

davis7457

    New Member

  • Member
  • Pip
  • 1 posts
First of all i want to mention that despite might not be relevant to my problem. i cannot access my all programs sub-menu thing in the start menu bar. i tried all the "fixes" from Microsoft and NONE worked. I think I might be infected with something, one thing that makes me think that is : I cant access "all users" for my system, and i tried to install anti-virus, and it had some problem with the all users\temp folder or whatever. (I kinda forgot what the path was). plus the all users folder is "hidden" and I cant "unhide" it. i tried taking ownership of the folder. but it denied me access. I'm logged in as an admin in safe mode. so i 'should" be able to access it. Also I've been having problems installing things. skype, anti-virus, had some problems with drivers, etc... I'm trying to be detailed as possible, If u need more info i can post. I'm pretty tech savy, but this problem has been quite a challenge to my ego Ll. so I appreciate any help that I can recieve. Heres the log from the OTL

OTL logfile created on: 3/28/2011 5:38:30 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

766.00 Mb Total Physical Memory | 426.00 Mb Available Physical Memory | 56.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS.0 | %ProgramFiles% = C:\Program Files
Drive C: | 51.36 Gb Total Space | 7.77 Gb Free Space | 15.13% Space Free | Partition Type: NTFS
Drive D: | 51.65 Gb Total Space | 2.82 Gb Free Space | 5.46% Space Free | Partition Type: NTFS

Computer Name: KENNY-D1B28FB76 | User Name: Sys Admin | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/28 17:38:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\My Documents\Downloads\OTL.exe
PRC - [2010/12/03 11:35:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/07/04 11:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2004/08/04 00:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\explorer.exe
PRC - [2004/08/04 00:00:00 | 000,815,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\system32\mmc.exe
PRC - [2004/08/04 00:00:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\system32\cmd.exe


========== Modules (SafeList) ==========

MOD - [2011/03/28 17:38:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\My Documents\Downloads\OTL.exe
MOD - [2010/07/04 13:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2004/08/04 00:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)


========== Driver Services (SafeList) ==========

DRV - [2010/09/29 12:53:36 | 000,078,328 | ---- | M] (Tonec Inc.) [Kernel | System | Stopped] -- C:\WINDOWS.0\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2008/04/17 16:33:00 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/10/11 17:40:00 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS.0\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2006/12/22 11:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/12/22 11:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/12/22 11:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/05/25 10:19:48 | 000,040,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006/05/25 10:19:44 | 000,074,752 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006/05/25 10:19:40 | 000,061,056 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006/04/27 09:46:50 | 001,540,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/03 14:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.0\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/28 14:05:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/27 13:34:07 | 000,000,000 | ---D | M]

[2011/03/27 13:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Mozilla\Extensions
[2011/03/27 13:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Mozilla\Firefox\Profiles\jia8ch4d.default\extensions
[2011/03/27 13:34:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2011/03/26 21:40:01 | 000,430,676 | R--- | M]) - C:\WINDOWS.0\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14851 more lines...
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS.0\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [IDMan] D:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O8 - Extra context menu item: Download all links with IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - D:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - D:\Program Files\Internet Download Manager\IEExt.htm ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS.0\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS.2\system32\userinit.exe) - D:\WINDOWS.2\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS.0\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS.0\System32\WgaLogon.dll ()
O24 - Desktop WallPaper: C:\WINDOWS.0\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS.0\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/30 07:30:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/28 17:28:27 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2011/03/28 17:28:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\Programs\Unlocker
[2011/03/28 17:13:48 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\LastGood
[2011/03/28 17:11:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Kaspersky Lab Setup Files
[2011/03/28 14:38:19 | 000,000,000 | ---D | C] -- C:\Special
[2011/03/28 14:38:19 | 000,000,000 | ---D | C] -- \Special
[2011/03/28 14:04:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\All Users
[2011/03/28 13:45:43 | 000,000,000 | -HSD | C] -- C:\WINDOWS.0\CSC
[2011/03/28 13:43:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\New Folder
[2011/03/27 13:54:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\Programs\Administrative Tools
[2011/03/27 13:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\NtmsData
[2011/03/27 13:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\Programs\Mozilla Firefox
[2011/03/27 11:33:56 | 000,074,752 | ---- | C] (ENE Technology Inc.) -- C:\WINDOWS.0\System32\drivers\ESM7SK.sys
[2011/03/27 11:33:56 | 000,061,056 | ---- | C] (ENE Technology Inc.) -- C:\WINDOWS.0\System32\drivers\EMS7SK.sys
[2011/03/27 11:33:56 | 000,040,064 | ---- | C] (ENE Technology Inc.) -- C:\WINDOWS.0\System32\drivers\ESD7SK.sys
[2011/03/27 00:03:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS.0\PIF
[2011/03/26 23:55:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\Programs\Easy Duplicate Finder
[2011/03/26 23:55:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Easy Duplicate Finder
[2011/03/26 23:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Duplicate Finder
[2011/03/26 21:54:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Macromedia
[2011/03/26 21:54:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Adobe
[2011/03/26 21:46:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Sun
[2011/03/26 21:45:19 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\Adobe
[2011/03/26 21:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\SDHelper (Spybot - Search & Destroy)
[2011/03/26 21:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[2011/03/26 21:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[2011/03/26 21:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2011/03/26 20:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Daoisoft
[2011/03/26 19:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/03/26 19:44:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS.0\$hf_mig$
[2011/03/26 19:43:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS.0\$MSI31Uninstall_KB893803v2$
[2011/03/26 19:35:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Local Settings\Application Data\ATI
[2011/03/26 19:35:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\ATI
[2011/03/26 19:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/03/26 19:28:37 | 000,000,000 | R-SD | C] -- C:\WINDOWS.0\assembly
[2011/03/26 19:28:04 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Microsoft.NET
[2011/03/26 19:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\GD
[2011/03/26 19:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2011/03/26 19:03:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\Programs\WinRAR
[2011/03/26 19:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\WinRAR
[2011/03/26 18:37:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\IDM
[2011/03/26 18:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\DMCache
[2011/03/26 18:14:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Local Settings\Application Data\Mozilla
[2011/03/26 18:14:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Mozilla
[2011/03/26 18:14:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/03/26 18:07:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\UserData
[2011/03/26 17:56:51 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\Lang
[2011/03/26 17:26:21 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/03/26 17:26:21 | 000,000,000 | -HSD | C] -- \RECYCLER
[2011/03/26 17:24:01 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\temp
[2011/03/26 17:16:32 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\RTCOM
[2011/03/26 17:16:11 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/03/26 17:16:11 | 000,000,000 | RHSD | C] -- \cmdcons
[2011/03/26 17:15:30 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS.0\alcwzrd.exe
[2011/03/26 17:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/03/26 17:12:01 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS.0\SWXCACLS.exe
[2011/03/26 17:12:01 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS.0\SWREG.exe
[2011/03/26 17:12:01 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS.0\SWSC.exe
[2011/03/26 17:12:01 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS.0\NIRCMD.exe
[2011/03/26 17:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\ERDNT
[2011/03/26 17:11:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/26 17:11:50 | 000,000,000 | ---D | C] -- \Qoobox
[2011/03/26 17:02:58 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\DRVSTORE
[2011/03/26 17:02:39 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/03/26 17:02:37 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/03/26 17:02:10 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\ReinstallBackups
[2011/03/26 17:02:01 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/03/26 16:58:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\My Documents\My Videos
[2011/03/26 16:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\NDS GBM GBA Movie Player Crystal
[2011/03/26 16:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\My Documents\Downloads
[2011/03/26 16:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Identities
[2011/03/26 16:06:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\My Documents\My Pictures
[2011/03/26 16:06:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\My Documents\My Music
[2011/03/26 16:06:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft
[2011/03/26 16:06:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Cookies
[2011/03/26 16:06:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\SendTo
[2011/03/26 16:06:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Recent
[2011/03/26 16:06:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data
[2011/03/26 16:06:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\My Documents
[2011/03/26 16:06:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Favorites
[2011/03/26 16:06:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\PrintHood
[2011/03/26 16:06:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\NetHood
[2011/03/26 16:06:05 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Local Settings
[2011/03/26 16:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Local Settings\Application Data\Microsoft
[2011/03/26 16:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop
[2011/03/26 16:06:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\Programs\Startup
[2011/03/26 16:06:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu
[2011/03/26 16:06:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\Programs\Accessories
[2011/03/26 16:06:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Templates
[2011/03/26 16:04:06 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\SoftwareDistribution
[2011/03/26 16:04:04 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Prefetch
[2011/03/26 16:04:03 | 000,000,000 | --SD | C] -- C:\WINDOWS.0\System32\Microsoft
[2011/03/26 16:00:32 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS.0\System32\dllcache\rwia330.dll
[2011/03/26 16:00:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS.0\System32\dllcache\rwia001.dll
[2011/03/26 16:00:31 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS.0\System32\dllcache\rw330ext.dll
[2011/03/26 15:58:25 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS.0\System32\dllcache\cap7146.sys
[2011/03/26 15:57:32 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\xircom
[2011/03/26 15:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011/03/26 15:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011/03/26 15:55:27 | 000,000,000 | --SD | C] -- C:\WINDOWS.0\Downloaded Program Files
[2011/03/26 15:55:27 | 000,000,000 | R--D | C] -- C:\WINDOWS.0\Offline Web Pages
[2011/03/26 15:55:12 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011/03/26 15:54:42 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\DirectX
[2011/03/26 15:54:04 | 000,000,000 | --SD | C] -- C:\WINDOWS.0\Tasks
[2011/03/26 15:54:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/03/26 15:53:58 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\srchasst
[2011/03/26 15:53:57 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\Macromed
[2011/03/26 15:53:35 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\Restore
[2011/03/26 15:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011/03/26 15:53:26 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011/03/26 15:52:19 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011/03/26 15:52:05 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Registration
[2011/03/26 15:51:51 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/03/26 15:51:33 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/03/26 15:51:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011/03/26 15:50:41 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS.0\System32\dllcache\pinball.exe
[2011/03/26 15:50:36 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\MsDtc
[2011/03/26 15:50:34 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\Com
[2011/03/26 15:24:20 | 000,000,000 | ---D | C] -- C:\Temp files fo os
[2011/03/26 15:24:20 | 000,000,000 | ---D | C] -- \Temp files fo os
[2011/03/26 07:43:36 | 000,000,000 | -HSD | C] -- C:\WINDOWS.0\Installer
[2011/03/26 07:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/03/26 07:42:14 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\CatRoot2
[2011/03/26 07:42:14 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\CatRoot
[2011/03/26 07:32:41 | 000,000,000 | R-SD | C] -- C:\WINDOWS.0\Fonts
[2011/03/26 07:32:41 | 000,000,000 | RHSD | C] -- C:\WINDOWS.0\System32\dllcache
[2011/03/26 07:32:41 | 000,000,000 | R--D | C] -- C:\WINDOWS.0\Web
[2011/03/26 07:32:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS.0\inf
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\WinSxS
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\wins
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- \WINDOWS.0
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\wbem
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\usmt
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\twain_32
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\system32
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\system
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\spool
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\ShellExt
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\Setup
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\security
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Resources
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\repair
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\ras
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Provisioning
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\PeerNet
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\pchealth
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\oobe
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\npp
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\mui
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\mui
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\msapps
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\msagent
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Media
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\java
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\inetsrv
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\IME
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\ime
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\icsxml
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\ias
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Help
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\export
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\drivers\etc
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\ehome
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\drivers
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Driver Cache
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\drivers\disdn
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\dhcp
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Debug
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Cursors
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Connection Wizard
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\config
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\Config
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\AppPatch
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\addins
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\3com_dmi
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\3076
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\2052
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\1054
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\1042
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\1041
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\1037
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\1033
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\1031
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\1028
[2011/03/26 07:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS.0\System32\1025
[2011/03/20 12:17:32 | 000,000,000 | ---D | C] -- C:\Games
[2011/03/20 12:17:32 | 000,000,000 | ---D | C] -- \Games
[3 C:\WINDOWS.0\*.tmp files -> C:\WINDOWS.0\*.tmp -> ]
[1 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[1 \*.tmp files -> \*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/28 17:28:28 | 000,001,148 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\eBay.lnk
[2011/03/28 17:28:28 | 000,001,148 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
[2011/03/28 17:17:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS.0\bootstat.dat
[2011/03/28 14:18:27 | 000,069,334 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\Consle 1.msc
[2011/03/27 13:34:12 | 000,001,633 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/27 13:34:12 | 000,001,615 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\Mozilla Firefox.lnk
[2011/03/27 00:05:16 | 000,002,228 | ---- | M] () -- C:\WINDOWS.0\System32\wpa.dbl
[2011/03/26 23:55:19 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyDuplicate.lnk
[2011/03/26 21:40:01 | 000,430,676 | R--- | M] () -- C:\WINDOWS.0\System32\drivers\etc\hosts
[2011/03/26 21:07:48 | 000,002,135 | ---- | M] () -- C:\WINDOWS.0\epplauncher.mif
[2011/03/26 20:59:01 | 000,392,534 | ---- | M] () -- C:\WINDOWS.0\System32\perfh009.dat
[2011/03/26 20:59:01 | 000,058,794 | ---- | M] () -- C:\WINDOWS.0\System32\perfc009.dat
[2011/03/26 19:44:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS.0\imsins.BAK
[2011/03/26 18:54:19 | 000,000,552 | ---- | M] () -- C:\WINDOWS.0\System32\d3d8caps.dat
[2011/03/26 18:21:02 | 000,940,794 | ---- | M] () -- C:\WINDOWS.0\System32\LoopyMusic.wav
[2011/03/26 18:21:02 | 000,146,650 | ---- | M] () -- C:\WINDOWS.0\System32\BuzzingBee.wav
[2011/03/26 18:14:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS.0\nsreg.dat
[2011/03/26 17:58:56 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/26 17:22:34 | 000,000,027 | ---- | M] () -- C:\WINDOWS.0\System32\drivers\etc\hosts.20110326-214001.backup
[2011/03/26 17:16:17 | 000,000,443 | -HS- | M] () -- C:\boot.ini
[2011/03/26 16:59:09 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Local Settings\Application Data\FASTWiz.html
[2011/03/26 16:13:09 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/26 16:06:27 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/26 16:06:27 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/26 16:03:47 | 000,008,192 | ---- | M] () -- C:\WINDOWS.0\REGLOCS.OLD
[2011/03/26 16:03:25 | 000,090,296 | ---- | M] () -- C:\WINDOWS.0\System32\FNTCACHE.DAT
[2011/03/26 16:01:46 | 000,000,643 | ---- | M] () -- C:\WINDOWS.0\System32\$winnt$.inf
[2011/03/26 15:57:07 | 000,002,577 | ---- | M] () -- C:\WINDOWS.0\System32\CONFIG.NT
[2011/03/26 15:56:57 | 000,316,640 | ---- | M] () -- C:\WINDOWS.0\WMSysPr9.prx
[2011/03/26 15:56:57 | 000,023,392 | ---- | M] () -- C:\WINDOWS.0\System32\nscompat.tlb
[2011/03/26 15:56:57 | 000,016,832 | ---- | M] () -- C:\WINDOWS.0\System32\amcompat.tlb
[2011/03/26 15:56:37 | 000,004,249 | ---- | M] () -- C:\WINDOWS.0\ODBCINST.INI
[2011/03/26 15:52:37 | 000,021,640 | ---- | M] () -- C:\WINDOWS.0\System32\emptyregdb.dat
[2011/03/26 15:48:29 | 000,000,327 | -HS- | M] () -- C:\Boot.bak
[2011/03/26 09:04:03 | 000,001,480 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\Super Card.lnk
[2011/03/20 12:17:32 | 000,000,141 | ---- | M] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\Games.com.url
[3 C:\WINDOWS.0\*.tmp files -> C:\WINDOWS.0\*.tmp -> ]
[1 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/28 17:28:28 | 000,001,148 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\eBay.lnk
[2011/03/28 17:28:28 | 000,001,148 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
[2011/03/27 13:54:40 | 000,069,334 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\Consle 1.msc
[2011/03/27 13:34:12 | 000,001,615 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\Mozilla Firefox.lnk
[2011/03/27 11:34:18 | 000,356,352 | ---- | C] () -- C:\WINDOWS.0\EMCRI.dll
[2011/03/26 23:55:19 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyDuplicate.lnk
[2011/03/26 21:40:01 | 000,000,027 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\etc\hosts.20110326-214001.backup
[2011/03/26 19:25:05 | 001,114,674 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\ativcaxx.cpa
[2011/03/26 19:25:05 | 000,127,619 | ---- | C] () -- C:\WINDOWS.0\System32\atiicdxx.dat
[2011/03/26 19:25:05 | 000,058,560 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\ativckxx.vp
[2011/03/26 19:25:05 | 000,028,064 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\ativvpxx.vp
[2011/03/26 19:25:05 | 000,000,929 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\ativcaxx.vp
[2011/03/26 19:09:28 | 000,144,201 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\HSFProf.cty
[2011/03/26 18:54:19 | 000,000,552 | ---- | C] () -- C:\WINDOWS.0\System32\d3d8caps.dat
[2011/03/26 18:21:02 | 000,940,794 | ---- | C] () -- C:\WINDOWS.0\System32\LoopyMusic.wav
[2011/03/26 18:21:02 | 000,146,650 | ---- | C] () -- C:\WINDOWS.0\System32\BuzzingBee.wav
[2011/03/26 18:14:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS.0\nsreg.dat
[2011/03/26 18:14:10 | 000,001,633 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/26 17:58:56 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/26 17:30:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS.0\System32\RtNicProp32.dll
[2011/03/26 17:17:17 | 000,000,553 | ---- | C] () -- C:\WINDOWS.0\USetup.iss
[2011/03/26 17:17:05 | 000,049,152 | ---- | C] () -- C:\WINDOWS.0\System32\ChCfg.exe
[2011/03/26 17:16:13 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/03/26 17:16:13 | 000,260,272 | RHS- | C] () -- \cmldr
[2011/03/26 17:15:40 | 000,000,520 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\RTEQEX1.dat
[2011/03/26 17:15:40 | 000,000,520 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\RTEQEX0.dat
[2011/03/26 17:15:40 | 000,000,008 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\rtkhdaud.dat
[2011/03/26 17:12:01 | 000,256,512 | ---- | C] () -- C:\WINDOWS.0\PEV.exe
[2011/03/26 17:12:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS.0\sed.exe
[2011/03/26 17:12:01 | 000,089,088 | ---- | C] () -- C:\WINDOWS.0\MBR.exe
[2011/03/26 17:12:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS.0\grep.exe
[2011/03/26 17:12:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS.0\zip.exe
[2011/03/26 17:10:24 | 000,002,135 | ---- | C] () -- C:\WINDOWS.0\epplauncher.mif
[2011/03/26 16:47:22 | 1207,959,552 | -HS- | C] () --
[2011/03/26 16:29:42 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Local Settings\Application Data\FASTWiz.html
[2011/03/26 16:13:08 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/26 16:06:27 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/26 16:06:15 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\programs\Outlook Express.lnk
[2011/03/26 16:06:13 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/26 16:06:13 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\programs\Internet Explorer.lnk
[2011/03/26 16:06:05 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\programs\Remote Assistance.lnk
[2011/03/26 16:06:05 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Start Menu\programs\Windows Media Player.lnk
[2011/03/26 16:03:47 | 000,008,192 | ---- | C] () -- C:\WINDOWS.0\REGLOCS.OLD
[2011/03/26 16:01:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS.0\bootstat.dat
[2011/03/26 16:00:22 | 000,175,104 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\pintlcsa.dll
[2011/03/26 15:59:38 | 001,158,818 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\korwbrkr.lex
[2011/03/26 15:59:28 | 000,059,392 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\imscinst.exe
[2011/03/26 15:59:27 | 000,196,665 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\imjpinst.exe
[2011/03/26 15:59:24 | 000,134,339 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\imekr.lex
[2011/03/26 15:59:06 | 013,463,552 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\hwxjpn.dll
[2011/03/26 15:58:57 | 000,108,827 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\hanja.lex
[2011/03/26 15:58:51 | 000,094,208 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\fpencode.dll
[2011/03/26 15:58:29 | 000,173,568 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\chtskf.dll
[2011/03/26 15:57:07 | 000,002,577 | ---- | C] () -- C:\WINDOWS.0\System32\CONFIG.NT
[2011/03/26 15:56:57 | 000,023,392 | ---- | C] () -- C:\WINDOWS.0\System32\nscompat.tlb
[2011/03/26 15:56:57 | 000,016,832 | ---- | C] () -- C:\WINDOWS.0\System32\amcompat.tlb
[2011/03/26 15:56:56 | 000,316,640 | ---- | C] () -- C:\WINDOWS.0\WMSysPr9.prx
[2011/03/26 15:54:50 | 004,399,505 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\nls302en.lex
[2011/03/26 15:54:16 | 000,048,680 | -HS- | C] () -- C:\WINDOWS.0\winnt256.bmp
[2011/03/26 15:54:16 | 000,048,680 | -HS- | C] () -- C:\WINDOWS.0\winnt.bmp
[2011/03/26 15:54:09 | 000,000,984 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\srframe.mmf
[2011/03/26 15:53:54 | 000,004,639 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\mplayer2.exe
[2011/03/26 15:53:37 | 000,376,320 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\msinfo.dll
[2011/03/26 15:52:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS.0\System32\emptyregdb.dat
[2011/03/26 15:51:14 | 000,065,832 | ---- | C] () -- C:\WINDOWS.0\Santa Fe Stucco.bmp
[2011/03/26 15:51:14 | 000,026,680 | ---- | C] () -- C:\WINDOWS.0\River Sumida.bmp
[2011/03/26 15:51:14 | 000,017,362 | ---- | C] () -- C:\WINDOWS.0\Rhododendron.bmp
[2011/03/26 15:51:14 | 000,009,522 | ---- | C] () -- C:\WINDOWS.0\Zapotec.bmp
[2011/03/26 15:51:13 | 000,065,978 | ---- | C] () -- C:\WINDOWS.0\Soap Bubbles.bmp
[2011/03/26 15:51:13 | 000,065,954 | ---- | C] () -- C:\WINDOWS.0\Prairie Wind.bmp
[2011/03/26 15:51:13 | 000,026,582 | ---- | C] () -- C:\WINDOWS.0\Greenstone.bmp
[2011/03/26 15:51:13 | 000,017,336 | ---- | C] () -- C:\WINDOWS.0\Gone Fishing.bmp
[2011/03/26 15:51:13 | 000,017,062 | ---- | C] () -- C:\WINDOWS.0\Coffee Bean.bmp
[2011/03/26 15:51:13 | 000,016,730 | ---- | C] () -- C:\WINDOWS.0\FeatherTexture.bmp
[2011/03/26 15:51:13 | 000,001,272 | ---- | C] () -- C:\WINDOWS.0\Blue Lace 16.bmp
[2011/03/26 15:51:10 | 000,001,161 | ---- | C] () -- C:\WINDOWS.0\System32\usrlogon.cmd
[2011/03/26 15:51:09 | 000,003,286 | ---- | C] () -- C:\WINDOWS.0\System32\tslabels.h
[2011/03/26 15:51:08 | 000,000,768 | ---- | C] () -- C:\WINDOWS.0\System32\msdtcprf.h
[2011/03/26 15:51:02 | 000,063,488 | ---- | C] () -- C:\WINDOWS.0\System32\wmimgmt.msc
[2011/03/26 09:04:03 | 000,001,480 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\Super Card.lnk
[2011/03/26 07:43:40 | 000,001,374 | ---- | C] () -- C:\WINDOWS.0\imsins.BAK
[2011/03/26 07:43:34 | 000,004,249 | ---- | C] () -- C:\WINDOWS.0\ODBCINST.INI
[2011/03/26 07:43:30 | 001,685,606 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\sam.spd
[2011/03/26 07:43:30 | 000,605,050 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\r1033tts.lxa
[2011/03/26 07:43:30 | 000,000,888 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\sam.sdf
[2011/03/26 07:43:29 | 000,643,717 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\ltts1033.lxa
[2011/03/26 07:43:11 | 000,001,688 | ---- | C] () -- C:\WINDOWS.0\System32\AUTOEXEC.NT
[2011/03/26 07:42:48 | 001,042,903 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\SP2.CAT
[2011/03/26 07:42:48 | 000,797,189 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\NT5IIS.CAT
[2011/03/26 07:42:48 | 000,399,645 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\MAPIMIG.CAT
[2011/03/26 07:42:48 | 000,141,702 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\netfx.cat
[2011/03/26 07:42:48 | 000,110,116 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\tabletpc.cat
[2011/03/26 07:42:48 | 000,037,484 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\MW770.CAT
[2011/03/26 07:42:48 | 000,031,965 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\mediactr.cat
[2011/03/26 07:42:48 | 000,031,281 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\FP4.CAT
[2011/03/26 07:42:48 | 000,024,209 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\msn7.cat
[2011/03/26 07:42:48 | 000,013,753 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\IMS.CAT
[2011/03/26 07:42:48 | 000,013,472 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\HPCRDP.CAT
[2011/03/26 07:42:48 | 000,011,651 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\msn9.cat
[2011/03/26 07:42:48 | 000,009,581 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\MSMSGS.CAT
[2011/03/26 07:42:48 | 000,008,574 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\IASNT4.CAT
[2011/03/26 07:42:48 | 000,007,382 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\OEMBIOS.CAT
[2011/03/26 07:42:48 | 000,007,334 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\wmerrenu.cat
[2011/03/26 07:42:48 | 000,007,245 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\MSTSWEB.CAT
[2011/03/26 07:42:47 | 002,012,670 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\NT5.CAT
[2011/03/26 07:42:47 | 000,502,724 | ---- | C] () -- C:\WINDOWS.0\System32\dllcache\NT5INF.CAT
[2011/03/26 07:41:25 | 000,090,296 | ---- | C] () -- C:\WINDOWS.0\System32\FNTCACHE.DAT
[2011/03/26 07:40:09 | 000,000,643 | ---- | C] () -- C:\WINDOWS.0\System32\$winnt$.inf
[2011/03/20 12:17:32 | 000,000,141 | ---- | C] () -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Desktop\Games.com.url
[2010/11/01 13:10:33 | 000,024,142 | ---- | C] () -- \RaiderPD.ini
[2010/02/07 00:54:49 | 803,389,440 | -HS- | C] () -- \hiberfil.sys
[2009/02/11 13:30:02 | 000,323,072 | ---- | C] () -- C:\WINDOWS.0\System32\WgaTray.exe
[2009/02/11 13:30:02 | 000,190,976 | ---- | C] () -- C:\WINDOWS.0\System32\WgaLogon.dll
[2006/03/30 07:30:26 | 268,435,456 | -HS- | C] () -- \WinPEpge.sys
[2006/03/30 07:30:26 | 000,171,136 | RHS- | C] () -- \grldr
[2006/03/30 07:30:26 | 000,005,686 | ---- | C] () -- \vcredist.bmp
[2006/03/30 07:30:26 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2006/03/30 07:30:26 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2006/03/30 07:30:25 | 006,492,724 | ---- | C] () -- \Booklet Physicus.pdf
[2006/03/30 07:30:25 | 000,438,840 | RHS- | C] () -- \bootmgr
[2006/03/30 07:30:25 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
[2006/03/30 07:30:25 | 000,000,443 | -HS- | C] () -- \boot.ini
[2006/03/30 07:30:25 | 000,000,327 | -HS- | C] () -- \Boot.bak
[2006/03/30 07:30:25 | 000,000,304 | RHS- | C] () -- \Boot.ini.saved
[2006/03/30 07:30:25 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2006/03/30 07:30:25 | 000,000,010 | ---- | C] () -- \config.sys
[2004/08/04 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS.0\System32\oembios.bin
[2004/08/04 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS.0\System32\mlang.dat
[2004/08/04 00:00:00 | 000,392,534 | ---- | C] () -- C:\WINDOWS.0\System32\perfh009.dat
[2004/08/04 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS.0\System32\perfi009.dat
[2004/08/04 00:00:00 | 000,250,032 | RHS- | C] () -- \ntldr
[2004/08/04 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS.0\System32\dssec.dat
[2004/08/04 00:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS.0\System32\ieencode.dll
[2004/08/04 00:00:00 | 000,058,794 | ---- | C] () -- C:\WINDOWS.0\System32\perfc009.dat
[2004/08/04 00:00:00 | 000,047,564 | RHS- | C] () -- \NTDETECT.COM
[2004/08/04 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS.0\System32\mib.bin
[2004/08/04 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS.0\System32\perfd009.dat
[2004/08/04 00:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\secdrv.sys
[2004/08/04 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS.0\System32\secupd.dat
[2004/08/04 00:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS.0\System32\oembios.dat
[2004/08/04 00:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS.0\System32\Dcache.bin
[2004/08/04 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS.0\System32\noise.dat

========== LOP Check ==========

[2011/03/26 20:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Daoisoft
[2011/03/26 18:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\DMCache
[2011/03/26 23:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\Easy Duplicate Finder
[2011/03/26 20:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sys Admin.KENNY-D1B28FB76\Application Data\IDM

========== Purity Check ==========



< End of report >

I usually don't feel safe about posting some of this info, But i relize that it is nessisary.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP