Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Several Infections


  • This topic is locked This topic is locked

#1
klown69

klown69

    Member

  • Member
  • PipPip
  • 37 posts
Had to parallel install a new XP to getmy wife's system back in windows logs below as instructed.


OTL logfile created on: 7/15/2011 3:11:09 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.85 Gb Available Physical Memory | 87.61% Memory free
5.09 Gb Paging File | 4.87 Gb Available in Paging File | 95.61% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS1 | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 186.33 Gb Free Space | 80.01% Space Free | Partition Type: NTFS
Drive D: | 76.33 Gb Total Space | 52.15 Gb Free Space | 68.32% Space Free | Partition Type: NTFS

Computer Name: KELLY-CBA445F79 | User Name: Klown | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/15 15:10:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\OTL.exe
PRC - [2011/07/04 06:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/07/15 15:10:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\OTL.exe
MOD - [2011/07/04 06:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2008/04/13 19:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)


========== Driver Services (SafeList) ==========

DRV - [2011/07/04 06:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS1\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 06:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS1\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 06:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS1\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 06:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS1\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 06:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS1\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 06:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS1\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 06:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS1\System32\drivers\aswFsBlk.sys -- (aswFsBlk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS1\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS1\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://bartlettfirstassembly.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========




[2011/07/15 10:06:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Mozilla\Extensions
[2011/05/11 13:56:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/06/22 17:16:20 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/23 11:30:53 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2010/10/23 11:30:53 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2010/12/08 17:18:33 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/13 17:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/05/05 18:23:28 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS1\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.10.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS1\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS1\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS1\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/15 16:05:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/15 15:10:40 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\OTL.exe
[2011/07/15 10:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\vlc
[2011/07/15 10:14:20 | 000,000,000 | ---D | C] -- C:\VideoLAN
[2011/07/15 10:09:44 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Minidump
[2011/07/15 10:06:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Local Settings\Application Data\Mozilla
[2011/07/15 10:06:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Mozilla
[2011/07/15 09:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Malwarebytes
[2011/07/15 09:49:39 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS1\System32\drivers\mbamswissarmy.sys
[2011/07/15 09:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/15 09:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Malwarebytes
[2011/07/15 09:49:36 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS1\System32\drivers\mbam.sys
[2011/07/15 09:49:36 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2011/07/15 09:47:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Macromedia
[2011/07/15 08:42:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\avast! Free Antivirus
[2011/07/15 08:42:18 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswSP.sys
[2011/07/15 08:42:18 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswFsBlk.sys
[2011/07/15 08:42:15 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswRdr.sys
[2011/07/15 08:42:14 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswSnx.sys
[2011/07/15 08:42:14 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswTdi.sys
[2011/07/15 08:42:12 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswmon2.sys
[2011/07/15 08:42:12 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswmon.sys
[2011/07/15 08:42:12 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aavmker4.sys
[2011/07/15 08:42:00 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS1\avastSS.scr
[2011/07/15 08:41:59 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\aswBoot.exe
[2011/07/15 08:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/07/15 08:41:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\AVAST Software
[2011/07/15 08:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Downloads
[2011/07/15 08:24:43 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\IECompatCache
[2011/07/15 08:23:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\PrivacIE
[2011/07/15 08:20:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\IETldCache
[2011/07/15 08:10:25 | 000,000,000 | ---D | C] -- C:\WINDOWS1\ie8updates
[2011/07/15 08:10:19 | 011,081,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\ieframe.dll
[2011/07/15 08:10:19 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\iertutil.dll
[2011/07/15 08:10:19 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\iedvtool.dll
[2011/07/15 08:10:19 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\msfeeds.dll
[2011/07/15 08:10:19 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\msfeedsbs.dll
[2011/07/15 08:10:10 | 000,000,000 | ---D | C] -- C:\WINDOWS1\WBEM
[2011/07/15 08:09:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS1\ie8
[2011/07/15 03:16:49 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Prefetch
[2011/07/14 22:26:35 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\scripting
[2011/07/14 22:26:35 | 000,000,000 | ---D | C] -- C:\WINDOWS1\l2schemas
[2011/07/14 22:26:35 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\en-us
[2011/07/14 22:26:34 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\en
[2011/07/14 22:26:34 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\bits
[2011/07/14 22:22:34 | 000,000,000 | ---D | C] -- C:\WINDOWS1\network diagnostic
[2011/07/14 22:21:27 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\ReinstallBackups
[2011/07/14 22:19:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS1\$NtServicePackUninstall$
[2011/07/14 22:17:18 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS1\System32\drivers\watv10nt.sys
[2011/07/14 22:17:18 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS1\System32\drivers\watv06nt.sys
[2011/07/14 22:17:18 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS1\System32\drivers\wadv11nt.sys
[2011/07/14 22:17:18 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS1\System32\drivers\wadv09nt.sys
[2011/07/14 22:17:18 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS1\System32\drivers\wadv07nt.sys
[2011/07/14 22:17:18 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS1\System32\drivers\wadv08nt.sys
[2011/07/14 22:17:16 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS1\System32\drivers\slntamr.sys
[2011/07/14 22:17:16 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS1\System32\drivers\s3gnbm.sys
[2011/07/14 22:17:16 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS1\System32\drivers\slnt7554.sys
[2011/07/14 22:17:16 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS1\System32\drivers\slnthal.sys
[2011/07/14 22:17:16 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS1\System32\drivers\recagent.sys
[2011/07/14 22:17:16 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS1\System32\drivers\slwdmsup.sys
[2011/07/14 22:17:15 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS1\System32\drivers\mtlstrm.sys
[2011/07/14 22:17:15 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS1\System32\drivers\mtxparhm.sys
[2011/07/14 22:17:15 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS1\System32\drivers\ntmtlfax.sys
[2011/07/14 22:17:15 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS1\System32\drivers\mtlmnt5.sys
[2011/07/14 22:16:32 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati2mtag.sys
[2011/07/14 22:16:32 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati2mtaa.sys
[2011/07/14 22:16:32 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\atinrvxx.sys
[2011/07/14 22:16:32 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\atintuxx.sys
[2011/07/14 22:16:32 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati1rvxx.sys
[2011/07/14 22:16:32 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\atinxsxx.sys
[2011/07/14 22:16:32 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\atinbtxx.sys
[2011/07/14 22:16:32 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati1btxx.sys
[2011/07/14 22:16:32 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\atinraxx.sys
[2011/07/14 22:16:32 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati1tuxx.sys
[2011/07/14 22:16:32 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati1xsxx.sys
[2011/07/14 22:16:32 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\atinxbxx.sys
[2011/07/14 22:16:32 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati1raxx.sys
[2011/07/14 22:16:32 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati1xbxx.sys
[2011/07/14 22:16:32 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\atinsnxx.sys
[2011/07/14 22:16:32 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati1snxx.sys
[2011/07/14 22:16:32 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati1ttxx.sys
[2011/07/14 22:16:32 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\atinpdxx.sys
[2011/07/14 22:16:32 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\atinttxx.sys
[2011/07/14 22:16:32 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\atinmdxx.sys
[2011/07/14 22:16:32 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati1pdxx.sys
[2011/07/14 22:16:32 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS1\System32\drivers\ati1mdxx.sys
[2011/07/14 21:53:23 | 000,000,000 | ---D | C] -- C:\WINDOWS1\ServicePackFiles
[2011/07/14 21:48:27 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\mrxsmb.sys
[2011/07/14 21:48:25 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\helpsvc.exe
[2011/07/14 21:48:16 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\ntkrnlmp.exe
[2011/07/14 21:48:16 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\lsasrv.dll
[2011/07/14 21:48:15 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\ntoskrnl.exe
[2011/07/14 21:48:15 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\ntkrpamp.exe
[2011/07/14 21:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Windows Genuine Advantage
[2011/07/14 21:47:45 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\aclayers.dll
[2011/07/14 21:47:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\UserData
[2011/07/14 21:46:47 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\bthport.sys
[2011/07/14 21:46:41 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\srv.sys
[2011/07/14 21:46:17 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\fontsub.dll
[2011/07/14 21:46:16 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\t2embed.dll
[2011/07/14 21:45:50 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\rmcast.sys
[2011/07/14 21:45:07 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\netapi32.dll
[2011/07/14 21:44:02 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\xpsp3res.dll
[2011/07/14 21:37:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS1\$MSI31Uninstall_KB893803v2$
[2011/07/14 21:37:17 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\spupdsvc.exe
[2011/07/14 21:37:17 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\spmsg.dll
[2011/07/14 21:37:17 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\PreInstall
[2011/07/14 21:37:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS1\$hf_mig$
[2011/07/14 21:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Identities
[2011/07/14 21:33:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\My Documents\My Music
[2011/07/14 21:33:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\My Documents\My Pictures
[2011/07/14 21:33:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Microsoft
[2011/07/14 21:33:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\SendTo
[2011/07/14 21:33:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Recent
[2011/07/14 21:33:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data
[2011/07/14 21:33:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Startup
[2011/07/14 21:33:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu
[2011/07/14 21:33:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\My Documents
[2011/07/14 21:33:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Favorites
[2011/07/14 21:33:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Accessories
[2011/07/14 21:33:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Cookies
[2011/07/14 21:33:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Templates
[2011/07/14 21:33:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\PrintHood
[2011/07/14 21:33:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\NetHood
[2011/07/14 21:33:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Local Settings
[2011/07/14 21:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Local Settings\Application Data\Microsoft
[2011/07/14 21:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop
[2011/07/14 21:32:10 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\SoftwareDistribution
[2011/07/14 21:31:07 | 000,000,000 | ---D | C] -- C:\WINDOWS1\SoftwareDistribution
[2011/07/14 21:30:54 | 000,000,000 | --SD | C] -- C:\WINDOWS1\System32\Microsoft
[2011/07/14 21:28:56 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\winzm.ime
[2011/07/14 21:28:56 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\winsp.ime
[2011/07/14 21:28:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\winpy.ime
[2011/07/14 21:28:55 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\winar30.ime
[2011/07/14 21:28:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wingb.ime
[2011/07/14 21:28:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\winime.ime
[2011/07/14 21:28:54 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\weitekp9.dll
[2011/07/14 21:28:54 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\weitekp9.sys
[2011/07/14 21:28:53 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\w3ext.dll
[2011/07/14 21:28:53 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\w32.dll
[2011/07/14 21:28:53 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wamps51.dll
[2011/07/14 21:28:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\w3svapi.dll
[2011/07/14 21:28:53 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\w3ctrs51.dll
[2011/07/14 21:28:52 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\voicepad.dll
[2011/07/14 21:28:52 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\voicesub.dll
[2011/07/14 21:28:50 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\uniime.dll
[2011/07/14 21:28:50 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\unicdime.ime
[2011/07/14 21:28:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tsprof.exe
[2011/07/14 21:28:48 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tintlgnt.ime
[2011/07/14 21:28:48 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tintsetp.exe
[2011/07/14 21:28:48 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\thawbrkr.dll
[2011/07/14 21:28:48 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tintlphr.exe
[2011/07/14 21:28:48 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tmigrate.dll
[2011/07/14 21:28:47 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tdipx.sys
[2011/07/14 21:28:47 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tdspx.sys
[2011/07/14 21:28:47 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tdasync.sys
[2011/07/14 21:28:45 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\srusbusd.dll
[2011/07/14 21:28:45 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\status.dll
[2011/07/14 21:28:44 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\softkey.dll
[2011/07/14 21:28:43 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\snmpstup.dll
[2011/07/14 21:28:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\EXCH_snprfdll.dll
[2011/07/14 21:28:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\EXCH_smtpctrs.dll
[2011/07/14 21:28:41 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm9aw.dll
[2011/07/14 21:28:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\smb6w.dll
[2011/07/14 21:28:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sma3w.dll
[2011/07/14 21:28:41 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm8cw.dll
[2011/07/14 21:28:41 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm93w.dll
[2011/07/14 21:28:41 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm92w.dll
[2011/07/14 21:28:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm90w.dll
[2011/07/14 21:28:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm8dw.dll
[2011/07/14 21:28:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm8aw.dll
[2011/07/14 21:28:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm89w.dll
[2011/07/14 21:28:41 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\smierrsm.dll
[2011/07/14 21:28:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\smimsgif.dll
[2011/07/14 21:28:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\smierrsy.dll
[2011/07/14 21:28:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm87w.dll
[2011/07/14 21:28:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm81w.dll
[2011/07/14 21:28:40 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sm59w.dll
[2011/07/14 21:28:40 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\simptcp.dll
[2011/07/14 21:28:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\EXCH_seos.dll
[2011/07/14 21:28:37 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS1\System32\dllcache\rwia330.dll
[2011/07/14 21:28:37 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS1\System32\dllcache\rwia001.dll
[2011/07/14 21:28:37 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\EXCH_scripto.dll
[2011/07/14 21:28:36 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\romanime.ime
[2011/07/14 21:28:35 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\EXCH_regtrace.exe
[2011/07/14 21:28:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\register.exe
[2011/07/14 21:28:33 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\quick.ime
[2011/07/14 21:28:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\quser.exe
[2011/07/14 21:28:32 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\query.exe
[2011/07/14 21:28:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\pmxviceo.dll
[2011/07/14 21:28:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\pmigrate.dll
[2011/07/14 21:28:31 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\pmxmcro.dll
[2011/07/14 21:28:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\pmxgl.dll
[2011/07/14 21:28:30 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\pintlgnt.ime
[2011/07/14 21:28:30 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\phon.ime
[2011/07/14 21:28:30 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\pintlphr.exe
[2011/07/14 21:28:30 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\pintlcsd.dll
[2011/07/14 21:28:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\permchk.dll
[2011/07/14 21:28:29 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\padrs411.dll
[2011/07/14 21:28:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\pagecnt.dll
[2011/07/14 21:28:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\padrs404.dll
[2011/07/14 21:28:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\padrs804.dll
[2011/07/14 21:28:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\padrs412.dll
[2011/07/14 21:28:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\EXCH_ntfsdrv.dll
[2011/07/14 21:28:24 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\nextlink.dll
[2011/07/14 21:28:23 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\multibox.dll
[2011/07/14 21:28:19 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\msir3jp.lex
[2011/07/14 21:28:19 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\msir3jp.dll
[2011/07/14 21:28:11 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\mga.sys
[2011/07/14 21:28:11 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\mga.dll
[2011/07/14 21:28:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\mdsync.dll
[2011/07/14 21:28:10 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\EXCH_mailmsg.dll
[2011/07/14 21:28:09 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\logscrpt.dll
[2011/07/14 21:28:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\korwbrkr.dll
[2011/07/14 21:28:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdnecnt.dll
[2011/07/14 21:28:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdth3.dll
[2011/07/14 21:28:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdth2.dll
[2011/07/14 21:28:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdvntc.dll
[2011/07/14 21:28:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdusa.dll
[2011/07/14 21:28:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdurdu.dll
[2011/07/14 21:28:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdth1.dll
[2011/07/14 21:28:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdth0.dll
[2011/07/14 21:28:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdsyr2.dll
[2011/07/14 21:28:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdsyr1.dll
[2011/07/14 21:28:06 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdnecat.dll
[2011/07/14 21:28:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdnec95.dll
[2011/07/14 21:28:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdinpun.dll
[2011/07/14 21:28:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdintel.dll
[2011/07/14 21:28:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdintam.dll
[2011/07/14 21:28:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdinmar.dll
[2011/07/14 21:28:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdinkan.dll
[2011/07/14 21:28:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdinhin.dll
[2011/07/14 21:28:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdinguj.dll
[2011/07/14 21:28:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdindev.dll
[2011/07/14 21:28:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdheb.dll
[2011/07/14 21:28:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdfa.dll
[2011/07/14 21:28:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbddiv2.dll
[2011/07/14 21:28:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbddiv1.dll
[2011/07/14 21:28:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbda3.dll
[2011/07/14 21:28:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbda2.dll
[2011/07/14 21:28:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbda1.dll
[2011/07/14 21:28:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdgeo.dll
[2011/07/14 21:28:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdarmw.dll
[2011/07/14 21:28:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdarme.dll
[2011/07/14 21:28:04 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\jupiw.dll
[2011/07/14 21:28:04 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\iwrps.dll
[2011/07/14 21:28:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\isapips.dll
[2011/07/14 21:28:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbd101a.dll
[2011/07/14 21:28:02 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imskf.dll
[2011/07/14 21:28:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\infoctrs.dll
[2011/07/14 21:28:01 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imskdic.dll
[2011/07/14 21:28:01 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjputyc.dll
[2011/07/14 21:28:01 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjputy.exe
[2011/07/14 21:28:01 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjprw.exe
[2011/07/14 21:28:01 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjpmig.exe
[2011/07/14 21:28:01 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imlang.dll
[2011/07/14 21:28:01 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imkrinst.exe
[2011/07/14 21:28:01 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjpuex.exe
[2011/07/14 21:28:00 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjp81k.dll
[2011/07/14 21:28:00 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjpcus.dll
[2011/07/14 21:28:00 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjpcic.dll
[2011/07/14 21:28:00 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjpdct.exe
[2011/07/14 21:28:00 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjpdsvr.exe
[2011/07/14 21:28:00 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjpdct.dll
[2011/07/14 21:28:00 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjpdadm.exe
[2011/07/14 21:27:59 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imjp81.ime
[2011/07/14 21:27:59 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imepadsv.exe
[2011/07/14 21:27:59 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imekrcic.dll
[2011/07/14 21:27:59 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imepadsm.dll
[2011/07/14 21:27:59 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imekr61.ime
[2011/07/14 21:27:59 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imekrmbx.dll
[2011/07/14 21:27:59 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\imekrmig.exe
[2011/07/14 21:27:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\iissync.exe
[2011/07/14 21:27:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\iismui.dll
[2011/07/14 21:27:58 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\iisclex4.dll
[2011/07/14 21:27:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\iiscrmap.dll
[2011/07/14 21:27:54 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\hwxkor.dll
[2011/07/14 21:27:46 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\hwxcht.dll
[2011/07/14 21:27:45 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\hanjadic.dll
[2011/07/14 21:27:43 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\fxsroute.dll
[2011/07/14 21:27:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\fxssend.exe
[2011/07/14 21:27:42 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\fxsclntr.dll
[2011/07/14 21:27:42 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\fxscfgwz.dll
[2011/07/14 21:27:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\flattemp.exe
[2011/07/14 21:27:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\ftpctrs2.dll
[2011/07/14 21:27:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\ftlx041e.dll
[2011/07/14 21:27:40 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\EXCH_fcachdll.dll
[2011/07/14 21:27:39 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS1\System32\dllcache\esuimgd.dll
[2011/07/14 21:27:39 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS1\System32\dllcache\esunid.dll
[2011/07/14 21:27:39 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS1\System32\dllcache\esucmd.dll
[2011/07/14 21:27:39 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\et4000.sys
[2011/07/14 21:27:38 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\edb500.dll
[2011/07/14 21:27:32 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\dayi.ime
[2011/07/14 21:27:31 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\cprofile.exe
[2011/07/14 21:27:30 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\cplexe.exe
[2011/07/14 21:27:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\convlog.exe
[2011/07/14 21:27:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\controt.dll
[2011/07/14 21:27:30 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\counters.dll
[2011/07/14 21:27:28 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\cintsetp.exe
[2011/07/14 21:27:28 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\cintime.dll
[2011/07/14 21:27:28 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\chtmbx.dll
[2011/07/14 21:27:28 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\chtskdic.dll
[2011/07/14 21:27:28 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\cintlgnt.ime
[2011/07/14 21:27:27 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\chsbrkr.dll
[2011/07/14 21:27:27 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\chtbrkr.dll
[2011/07/14 21:27:26 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\chajei.ime
[2011/07/14 21:27:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\chgport.exe
[2011/07/14 21:27:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\chgusr.exe
[2011/07/14 21:27:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\chglogon.exe
[2011/07/14 21:27:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\change.exe
[2011/07/14 21:27:24 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS1\System32\dllcache\cap7146.sys
[2011/07/14 21:27:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\c_iscii.dll
[2011/07/14 21:27:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\c_is2022.dll
[2011/07/14 21:27:19 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\browscap.dll
[2011/07/14 21:27:17 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\asptxn.dll
[2011/07/14 21:27:17 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\authfilt.dll
[2011/07/14 21:27:16 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\EXCH_aqadmin.dll
[2011/07/14 21:27:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\aspperf.dll
[2011/07/14 21:27:14 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\adrot.dll
[2011/07/14 21:27:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\EXCH_adsiisex.dll
[2011/07/14 21:27:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\admxprox.dll
[2011/07/14 21:27:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wamregps.dll
[2011/07/14 21:27:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\inetsloc.dll
[2011/07/14 21:27:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\inetmgr.exe
[2011/07/14 21:27:02 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\iisui.dll
[2011/07/14 21:27:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\iisreset.exe
[2011/07/14 21:27:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\ftpsapi2.dll
[2011/07/14 21:27:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\iisrstap.dll
[2011/07/14 21:26:59 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\certmap.ocx
[2011/07/14 21:26:54 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\xircom
[2011/07/14 21:26:21 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mapi32.dll
[2011/07/14 21:25:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users.WINDOWS1\DRM
[2011/07/14 21:25:16 | 000,000,000 | --SD | C] -- C:\WINDOWS1\Downloaded Program Files
[2011/07/14 21:25:16 | 000,000,000 | R--D | C] -- C:\WINDOWS1\Offline Web Pages
[2011/07/14 21:24:43 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\DirectX
[2011/07/14 21:24:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\notiflag.exe
[2011/07/14 21:24:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\atrace.dll
[2011/07/14 21:24:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\atrace.dll
[2011/07/14 21:24:24 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\helphost.exe
[2011/07/14 21:24:24 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\brpinfo.dll
[2011/07/14 21:24:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\hcappres.dll
[2011/07/14 21:24:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\srdiag.exe
[2011/07/14 21:24:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\nmevtmsg.dll
[2011/07/14 21:24:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\nmevtmsg.dll
[2011/07/14 21:24:12 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\acctres.dll
[2011/07/14 21:24:12 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\acctres.dll
[2011/07/14 21:24:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\isignup.exe
[2011/07/14 21:24:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\icfgnt5.dll
[2011/07/14 21:24:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\icfgnt5.dll
[2011/07/14 21:24:11 | 000,000,000 | --SD | C] -- C:\WINDOWS1\Tasks
[2011/07/14 21:24:07 | 000,000,000 | ---D | C] -- C:\WINDOWS1\srchasst
[2011/07/14 21:24:07 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\Macromed
[2011/07/14 21:24:05 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\wucltui.dll
[2011/07/14 21:24:05 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\wuaueng1.dll
[2011/07/14 21:24:04 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\wuapi.dll
[2011/07/14 21:24:04 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\wuauclt1.exe
[2011/07/14 21:24:04 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\wups.dll
[2011/07/14 21:24:04 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wups.dll
[2011/07/14 21:24:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\bitsprx2.dll
[2011/07/14 21:24:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\bitsprx3.dll
[2011/07/14 21:24:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\qmgrprxy.dll
[2011/07/14 21:23:59 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\safrslv.dll
[2011/07/14 21:23:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\safrcdlg.dll
[2011/07/14 21:23:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\racpldlg.dll
[2011/07/14 21:23:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\safrdm.dll
[2011/07/14 21:23:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\fltmc.exe
[2011/07/14 21:23:54 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\srrstr.dll
[2011/07/14 21:23:54 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\Restore
[2011/07/14 21:23:53 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\ils.dll
[2011/07/14 21:23:53 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mnmdd.dll
[2011/07/14 21:23:53 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS1\System32\isrdbg32.dll
[2011/07/14 21:23:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\nmmkcert.dll
[2011/07/14 21:23:52 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\msoeacct.dll
[2011/07/14 21:23:52 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\msoert2.dll
[2011/07/14 21:23:52 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\msconf.dll
[2011/07/14 21:23:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\inetres.dll
[2011/07/14 21:23:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mstinit.exe
[2011/07/14 21:23:50 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\inetcfg.dll
[2011/07/14 21:23:50 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\isign32.dll
[2011/07/14 21:23:50 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\icwdial.dll
[2011/07/14 21:23:50 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\icwphbk.dll
[2011/07/14 21:23:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Documents\My Pictures
[2011/07/14 21:23:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Games
[2011/07/14 21:23:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Administrative Tools
[2011/07/14 21:23:00 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Registration
[2011/07/14 21:22:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Documents\My Music
[2011/07/14 21:22:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\write.exe
[2011/07/14 21:22:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\write.exe
[2011/07/14 21:22:39 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\sndvol32.exe
[2011/07/14 21:22:39 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sndvol32.exe
[2011/07/14 21:22:39 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS1\System32\hticons.dll
[2011/07/14 21:22:38 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\avtapi.dll
[2011/07/14 21:22:38 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\avtapi.dll
[2011/07/14 21:22:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\avwav.dll
[2011/07/14 21:22:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\avwav.dll
[2011/07/14 21:22:38 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\winchat.exe
[2011/07/14 21:22:38 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\winchat.exe
[2011/07/14 21:22:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\avmeter.dll
[2011/07/14 21:22:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\avmeter.dll
[2011/07/14 21:22:32 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\getuname.dll
[2011/07/14 21:22:32 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\getuname.dll
[2011/07/14 21:22:31 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\winmine.exe
[2011/07/14 21:22:31 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\winmine.exe
[2011/07/14 21:22:31 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\calc.exe
[2011/07/14 21:22:31 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\calc.exe
[2011/07/14 21:22:31 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\charmap.exe
[2011/07/14 21:22:31 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\charmap.exe
[2011/07/14 21:22:31 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\sol.exe
[2011/07/14 21:22:31 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\sol.exe
[2011/07/14 21:22:30 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mshearts.exe
[2011/07/14 21:22:30 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\mshearts.exe
[2011/07/14 21:22:30 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\freecell.exe
[2011/07/14 21:22:30 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\freecell.exe
[2011/07/14 21:22:30 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\tsshutdn.exe
[2011/07/14 21:22:30 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tsshutdn.exe
[2011/07/14 21:22:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\tskill.exe
[2011/07/14 21:22:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tskill.exe
[2011/07/14 21:22:30 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\rwinsta.exe
[2011/07/14 21:22:30 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\rwinsta.exe
[2011/07/14 21:22:30 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\tsdiscon.exe
[2011/07/14 21:22:30 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tsdiscon.exe
[2011/07/14 21:22:30 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\tscon.exe
[2011/07/14 21:22:30 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tscon.exe
[2011/07/14 21:22:30 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\shadow.exe
[2011/07/14 21:22:30 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\shadow.exe
[2011/07/14 21:22:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\reset.exe
[2011/07/14 21:22:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\reset.exe
[2011/07/14 21:22:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\regini.exe
[2011/07/14 21:22:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\regini.exe
[2011/07/14 21:22:29 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\qwinsta.exe
[2011/07/14 21:22:29 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\qwinsta.exe
[2011/07/14 21:22:29 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\msg.exe
[2011/07/14 21:22:29 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\msg.exe
[2011/07/14 21:22:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\qappsrv.exe
[2011/07/14 21:22:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\qappsrv.exe
[2011/07/14 21:22:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\cdmodem.dll
[2011/07/14 21:22:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\cdmodem.dll
[2011/07/14 21:22:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\logoff.exe
[2011/07/14 21:22:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\logoff.exe
[2011/07/14 21:22:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\rdpcfgex.dll
[2011/07/14 21:22:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\rdpcfgex.dll
[2011/07/14 21:22:28 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\comrepl.dll
[2011/07/14 21:22:28 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mtxlegih.dll
[2011/07/14 21:22:28 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mtxdm.dll
[2011/07/14 21:22:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\comaddin.dll
[2011/07/14 21:22:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\mtsadmin.tlb
[2011/07/14 21:22:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dcomcnfg.exe
[2011/07/14 21:22:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mtxex.dll
[2011/07/14 21:22:27 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\comsnap.dll
[2011/07/14 21:22:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\stclient.dll
[2011/07/14 21:22:27 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wmi2xml.dll
[2011/07/14 21:22:24 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\updprov.dll
[2011/07/14 21:22:24 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wmipicmp.dll
[2011/07/14 21:22:24 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tmplprov.dll
[2011/07/14 21:22:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wmimsg.dll
[2011/07/14 21:22:24 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wbemdisp.tlb
[2011/07/14 21:22:24 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\trnsprov.dll
[2011/07/14 21:22:24 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wmitimep.dll
[2011/07/14 21:22:24 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\smtpcons.dll
[2011/07/14 21:22:24 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wbemads.tlb
[2011/07/14 21:22:24 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\unsecapp.exe
[2011/07/14 21:22:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\winmgmtr.dll
[2011/07/14 21:22:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\winmgmt.exe
[2011/07/14 21:22:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\wbemads.dll
[2011/07/14 21:22:23 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\msiprov.dll
[2011/07/14 21:22:23 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\dsprov.dll
[2011/07/14 21:22:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\fwdprov.dll
[2011/07/14 21:22:22 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS1\System32\hypertrm.dll
[2011/07/14 21:22:22 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\accwiz.exe
[2011/07/14 21:22:22 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\sndrec32.exe
[2011/07/14 21:22:22 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mplay32.exe
[2011/07/14 21:22:22 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\mplay32.exe
[2011/07/14 21:22:22 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\access.cpl
[2011/07/14 21:22:21 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\spider.exe
[2011/07/14 21:22:21 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mspaint.exe
[2011/07/14 21:22:21 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\clipbrd.exe
[2011/07/14 21:22:20 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\mstscax.dll
[2011/07/14 21:22:20 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\mstsc.exe
[2011/07/14 21:22:20 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\rdchost.dll
[2011/07/14 21:22:20 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\tscfgwmi.dll
[2011/07/14 21:22:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\rdshost.exe
[2011/07/14 21:22:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\tscupgrd.exe
[2011/07/14 21:22:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\tscupgrd.exe
[2011/07/14 21:22:20 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\rdsaddin.exe
[2011/07/14 21:22:19 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\msdtcuiu.dll
[2011/07/14 21:22:19 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mtxoci.dll
[2011/07/14 21:22:19 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\rdpwsx.dll
[2011/07/14 21:22:19 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\rdpclip.exe
[2011/07/14 21:22:19 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\cfgbkend.dll
[2011/07/14 21:22:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\rdpsnd.dll
[2011/07/14 21:22:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\qprocess.exe
[2011/07/14 21:22:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\icaapi.dll
[2011/07/14 21:22:19 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\MsDtc
[2011/07/14 21:22:18 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\msdtctm.dll
[2011/07/14 21:22:18 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\msdtcprx.dll
[2011/07/14 21:22:18 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\msdtclog.dll
[2011/07/14 21:22:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\xolehlp.dll
[2011/07/14 21:22:17 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\catsrvut.dll
[2011/07/14 21:22:17 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\clbcatex.dll
[2011/07/14 21:22:17 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\catsrvps.dll
[2011/07/14 21:22:17 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\colbact.dll
[2011/07/14 21:22:17 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\Com
[2011/07/14 21:22:16 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\comsvcs.dll
[2011/07/14 21:22:16 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\comuid.dll
[2011/07/14 21:22:16 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\catsrv.dll
[2011/07/14 21:22:10 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\cmprops.dll
[2011/07/14 21:22:10 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\licwmi.dll
[2011/07/14 21:22:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\servdeps.dll
[2011/07/14 21:22:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\mmfutil.dll
[2011/07/14 21:22:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Documents\My Videos
[2011/07/14 21:19:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Accessories
[2011/07/14 16:11:31 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\usbui.dll
[2011/07/14 16:08:55 | 000,000,000 | -HSD | C] -- C:\WINDOWS1\Installer
[2011/07/14 16:08:49 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdtuq.dll
[2011/07/14 16:08:49 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdtuf.dll
[2011/07/14 16:08:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdtuq.dll
[2011/07/14 16:08:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdtuf.dll
[2011/07/14 16:08:49 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdazel.dll
[2011/07/14 16:08:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdazel.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdycc.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbduzb.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdur.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdtat.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdru1.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdru.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdmon.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdkyr.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdkaz.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdbu.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdblr.dll
[2011/07/14 16:08:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdaze.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdycc.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbduzb.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdur.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdtat.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdru1.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdru.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdmon.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdkyr.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdkaz.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdbu.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdblr.dll
[2011/07/14 16:08:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdaze.dll
[2011/07/14 16:08:45 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdhept.dll
[2011/07/14 16:08:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdhept.dll
[2011/07/14 16:08:44 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdhela3.dll
[2011/07/14 16:08:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdhela3.dll
[2011/07/14 16:08:44 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdhela2.dll
[2011/07/14 16:08:44 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdgkl.dll
[2011/07/14 16:08:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdhela2.dll
[2011/07/14 16:08:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdgkl.dll
[2011/07/14 16:08:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdhe319.dll
[2011/07/14 16:08:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdhe220.dll
[2011/07/14 16:08:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdhe.dll
[2011/07/14 16:08:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdhe319.dll
[2011/07/14 16:08:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdhe220.dll
[2011/07/14 16:08:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdhe.dll
[2011/07/14 16:08:43 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdlv1.dll
[2011/07/14 16:08:43 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdlv.dll
[2011/07/14 16:08:43 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdest.dll
[2011/07/14 16:08:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdlv1.dll
[2011/07/14 16:08:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdlv.dll
[2011/07/14 16:08:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdest.dll
[2011/07/14 16:08:43 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdlt1.dll
[2011/07/14 16:08:43 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdlt.dll
[2011/07/14 16:08:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdlt1.dll
[2011/07/14 16:08:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdlt.dll
[2011/07/14 16:08:40 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdcz.dll
[2011/07/14 16:08:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdcz.dll
[2011/07/14 16:08:40 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdycl.dll
[2011/07/14 16:08:40 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdsl1.dll
[2011/07/14 16:08:40 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdsl.dll
[2011/07/14 16:08:40 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdpl.dll
[2011/07/14 16:08:40 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdhu.dll
[2011/07/14 16:08:40 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdcz2.dll
[2011/07/14 16:08:40 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdcz1.dll
[2011/07/14 16:08:40 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdcr.dll
[2011/07/14 16:08:40 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\KBDAL.DLL
[2011/07/14 16:08:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdycl.dll
[2011/07/14 16:08:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdsl1.dll
[2011/07/14 16:08:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdsl.dll
[2011/07/14 16:08:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdpl.dll
[2011/07/14 16:08:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdhu.dll
[2011/07/14 16:08:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdcz2.dll
[2011/07/14 16:08:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdcz1.dll
[2011/07/14 16:08:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdcr.dll
[2011/07/14 16:08:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdal.dll
[2011/07/14 16:08:40 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdro.dll
[2011/07/14 16:08:40 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdpl1.dll
[2011/07/14 16:08:40 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\kbdhu1.dll
[2011/07/14 16:08:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdro.dll
[2011/07/14 16:08:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdpl1.dll
[2011/07/14 16:08:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\kbdhu1.dll
[2011/07/14 16:08:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\irclass.dll
[2011/07/14 16:08:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\irclass.dll
[2011/07/14 16:08:37 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS1\System32\dllcache\dgrpsetu.dll
[2011/07/14 16:08:37 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS1\System32\dgrpsetu.dll
[2011/07/14 16:08:37 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS1\System32\EqnClass.Dll
[2011/07/14 16:08:37 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS1\System32\dllcache\eqnclass.dll
[2011/07/14 16:08:37 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS1\System32\dllcache\dgsetup.dll
[2011/07/14 16:08:37 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS1\System32\dgsetup.dll
[2011/07/14 16:08:37 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS1\System32\spxcoins.dll
[2011/07/14 16:08:37 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS1\System32\dllcache\spxcoins.dll
[2011/07/14 16:08:37 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\WFWNET.DRV
[2011/07/14 16:08:37 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\VER.DLL
[2011/07/14 16:08:37 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\TIMER.DRV
[2011/07/14 16:08:37 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\VGA.DRV
[2011/07/14 16:08:36 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\MSVIDEO.DLL
[2011/07/14 16:08:36 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\OLECLI.DLL
[2011/07/14 16:08:36 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\MCIAVI.DRV
[2011/07/14 16:08:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\MCIWAVE.DRV
[2011/07/14 16:08:36 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\MCISEQ.DRV
[2011/07/14 16:08:36 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\OLESVR.DLL
[2011/07/14 16:08:36 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\TAPI.DLL
[2011/07/14 16:08:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\SHELL.DLL
[2011/07/14 16:08:36 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\SYSTEM.DRV
[2011/07/14 16:08:36 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\MOUSE.DRV
[2011/07/14 16:08:36 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\SOUND.DRV
[2011/07/14 16:08:36 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\MMTASK.TSK
[2011/07/14 16:08:35 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\AVIFILE.DLL
[2011/07/14 16:08:35 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\AVICAP.DLL
[2011/07/14 16:08:35 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\COMMDLG.DLL
[2011/07/14 16:08:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\TASKMAN.EXE
[2011/07/14 16:08:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\dllcache\taskman.exe
[2011/07/14 16:08:35 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\LZEXPAND.DLL
[2011/07/14 16:08:35 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\KEYBOARD.DRV
[2011/07/14 16:08:34 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\winspool.drv
[2011/07/14 16:08:34 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System\MMSYSTEM.DLL
[2011/07/14 16:08:34 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\batt.dll
[2011/07/14 16:08:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS1\System32\storprop.dll
[2011/07/14 16:08:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Startup
[2011/07/14 16:08:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu
[2011/07/14 16:08:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Documents
[2011/07/14 16:08:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Templates
[2011/07/14 16:08:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Favorites
[2011/07/14 16:08:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Desktop
[2011/07/14 16:08:12 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\CatRoot2
[2011/07/14 16:08:12 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\CatRoot
[2011/07/14 16:08:06 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Microsoft
[2011/07/14 16:08:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data
[2011/07/14 16:00:42 | 000,000,000 | R-SD | C] -- C:\WINDOWS1\Fonts
[2011/07/14 16:00:42 | 000,000,000 | RHSD | C] -- C:\WINDOWS1\System32\dllcache
[2011/07/14 16:00:42 | 000,000,000 | R--D | C] -- C:\WINDOWS1\Web
[2011/07/14 16:00:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS1\inf
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\WinSxS
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\wins
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\wbem
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\usmt
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\twain_32
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Temp
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\system32
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\system
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\spool
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\ShellExt
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\Setup
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\security
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Resources
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\repair
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\ras
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Provisioning
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\PeerNet
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\pchealth
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\oobe
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\npp
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\mui
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\mui
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\msapps
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\msagent
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Media
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\java
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\inetsrv
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\IME
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\ime
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\icsxml
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\ias
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Help
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\export
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\drivers\etc
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\ehome
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\drivers
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Driver Cache
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\drivers\disdn
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\dhcp
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Debug
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Cursors
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Connection Wizard
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\config
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Config
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\AppPatch
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\addins
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\3com_dmi
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\3076
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\2052
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1054
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1042
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1041
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1037
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1033
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1031
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1028
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1025
[2011/06/28 22:08:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/06/16 20:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2011/06/16 20:37:03 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar Installer
[2011/06/16 20:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\TypingMaster
[4 C:\WINDOWS1\*.tmp files -> C:\WINDOWS1\*.tmp -> ]
[1 C:\WINDOWS1\System32\*.tmp files -> C:\WINDOWS1\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/15 15:10:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\OTL.exe
[2011/07/15 14:26:25 | 000,013,646 | ---- | M] () -- C:\WINDOWS1\System32\wpa.dbl
[2011/07/15 14:24:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS1\bootstat.dat
[2011/07/15 10:18:40 | 000,000,481 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Typing Master Pro.lnk
[2011/07/15 10:16:34 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\winamp.lnk
[2011/07/15 10:14:57 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\VLC media player.lnk
[2011/07/15 10:06:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS1\nsreg.dat
[2011/07/15 10:03:06 | 000,001,482 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Windows Explorer.lnk
[2011/07/15 08:42:13 | 000,002,625 | ---- | M] () -- C:\WINDOWS1\System32\CONFIG.NT
[2011/07/15 08:23:22 | 000,311,934 | ---- | M] () -- C:\WINDOWS1\System32\perfh009.dat
[2011/07/15 08:23:22 | 000,040,196 | ---- | M] () -- C:\WINDOWS1\System32\perfc009.dat
[2011/07/15 08:23:05 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Internet Explorer.lnk
[2011/07/15 08:20:09 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/15 08:11:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS1\imsins.BAK
[2011/07/15 08:09:31 | 000,000,552 | ---- | M] () -- C:\WINDOWS1\System32\d3d8caps.dat
[2011/07/15 07:08:20 | 000,316,640 | ---- | M] () -- C:\WINDOWS1\WMSysPr9.prx
[2011/07/15 03:16:34 | 000,091,888 | ---- | M] () -- C:\WINDOWS1\System32\FNTCACHE.DAT
[2011/07/14 21:33:18 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/07/14 21:32:18 | 000,013,588 | ---- | M] () -- C:\WINDOWS1\System32\wpa.bak
[2011/07/14 21:30:34 | 000,008,192 | ---- | M] () -- C:\WINDOWS1\REGLOCS.OLD
[2011/07/14 21:29:15 | 000,000,261 | ---- | M] () -- C:\WINDOWS1\System32\$winnt$.inf
[2011/07/14 21:26:34 | 000,023,392 | ---- | M] () -- C:\WINDOWS1\System32\nscompat.tlb
[2011/07/14 21:26:34 | 000,016,832 | ---- | M] () -- C:\WINDOWS1\System32\amcompat.tlb
[2011/07/14 21:26:21 | 000,004,205 | ---- | M] () -- C:\WINDOWS1\ODBCINST.INI
[2011/07/14 21:23:21 | 000,021,640 | ---- | M] () -- C:\WINDOWS1\System32\emptyregdb.dat
[2011/07/14 21:19:09 | 000,000,394 | -HS- | M] () -- C:\boot.ini
[2011/07/11 20:49:47 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS1\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS1\System32\drivers\mbam.sys
[2011/07/04 06:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS1\avastSS.scr
[2011/07/04 06:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\aswBoot.exe
[2011/07/04 06:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswSnx.sys
[2011/07/04 06:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswSP.sys
[2011/07/04 06:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswTdi.sys
[2011/07/04 06:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswmon2.sys
[2011/07/04 06:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswmon.sys
[2011/07/04 06:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswRdr.sys
[2011/07/04 06:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aavmker4.sys
[2011/07/04 06:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswFsBlk.sys
[2011/06/28 22:10:14 | 000,001,762 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Adobe Reader 8.lnk
[4 C:\WINDOWS1\*.tmp files -> C:\WINDOWS1\*.tmp -> ]
[1 C:\WINDOWS1\System32\*.tmp files -> C:\WINDOWS1\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/15 10:18:00 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Typing Master Pro.lnk
[2011/07/15 10:15:28 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\winamp.lnk
[2011/07/15 10:06:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS1\nsreg.dat
[2011/07/15 10:05:44 | 000,001,948 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Google Earth.lnk
[2011/07/15 10:05:44 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Kodak EasyShare.lnk
[2011/07/15 10:05:44 | 000,001,762 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Adobe Reader 8.lnk
[2011/07/15 10:05:44 | 000,001,635 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Mozilla.lnk
[2011/07/15 10:05:44 | 000,001,635 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Mozilla Firefox.lnk
[2011/07/15 10:05:44 | 000,001,591 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Mavis Beacon Teaches Typing Platinum 20.lnk
[2011/07/15 10:05:44 | 000,001,481 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\iTunes.lnk
[2011/07/15 10:05:44 | 000,001,431 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\QuickTime Player.lnk
[2011/07/15 10:05:44 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Yahoo! Messenger.lnk
[2011/07/15 10:05:44 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/07/15 10:05:44 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Lexmark 1200 Series All-In-One Center.lnk
[2011/07/15 10:05:44 | 000,000,559 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\VLC media player.lnk
[2011/07/15 09:49:39 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/15 08:42:19 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\avast! Free Antivirus.lnk
[2011/07/15 08:23:14 | 000,001,482 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Windows Explorer.lnk
[2011/07/15 08:23:05 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Internet Explorer.lnk
[2011/07/15 08:09:31 | 000,000,552 | ---- | C] () -- C:\WINDOWS1\System32\d3d8caps.dat
[2011/07/14 22:17:18 | 000,613,334 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmplayer.chm
[2011/07/14 22:17:18 | 000,354,468 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud1.wav
[2011/07/14 22:17:18 | 000,343,204 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud7.wav
[2011/07/14 22:17:18 | 000,343,204 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud6.wav
[2011/07/14 22:17:18 | 000,300,969 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\viz.wmv
[2011/07/14 22:17:18 | 000,172,196 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud9.wav
[2011/07/14 22:17:18 | 000,172,196 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud8.wav
[2011/07/14 22:17:18 | 000,172,196 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud3.wav
[2011/07/14 22:17:18 | 000,086,196 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud5.wav
[2011/07/14 22:17:18 | 000,086,180 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud4.wav
[2011/07/14 22:17:18 | 000,086,180 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud2.wav
[2011/07/14 22:17:18 | 000,067,374 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmplayer.adm
[2011/07/14 22:17:18 | 000,023,195 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmplay.chm
[2011/07/14 22:17:18 | 000,017,489 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\videobg.gif
[2011/07/14 22:17:18 | 000,017,272 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmdm.inf
[2011/07/14 22:17:18 | 000,010,457 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmptour.hta
[2011/07/14 22:17:18 | 000,008,677 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm7.gif
[2011/07/14 22:17:18 | 000,007,892 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm9.gif
[2011/07/14 22:17:18 | 000,007,636 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm2.gif
[2011/07/14 22:17:18 | 000,007,369 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm4.gif
[2011/07/14 22:17:18 | 000,006,769 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmfsdk.inf
[2011/07/14 22:17:18 | 000,006,241 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm3.gif
[2011/07/14 22:17:18 | 000,006,060 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm6.gif
[2011/07/14 22:17:18 | 000,005,789 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm1.gif
[2011/07/14 22:17:18 | 000,005,290 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\vidsamp.gif
[2011/07/14 22:17:18 | 000,004,193 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm8.gif
[2011/07/14 22:17:18 | 000,002,477 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm5.gif
[2011/07/14 22:17:18 | 000,001,771 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmptour.css
[2011/07/14 22:17:18 | 000,000,855 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpocm.inf
[2011/07/14 22:17:18 | 000,000,420 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmploc.js
[2011/07/14 22:17:17 | 000,023,829 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tourbg.gif
[2011/07/14 22:17:17 | 000,003,187 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tour.js
[2011/07/14 22:17:17 | 000,002,469 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tplay.gif
[2011/07/14 22:17:17 | 000,002,450 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tpause.gif
[2011/07/14 22:17:17 | 000,002,375 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tplayh.gif
[2011/07/14 22:17:17 | 000,002,371 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tpauseh.gif
[2011/07/14 22:17:16 | 000,572,557 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\rtuner.wmv
[2011/07/14 22:17:16 | 000,001,398 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\taon.gif
[2011/07/14 22:17:16 | 000,001,380 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\taonh.gif
[2011/07/14 22:17:16 | 000,001,380 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\taoff.gif
[2011/07/14 22:17:16 | 000,001,367 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\taoffh.gif
[2011/07/14 22:17:16 | 000,001,148 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\snd.htm
[2011/07/14 22:17:16 | 000,000,908 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\skins.inf
[2011/07/14 22:17:15 | 000,375,519 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\nuskin.wmv
[2011/07/14 22:17:15 | 000,077,307 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\plyr_err.chm
[2011/07/14 22:17:15 | 000,067,866 | ---- | C] () -- C:\WINDOWS1\System32\drivers\netwlan5.img
[2011/07/14 22:17:15 | 000,022,060 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\npds.zip
[2011/07/14 22:17:15 | 000,000,403 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\npdrmv2.zip
[2011/07/14 22:17:13 | 000,018,286 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\mplayer2.inf
[2011/07/14 22:17:13 | 000,002,778 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\mplogoh.gif
[2011/07/14 22:17:13 | 000,002,545 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\mplogo.gif
[2011/07/14 22:17:12 | 000,457,607 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\mdlib.wmv
[2011/07/14 22:17:11 | 000,005,971 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\events.js
[2011/07/14 22:17:08 | 000,381,425 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\copycd.wmv
[2011/07/14 22:17:08 | 000,129,045 | ---- | C] () -- C:\WINDOWS1\System32\drivers\cxthsfs2.cty
[2011/07/14 22:17:08 | 000,009,585 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\controls.css
[2011/07/14 22:17:08 | 000,008,298 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\contents.htm
[2011/07/14 22:17:08 | 000,006,878 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\controls.js
[2011/07/14 22:17:08 | 000,000,999 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\bktrh.gif
[2011/07/14 22:17:08 | 000,000,773 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\cnth.gif
[2011/07/14 22:17:08 | 000,000,773 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\cnt.gif
[2011/07/14 22:17:08 | 000,000,772 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\cntd.gif
[2011/07/14 22:17:08 | 000,000,760 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\cloapph.gif
[2011/07/14 22:17:08 | 000,000,717 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\cloapp.gif
[2011/07/14 22:16:32 | 000,064,352 | ---- | C] () -- C:\WINDOWS1\System32\drivers\ativmc20.cod
[2011/07/14 21:33:18 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/07/14 21:33:11 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Outlook Express.lnk
[2011/07/14 21:33:10 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/14 21:33:10 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Internet Explorer.lnk
[2011/07/14 21:33:05 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Remote Assistance.lnk
[2011/07/14 21:33:05 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Windows Media Player.lnk
[2011/07/14 21:32:18 | 000,013,588 | ---- | C] () -- C:\WINDOWS1\System32\wpa.bak
[2011/07/14 21:30:34 | 000,008,192 | ---- | C] () -- C:\WINDOWS1\REGLOCS.OLD
[2011/07/14 21:29:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS1\bootstat.dat
[2011/07/14 21:28:30 | 000,175,104 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\pintlcsa.dll
[2011/07/14 21:28:08 | 001,158,818 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\korwbrkr.lex
[2011/07/14 21:28:01 | 000,059,392 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\imscinst.exe
[2011/07/14 21:28:00 | 000,196,665 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\imjpinst.exe
[2011/07/14 21:27:59 | 000,134,339 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\imekr.lex
[2011/07/14 21:27:50 | 013,463,552 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\hwxjpn.dll
[2011/07/14 21:27:44 | 000,108,827 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\hanja.lex
[2011/07/14 21:27:28 | 000,173,568 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\chtskf.dll
[2011/07/14 21:26:38 | 000,002,625 | ---- | C] () -- C:\WINDOWS1\System32\CONFIG.NT
[2011/07/14 21:26:34 | 000,023,392 | ---- | C] () -- C:\WINDOWS1\System32\nscompat.tlb
[2011/07/14 21:26:34 | 000,016,832 | ---- | C] () -- C:\WINDOWS1\System32\amcompat.tlb
[2011/07/14 21:26:33 | 000,316,640 | ---- | C] () -- C:\WINDOWS1\WMSysPr9.prx
[2011/07/14 21:25:02 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Windows Movie Maker.lnk
[2011/07/14 21:24:49 | 004,399,505 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\nls302en.lex
[2011/07/14 21:24:21 | 000,048,680 | -HS- | C] () -- C:\WINDOWS1\winnt256.bmp
[2011/07/14 21:24:21 | 000,048,680 | -HS- | C] () -- C:\WINDOWS1\winnt.bmp
[2011/07/14 21:24:13 | 000,000,984 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\srframe.mmf
[2011/07/14 21:23:22 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Windows Messenger.lnk
[2011/07/14 21:23:21 | 000,021,640 | ---- | C] () -- C:\WINDOWS1\System32\emptyregdb.dat
[2011/07/14 21:22:50 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\MSN.lnk
[2011/07/14 21:22:33 | 000,065,978 | ---- | C] () -- C:\WINDOWS1\Soap Bubbles.bmp
[2011/07/14 21:22:33 | 000,065,954 | ---- | C] () -- C:\WINDOWS1\Prairie Wind.bmp
[2011/07/14 21:22:33 | 000,065,832 | ---- | C] () -- C:\WINDOWS1\Santa Fe Stucco.bmp
[2011/07/14 21:22:33 | 000,026,680 | ---- | C] () -- C:\WINDOWS1\River Sumida.bmp
[2011/07/14 21:22:33 | 000,026,582 | ---- | C] () -- C:\WINDOWS1\Greenstone.bmp
[2011/07/14 21:22:33 | 000,017,362 | ---- | C] () -- C:\WINDOWS1\Rhododendron.bmp
[2011/07/14 21:22:33 | 000,017,336 | ---- | C] () -- C:\WINDOWS1\Gone Fishing.bmp
[2011/07/14 21:22:33 | 000,017,062 | ---- | C] () -- C:\WINDOWS1\Coffee Bean.bmp
[2011/07/14 21:22:33 | 000,016,730 | ---- | C] () -- C:\WINDOWS1\FeatherTexture.bmp
[2011/07/14 21:22:33 | 000,009,522 | ---- | C] () -- C:\WINDOWS1\Zapotec.bmp
[2011/07/14 21:22:33 | 000,001,272 | ---- | C] () -- C:\WINDOWS1\Blue Lace 16.bmp
[2011/07/14 21:22:30 | 000,003,286 | ---- | C] () -- C:\WINDOWS1\System32\tslabels.h
[2011/07/14 21:22:30 | 000,001,161 | ---- | C] () -- C:\WINDOWS1\System32\usrlogon.cmd
[2011/07/14 21:22:29 | 000,000,768 | ---- | C] () -- C:\WINDOWS1\System32\msdtcprf.h
[2011/07/14 21:22:23 | 000,063,488 | ---- | C] () -- C:\WINDOWS1\System32\wmimgmt.msc
[2011/07/14 16:08:58 | 000,001,374 | ---- | C] () -- C:\WINDOWS1\imsins.BAK
[2011/07/14 16:08:54 | 000,004,205 | ---- | C] () -- C:\WINDOWS1\ODBCINST.INI
[2011/07/14 16:08:35 | 000,001,688 | ---- | C] () -- C:\WINDOWS1\System32\AUTOEXEC.NT
[2011/07/14 16:08:24 | 001,042,903 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\SP2.CAT
[2011/07/14 16:08:24 | 000,797,189 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\NT5IIS.CAT
[2011/07/14 16:08:24 | 000,399,645 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\MAPIMIG.CAT
[2011/07/14 16:08:24 | 000,037,484 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\MW770.CAT
[2011/07/14 16:08:24 | 000,013,472 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\HPCRDP.CAT
[2011/07/14 16:08:24 | 000,008,574 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\IASNT4.CAT
[2011/07/14 16:08:24 | 000,007,382 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\OEMBIOS.CAT
[2011/07/14 16:08:24 | 000,007,334 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmerrenu.cat
[2011/07/14 16:07:31 | 000,091,888 | ---- | C] () -- C:\WINDOWS1\System32\FNTCACHE.DAT
[2011/07/14 16:06:12 | 000,000,261 | ---- | C] () -- C:\WINDOWS1\System32\$winnt$.inf
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS1\System32\oembios.bin
[2004/08/04 07:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS1\System32\ir50_32.dll
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS1\System32\mlang.dat
[2004/08/04 07:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS1\System32\ir41_qcx.dll
[2004/08/04 07:00:00 | 000,311,934 | ---- | C] () -- C:\WINDOWS1\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS1\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS1\System32\dssec.dat
[2004/08/04 07:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS1\System32\ir50_qc.dll
[2004/08/04 07:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS1\System32\ir50_qcx.dll
[2004/08/04 07:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS1\System32\ir41_qc.dll
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS1\System32\mib.bin
[2004/08/04 07:00:00 | 000,040,196 | ---- | C] () -- C:\WINDOWS1\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS1\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS1\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS1\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS1\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS1\System32\noise.dat

< End of report >





OTL Extra's



OTL Extras logfile created on: 7/15/2011 3:11:09 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.85 Gb Available Physical Memory | 87.61% Memory free
5.09 Gb Paging File | 4.87 Gb Available in Paging File | 95.61% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS1 | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 186.33 Gb Free Space | 80.01% Space Free | Partition Type: NTFS
Drive D: | 76.33 Gb Total Space | 52.15 Gb Free Space | 68.32% Space Free | Partition Type: NTFS

Computer Name: KELLY-CBA445F79 | User Name: Klown | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"avast" = avast! Free Antivirus
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"VLC media player" = VLC media player 1.1.10
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 10 Event Log Errors ==========

[ System Events ]
Error - 7/15/2011 9:19:53 AM | Computer Name = KELLY-CBA445F79 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
i8042prt

Error - 7/15/2011 11:11:16 AM | Computer Name = KELLY-CBA445F79 | Source = System Error | ID = 1003
Description = Error code 0000004e, parameter1 00000099, parameter2 00000000, parameter3
00000001, parameter4 00000000.

Error - 7/15/2011 12:15:16 PM | Computer Name = KELLY-CBA445F79 | Source = System Error | ID = 1003
Description = Error code 00000024, parameter1 001902fe, parameter2 b8a475ac, parameter3
b8a472a8, parameter4 80539169.


< End of report >



aswMBR to be added


aswMBR version 0.9.7.750 Copyright© 2011 AVAST Software
Run date: 2011-07-15 15:17:51
-----------------------------
15:17:51.984 OS Version: Windows 5.1.2600 Service Pack 3
15:17:51.984 Number of processors: 2 586 0xF0D
15:17:51.984 ComputerName: KELLY-CBA445F79 UserName: Klown
15:17:53.093 Initialize success
15:17:53.281 AVAST engine defs: 11071501
15:18:19.109 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:18:19.125 Disk 0 Vendor: Hitachi_HDP725025GLA380 GM2OA52A Size: 238475MB BusType: 3
15:18:19.140 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T1L0-19
15:18:19.140 Disk 1 Vendor: Maxtor_6Y080P0 YAR41BW0 Size: 78167MB BusType: 3
15:18:21.171 Disk 0 MBR read successfully
15:18:21.171 Disk 0 MBR scan
15:18:21.187 Disk 0 Windows XP default MBR code
15:18:23.203 Disk 0 scanning sectors +488392065
15:18:23.281 Disk 0 scanning C:\WINDOWS1\system32\drivers
15:18:39.187 Service scanning
15:18:40.093 Disk 0 trace - called modules:
15:18:40.125 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
15:18:40.140 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3f5ab8]
15:18:40.156 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000068[0x8a4a9340]
15:18:40.187 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a3f7940]
15:18:40.531 AVAST engine scan C:\WINDOWS1
15:38:44.781 AVAST engine scan C:\Documents and Settings\Klown.KELLY-CBA445F79
15:40:53.562 AVAST engine scan C:\Documents and Settings\All Users.WINDOWS1
15:41:04.031 Scan finished successfully
15:46:53.609 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\MBR.dat"
15:46:53.625 The log file has been saved successfully to "C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\aswMBR.txt"

Edited by klown69, 15 July 2011 - 02:48 PM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi what are the current problems you are experiencing, and what were the problems on the old install ?
  • 0

#3
klown69

klown69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Old install willnoteven boot into windows. ometimes gets to log in and then when attempting to put in password the screen pixels with blue squares. Couldbe a corrupted video driver but I can't boot into safe mode either with the same old account. New account works fie as that is what I am typing to you now in.
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets have a look to see what aswMBR shows, as you have Avast installed it will also run an AV scan with a good rootkit check :)
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OOps you added it as an edit

The new account looks good with no apparent malware - I would recommend that you run for a day or so and let me know if it is still working correctly. Anything in the old windows is safely isolated from the rest of the system
  • 0

#6
klown69

klown69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
OK I have been running the new installation since yesterday with no problems. Even windows update works now where the old installation it was disabled. Other then a few programs and moving documents over if they are clean the only thing left for me to do is try to import the old IE bookmarks to this new one.

Edited by klown69, 15 July 2011 - 03:11 PM.

  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK once you have done the import of all your settings/docs/bookmarks etc... Could you run a fresh OTL scan for me to check that no nasties have been transfered
  • 0

#8
klown69

klown69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
OK well I tried to add bookmarks and browse some web sites and the entire computer rebooted and then said it had recovered from a serious error after it restarted in windows.
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That is the one problem I was concerned about - Malware residing within documents and settings - could you run a fresh OTL with this custom script please

  • Run OTL.
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

  • 0

#10
klown69

klown69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
OTL logfile created on: 7/17/2011 8:40:07 AM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.85 Gb Available Physical Memory | 87.83% Memory free
5.09 Gb Paging File | 4.87 Gb Available in Paging File | 95.66% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS1 | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 183.03 Gb Free Space | 78.59% Space Free | Partition Type: NTFS
Drive D: | 76.33 Gb Total Space | 52.15 Gb Free Space | 68.32% Space Free | Partition Type: NTFS

Computer Name: KELLY-CBA445F79 | User Name: Klown | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/15 15:10:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\OTL.exe
PRC - [2011/07/04 06:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008/04/13 19:12:33 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\system32\savedump.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/07/15 15:10:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\OTL.exe
MOD - [2011/07/04 06:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)


========== Driver Services (SafeList) ==========

DRV - [2011/07/04 06:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS1\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 06:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS1\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 06:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS1\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 06:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS1\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 06:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS1\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 06:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS1\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 06:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS1\System32\drivers\aswFsBlk.sys -- (aswFsBlk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS1\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-790525478-2052111302-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS1\system32\blank.htm
IE - HKU\S-1-5-21-790525478-2052111302-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-790525478-2052111302-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://bartlettfirstassembly.com/
IE - HKU\S-1-5-21-790525478-2052111302-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS1\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2011/07/15 10:06:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Mozilla\Extensions
[2011/05/11 13:56:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/06/22 17:16:20 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/23 11:30:53 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2010/10/23 11:30:53 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2010/12/08 17:18:33 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/13 17:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/05/05 18:23:28 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS1\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\Klown\Start Menu\Programs\Startup\AutorunsDisabled [2010/12/16 22:39:31 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-2052111302-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.10.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS1\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS1\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS1\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/15 16:05:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/07/16 16:18:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Local Settings\Application Data\Temp
[2011/07/16 16:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Adobe
[2011/07/16 16:15:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Local Settings\Application Data\Adobe
[2011/07/16 16:15:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Adobe
[2011/07/15 20:44:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\VideoLAN
[2011/07/15 15:16:57 | 001,906,688 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\aswMBR.exe
[2011/07/15 15:10:40 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\OTL.exe
[2011/07/15 10:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\vlc
[2011/07/15 10:14:20 | 000,000,000 | ---D | C] -- C:\VideoLAN
[2011/07/15 10:09:44 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Minidump
[2011/07/15 10:06:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Local Settings\Application Data\Mozilla
[2011/07/15 10:06:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Mozilla
[2011/07/15 09:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Malwarebytes
[2011/07/15 09:49:39 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS1\System32\drivers\mbamswissarmy.sys
[2011/07/15 09:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/15 09:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Malwarebytes
[2011/07/15 09:49:36 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS1\System32\drivers\mbam.sys
[2011/07/15 09:49:36 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2011/07/15 09:47:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Macromedia
[2011/07/15 08:42:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\avast! Free Antivirus
[2011/07/15 08:42:18 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswSP.sys
[2011/07/15 08:42:18 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswFsBlk.sys
[2011/07/15 08:42:15 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswRdr.sys
[2011/07/15 08:42:14 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswSnx.sys
[2011/07/15 08:42:14 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswTdi.sys
[2011/07/15 08:42:12 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswmon2.sys
[2011/07/15 08:42:12 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswmon.sys
[2011/07/15 08:42:12 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aavmker4.sys
[2011/07/15 08:42:00 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS1\avastSS.scr
[2011/07/15 08:41:59 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS1\System32\aswBoot.exe
[2011/07/15 08:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/07/15 08:41:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\AVAST Software
[2011/07/15 08:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Downloads
[2011/07/15 08:24:43 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\IECompatCache
[2011/07/15 08:23:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\PrivacIE
[2011/07/15 08:20:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\IETldCache
[2011/07/15 08:10:25 | 000,000,000 | ---D | C] -- C:\WINDOWS1\ie8updates
[2011/07/15 08:10:10 | 000,000,000 | ---D | C] -- C:\WINDOWS1\WBEM
[2011/07/15 08:09:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS1\ie8
[2011/07/15 03:16:49 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Prefetch
[2011/07/14 22:26:35 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\scripting
[2011/07/14 22:26:35 | 000,000,000 | ---D | C] -- C:\WINDOWS1\l2schemas
[2011/07/14 22:26:35 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\en-us
[2011/07/14 22:26:34 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\en
[2011/07/14 22:26:34 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\bits
[2011/07/14 22:22:34 | 000,000,000 | ---D | C] -- C:\WINDOWS1\network diagnostic
[2011/07/14 22:21:27 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\ReinstallBackups
[2011/07/14 22:19:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS1\$NtServicePackUninstall$
[2011/07/14 21:53:23 | 000,000,000 | ---D | C] -- C:\WINDOWS1\ServicePackFiles
[2011/07/14 21:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Windows Genuine Advantage
[2011/07/14 21:47:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\UserData
[2011/07/14 21:37:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS1\$MSI31Uninstall_KB893803v2$
[2011/07/14 21:37:17 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\PreInstall
[2011/07/14 21:37:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS1\$hf_mig$
[2011/07/14 21:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Identities
[2011/07/14 21:33:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\My Documents\My Music
[2011/07/14 21:33:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\My Documents\My Pictures
[2011/07/14 21:33:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Microsoft
[2011/07/14 21:33:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\SendTo
[2011/07/14 21:33:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Recent
[2011/07/14 21:33:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data
[2011/07/14 21:33:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Startup
[2011/07/14 21:33:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu
[2011/07/14 21:33:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\My Documents
[2011/07/14 21:33:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Favorites
[2011/07/14 21:33:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Accessories
[2011/07/14 21:33:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Cookies
[2011/07/14 21:33:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Templates
[2011/07/14 21:33:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\PrintHood
[2011/07/14 21:33:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\NetHood
[2011/07/14 21:33:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Local Settings
[2011/07/14 21:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Local Settings\Application Data\Microsoft
[2011/07/14 21:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop
[2011/07/14 21:32:10 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\SoftwareDistribution
[2011/07/14 21:31:07 | 000,000,000 | ---D | C] -- C:\WINDOWS1\SoftwareDistribution
[2011/07/14 21:30:54 | 000,000,000 | --SD | C] -- C:\WINDOWS1\System32\Microsoft
[2011/07/14 21:28:37 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS1\System32\dllcache\rwia330.dll
[2011/07/14 21:28:37 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS1\System32\dllcache\rwia001.dll
[2011/07/14 21:27:24 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS1\System32\dllcache\cap7146.sys
[2011/07/14 21:26:54 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\xircom
[2011/07/14 21:25:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users.WINDOWS1\DRM
[2011/07/14 21:25:16 | 000,000,000 | --SD | C] -- C:\WINDOWS1\Downloaded Program Files
[2011/07/14 21:25:16 | 000,000,000 | R--D | C] -- C:\WINDOWS1\Offline Web Pages
[2011/07/14 21:24:43 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\DirectX
[2011/07/14 21:24:11 | 000,000,000 | --SD | C] -- C:\WINDOWS1\Tasks
[2011/07/14 21:24:07 | 000,000,000 | ---D | C] -- C:\WINDOWS1\srchasst
[2011/07/14 21:24:07 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\Macromed
[2011/07/14 21:23:54 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\Restore
[2011/07/14 21:23:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Documents\My Pictures
[2011/07/14 21:23:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Games
[2011/07/14 21:23:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Administrative Tools
[2011/07/14 21:23:00 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Registration
[2011/07/14 21:22:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Documents\My Music
[2011/07/14 21:22:19 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\MsDtc
[2011/07/14 21:22:17 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\Com
[2011/07/14 21:22:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Documents\My Videos
[2011/07/14 21:19:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Accessories
[2011/07/14 16:08:55 | 000,000,000 | -HSD | C] -- C:\WINDOWS1\Installer
[2011/07/14 16:08:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Startup
[2011/07/14 16:08:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu
[2011/07/14 16:08:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Documents
[2011/07/14 16:08:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Templates
[2011/07/14 16:08:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Favorites
[2011/07/14 16:08:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Desktop
[2011/07/14 16:08:12 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\CatRoot2
[2011/07/14 16:08:12 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\CatRoot
[2011/07/14 16:08:06 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Microsoft
[2011/07/14 16:08:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data
[2011/07/14 16:00:42 | 000,000,000 | R-SD | C] -- C:\WINDOWS1\Fonts
[2011/07/14 16:00:42 | 000,000,000 | RHSD | C] -- C:\WINDOWS1\System32\dllcache
[2011/07/14 16:00:42 | 000,000,000 | R--D | C] -- C:\WINDOWS1\Web
[2011/07/14 16:00:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS1\inf
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\WinSxS
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\wins
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\wbem
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\usmt
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\twain_32
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Temp
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\system32
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\system
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\spool
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\ShellExt
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\Setup
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\security
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Resources
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\repair
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\ras
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Provisioning
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\PeerNet
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\pchealth
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\oobe
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\npp
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\mui
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\mui
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\msapps
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\msagent
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Media
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\java
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\inetsrv
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\IME
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\ime
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\icsxml
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\ias
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Help
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\export
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\drivers\etc
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\ehome
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\drivers
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Driver Cache
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\drivers\disdn
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\dhcp
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Debug
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Cursors
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Connection Wizard
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\config
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\Config
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\AppPatch
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\addins
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\3com_dmi
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\3076
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\2052
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1054
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1042
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1041
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1037
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1033
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1031
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1028
[2011/07/14 16:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS1\System32\1025
[2011/06/28 22:08:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[4 C:\WINDOWS1\*.tmp files -> C:\WINDOWS1\*.tmp -> ]
[1 C:\WINDOWS1\System32\*.tmp files -> C:\WINDOWS1\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/17 08:38:12 | 000,013,646 | ---- | M] () -- C:\WINDOWS1\System32\wpa.dbl
[2011/07/17 08:37:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS1\bootstat.dat
[2011/07/16 21:28:44 | 000,000,664 | ---- | M] () -- C:\WINDOWS1\System32\d3d9caps.dat
[2011/07/16 16:16:30 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Adobe Reader X.lnk
[2011/07/16 16:14:03 | 000,637,882 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\59749 JME Regular Menu.pdf
[2011/07/15 21:48:17 | 000,091,888 | ---- | M] () -- C:\WINDOWS1\System32\FNTCACHE.DAT
[2011/07/15 21:46:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS1\imsins.BAK
[2011/07/15 20:44:53 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\VLC media player.lnk
[2011/07/15 17:30:14 | 2145,386,496 | ---- | M] () -- C:\WINDOWS1\MEMORY.DMP
[2011/07/15 15:46:53 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\MBR.dat
[2011/07/15 15:17:51 | 001,906,688 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\aswMBR.exe
[2011/07/15 15:10:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\OTL.exe
[2011/07/15 10:18:40 | 000,000,481 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Typing Master Pro.lnk
[2011/07/15 10:16:34 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\winamp.lnk
[2011/07/15 10:06:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS1\nsreg.dat
[2011/07/15 10:03:06 | 000,001,482 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Windows Explorer.lnk
[2011/07/15 08:42:13 | 000,002,625 | ---- | M] () -- C:\WINDOWS1\System32\CONFIG.NT
[2011/07/15 08:23:22 | 000,311,934 | ---- | M] () -- C:\WINDOWS1\System32\perfh009.dat
[2011/07/15 08:23:22 | 000,040,196 | ---- | M] () -- C:\WINDOWS1\System32\perfc009.dat
[2011/07/15 08:23:05 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Internet Explorer.lnk
[2011/07/15 08:20:09 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/15 08:09:31 | 000,000,552 | ---- | M] () -- C:\WINDOWS1\System32\d3d8caps.dat
[2011/07/15 07:08:20 | 000,316,640 | ---- | M] () -- C:\WINDOWS1\WMSysPr9.prx
[2011/07/14 21:33:18 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/07/14 21:32:18 | 000,013,588 | ---- | M] () -- C:\WINDOWS1\System32\wpa.bak
[2011/07/14 21:30:34 | 000,008,192 | ---- | M] () -- C:\WINDOWS1\REGLOCS.OLD
[2011/07/14 21:29:15 | 000,000,261 | ---- | M] () -- C:\WINDOWS1\System32\$winnt$.inf
[2011/07/14 21:26:34 | 000,023,392 | ---- | M] () -- C:\WINDOWS1\System32\nscompat.tlb
[2011/07/14 21:26:34 | 000,016,832 | ---- | M] () -- C:\WINDOWS1\System32\amcompat.tlb
[2011/07/14 21:26:21 | 000,004,205 | ---- | M] () -- C:\WINDOWS1\ODBCINST.INI
[2011/07/14 21:23:21 | 000,021,640 | ---- | M] () -- C:\WINDOWS1\System32\emptyregdb.dat
[2011/07/14 21:19:09 | 000,000,394 | -HS- | M] () -- C:\boot.ini
[2011/07/11 20:49:47 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS1\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS1\System32\drivers\mbam.sys
[2011/07/04 06:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS1\avastSS.scr
[2011/07/04 06:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\aswBoot.exe
[2011/07/04 06:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswSnx.sys
[2011/07/04 06:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswSP.sys
[2011/07/04 06:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswTdi.sys
[2011/07/04 06:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswmon2.sys
[2011/07/04 06:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswmon.sys
[2011/07/04 06:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswRdr.sys
[2011/07/04 06:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aavmker4.sys
[2011/07/04 06:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS1\System32\drivers\aswFsBlk.sys
[2011/06/28 22:10:14 | 000,001,762 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Adobe Reader 8.lnk
[4 C:\WINDOWS1\*.tmp files -> C:\WINDOWS1\*.tmp -> ]
[1 C:\WINDOWS1\System32\*.tmp files -> C:\WINDOWS1\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/16 21:28:44 | 000,000,664 | ---- | C] () -- C:\WINDOWS1\System32\d3d9caps.dat
[2011/07/16 16:16:30 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Adobe Reader X.lnk
[2011/07/16 16:16:29 | 000,001,806 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Adobe Reader X.lnk
[2011/07/16 16:14:01 | 000,637,882 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\59749 JME Regular Menu.pdf
[2011/07/15 15:46:53 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\MBR.dat
[2011/07/15 10:18:00 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Typing Master Pro.lnk
[2011/07/15 10:15:28 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\winamp.lnk
[2011/07/15 10:06:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS1\nsreg.dat
[2011/07/15 10:05:44 | 000,001,948 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Google Earth.lnk
[2011/07/15 10:05:44 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Kodak EasyShare.lnk
[2011/07/15 10:05:44 | 000,001,762 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Adobe Reader 8.lnk
[2011/07/15 10:05:44 | 000,001,635 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Mozilla.lnk
[2011/07/15 10:05:44 | 000,001,635 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Mozilla Firefox.lnk
[2011/07/15 10:05:44 | 000,001,591 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Mavis Beacon Teaches Typing Platinum 20.lnk
[2011/07/15 10:05:44 | 000,001,481 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\iTunes.lnk
[2011/07/15 10:05:44 | 000,001,431 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\QuickTime Player.lnk
[2011/07/15 10:05:44 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Yahoo! Messenger.lnk
[2011/07/15 10:05:44 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/07/15 10:05:44 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Lexmark 1200 Series All-In-One Center.lnk
[2011/07/15 10:05:44 | 000,000,559 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\VLC media player.lnk
[2011/07/15 09:49:39 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/15 08:42:19 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\avast! Free Antivirus.lnk
[2011/07/15 08:23:14 | 000,001,482 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Windows Explorer.lnk
[2011/07/15 08:23:05 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\Internet Explorer.lnk
[2011/07/15 08:09:31 | 000,000,552 | ---- | C] () -- C:\WINDOWS1\System32\d3d8caps.dat
[2011/07/14 22:17:18 | 000,613,334 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmplayer.chm
[2011/07/14 22:17:18 | 000,354,468 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud1.wav
[2011/07/14 22:17:18 | 000,343,204 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud7.wav
[2011/07/14 22:17:18 | 000,343,204 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud6.wav
[2011/07/14 22:17:18 | 000,300,969 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\viz.wmv
[2011/07/14 22:17:18 | 000,172,196 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud9.wav
[2011/07/14 22:17:18 | 000,172,196 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud8.wav
[2011/07/14 22:17:18 | 000,172,196 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud3.wav
[2011/07/14 22:17:18 | 000,086,196 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud5.wav
[2011/07/14 22:17:18 | 000,086,180 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud4.wav
[2011/07/14 22:17:18 | 000,086,180 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpaud2.wav
[2011/07/14 22:17:18 | 000,067,374 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmplayer.adm
[2011/07/14 22:17:18 | 000,023,195 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmplay.chm
[2011/07/14 22:17:18 | 000,017,489 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\videobg.gif
[2011/07/14 22:17:18 | 000,017,272 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmdm.inf
[2011/07/14 22:17:18 | 000,010,457 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmptour.hta
[2011/07/14 22:17:18 | 000,008,677 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm7.gif
[2011/07/14 22:17:18 | 000,007,892 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm9.gif
[2011/07/14 22:17:18 | 000,007,636 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm2.gif
[2011/07/14 22:17:18 | 000,007,369 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm4.gif
[2011/07/14 22:17:18 | 000,006,769 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmfsdk.inf
[2011/07/14 22:17:18 | 000,006,241 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm3.gif
[2011/07/14 22:17:18 | 000,006,060 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm6.gif
[2011/07/14 22:17:18 | 000,005,789 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm1.gif
[2011/07/14 22:17:18 | 000,005,290 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\vidsamp.gif
[2011/07/14 22:17:18 | 000,004,193 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm8.gif
[2011/07/14 22:17:18 | 000,002,477 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wm5.gif
[2011/07/14 22:17:18 | 000,001,771 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmptour.css
[2011/07/14 22:17:18 | 000,000,855 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmpocm.inf
[2011/07/14 22:17:18 | 000,000,420 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmploc.js
[2011/07/14 22:17:17 | 000,023,829 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tourbg.gif
[2011/07/14 22:17:17 | 000,003,187 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tour.js
[2011/07/14 22:17:17 | 000,002,469 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tplay.gif
[2011/07/14 22:17:17 | 000,002,450 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tpause.gif
[2011/07/14 22:17:17 | 000,002,375 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tplayh.gif
[2011/07/14 22:17:17 | 000,002,371 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\tpauseh.gif
[2011/07/14 22:17:16 | 000,572,557 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\rtuner.wmv
[2011/07/14 22:17:16 | 000,001,398 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\taon.gif
[2011/07/14 22:17:16 | 000,001,380 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\taonh.gif
[2011/07/14 22:17:16 | 000,001,380 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\taoff.gif
[2011/07/14 22:17:16 | 000,001,367 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\taoffh.gif
[2011/07/14 22:17:16 | 000,001,148 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\snd.htm
[2011/07/14 22:17:16 | 000,000,908 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\skins.inf
[2011/07/14 22:17:15 | 000,375,519 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\nuskin.wmv
[2011/07/14 22:17:15 | 000,077,307 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\plyr_err.chm
[2011/07/14 22:17:15 | 000,067,866 | ---- | C] () -- C:\WINDOWS1\System32\drivers\netwlan5.img
[2011/07/14 22:17:15 | 000,022,060 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\npds.zip
[2011/07/14 22:17:15 | 000,000,403 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\npdrmv2.zip
[2011/07/14 22:17:13 | 000,018,286 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\mplayer2.inf
[2011/07/14 22:17:13 | 000,002,778 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\mplogoh.gif
[2011/07/14 22:17:13 | 000,002,545 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\mplogo.gif
[2011/07/14 22:17:12 | 000,457,607 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\mdlib.wmv
[2011/07/14 22:17:11 | 000,005,971 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\events.js
[2011/07/14 22:17:08 | 000,381,425 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\copycd.wmv
[2011/07/14 22:17:08 | 000,129,045 | ---- | C] () -- C:\WINDOWS1\System32\drivers\cxthsfs2.cty
[2011/07/14 22:17:08 | 000,009,585 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\controls.css
[2011/07/14 22:17:08 | 000,008,298 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\contents.htm
[2011/07/14 22:17:08 | 000,006,878 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\controls.js
[2011/07/14 22:17:08 | 000,000,999 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\bktrh.gif
[2011/07/14 22:17:08 | 000,000,773 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\cnth.gif
[2011/07/14 22:17:08 | 000,000,773 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\cnt.gif
[2011/07/14 22:17:08 | 000,000,772 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\cntd.gif
[2011/07/14 22:17:08 | 000,000,760 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\cloapph.gif
[2011/07/14 22:17:08 | 000,000,717 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\cloapp.gif
[2011/07/14 22:16:32 | 000,064,352 | ---- | C] () -- C:\WINDOWS1\System32\drivers\ativmc20.cod
[2011/07/14 21:33:18 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/07/14 21:33:11 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Outlook Express.lnk
[2011/07/14 21:33:10 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/14 21:33:10 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Internet Explorer.lnk
[2011/07/14 21:33:05 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Remote Assistance.lnk
[2011/07/14 21:33:05 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Klown.KELLY-CBA445F79\Start Menu\Programs\Windows Media Player.lnk
[2011/07/14 21:32:18 | 000,013,588 | ---- | C] () -- C:\WINDOWS1\System32\wpa.bak
[2011/07/14 21:30:34 | 000,008,192 | ---- | C] () -- C:\WINDOWS1\REGLOCS.OLD
[2011/07/14 21:29:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS1\bootstat.dat
[2011/07/14 21:28:30 | 000,175,104 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\pintlcsa.dll
[2011/07/14 21:28:08 | 001,158,818 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\korwbrkr.lex
[2011/07/14 21:28:01 | 000,059,392 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\imscinst.exe
[2011/07/14 21:28:00 | 000,196,665 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\imjpinst.exe
[2011/07/14 21:27:59 | 000,134,339 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\imekr.lex
[2011/07/14 21:27:50 | 013,463,552 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\hwxjpn.dll
[2011/07/14 21:27:44 | 000,108,827 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\hanja.lex
[2011/07/14 21:27:28 | 000,173,568 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\chtskf.dll
[2011/07/14 21:26:38 | 000,002,625 | ---- | C] () -- C:\WINDOWS1\System32\CONFIG.NT
[2011/07/14 21:26:34 | 000,023,392 | ---- | C] () -- C:\WINDOWS1\System32\nscompat.tlb
[2011/07/14 21:26:34 | 000,016,832 | ---- | C] () -- C:\WINDOWS1\System32\amcompat.tlb
[2011/07/14 21:26:33 | 000,316,640 | ---- | C] () -- C:\WINDOWS1\WMSysPr9.prx
[2011/07/14 21:25:02 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Windows Movie Maker.lnk
[2011/07/14 21:24:49 | 004,399,505 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\nls302en.lex
[2011/07/14 21:24:21 | 000,048,680 | -HS- | C] () -- C:\WINDOWS1\winnt256.bmp
[2011/07/14 21:24:21 | 000,048,680 | -HS- | C] () -- C:\WINDOWS1\winnt.bmp
[2011/07/14 21:24:13 | 000,000,984 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\srframe.mmf
[2011/07/14 21:23:22 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\Windows Messenger.lnk
[2011/07/14 21:23:21 | 000,021,640 | ---- | C] () -- C:\WINDOWS1\System32\emptyregdb.dat
[2011/07/14 21:22:50 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Start Menu\Programs\MSN.lnk
[2011/07/14 21:22:33 | 000,065,978 | ---- | C] () -- C:\WINDOWS1\Soap Bubbles.bmp
[2011/07/14 21:22:33 | 000,065,954 | ---- | C] () -- C:\WINDOWS1\Prairie Wind.bmp
[2011/07/14 21:22:33 | 000,065,832 | ---- | C] () -- C:\WINDOWS1\Santa Fe Stucco.bmp
[2011/07/14 21:22:33 | 000,026,680 | ---- | C] () -- C:\WINDOWS1\River Sumida.bmp
[2011/07/14 21:22:33 | 000,026,582 | ---- | C] () -- C:\WINDOWS1\Greenstone.bmp
[2011/07/14 21:22:33 | 000,017,362 | ---- | C] () -- C:\WINDOWS1\Rhododendron.bmp
[2011/07/14 21:22:33 | 000,017,336 | ---- | C] () -- C:\WINDOWS1\Gone Fishing.bmp
[2011/07/14 21:22:33 | 000,017,062 | ---- | C] () -- C:\WINDOWS1\Coffee Bean.bmp
[2011/07/14 21:22:33 | 000,016,730 | ---- | C] () -- C:\WINDOWS1\FeatherTexture.bmp
[2011/07/14 21:22:33 | 000,009,522 | ---- | C] () -- C:\WINDOWS1\Zapotec.bmp
[2011/07/14 21:22:33 | 000,001,272 | ---- | C] () -- C:\WINDOWS1\Blue Lace 16.bmp
[2011/07/14 21:22:30 | 000,003,286 | ---- | C] () -- C:\WINDOWS1\System32\tslabels.h
[2011/07/14 21:22:30 | 000,001,161 | ---- | C] () -- C:\WINDOWS1\System32\usrlogon.cmd
[2011/07/14 21:22:29 | 000,000,768 | ---- | C] () -- C:\WINDOWS1\System32\msdtcprf.h
[2011/07/14 21:22:23 | 000,063,488 | ---- | C] () -- C:\WINDOWS1\System32\wmimgmt.msc
[2011/07/14 16:08:58 | 000,001,374 | ---- | C] () -- C:\WINDOWS1\imsins.BAK
[2011/07/14 16:08:54 | 000,004,205 | ---- | C] () -- C:\WINDOWS1\ODBCINST.INI
[2011/07/14 16:08:35 | 000,001,688 | ---- | C] () -- C:\WINDOWS1\System32\AUTOEXEC.NT
[2011/07/14 16:08:24 | 001,042,903 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\SP2.CAT
[2011/07/14 16:08:24 | 000,797,189 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\NT5IIS.CAT
[2011/07/14 16:08:24 | 000,399,645 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\MAPIMIG.CAT
[2011/07/14 16:08:24 | 000,037,484 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\MW770.CAT
[2011/07/14 16:08:24 | 000,013,472 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\HPCRDP.CAT
[2011/07/14 16:08:24 | 000,008,574 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\IASNT4.CAT
[2011/07/14 16:08:24 | 000,007,382 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\OEMBIOS.CAT
[2011/07/14 16:08:24 | 000,007,334 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\wmerrenu.cat
[2011/07/14 16:07:31 | 000,091,888 | ---- | C] () -- C:\WINDOWS1\System32\FNTCACHE.DAT
[2011/07/14 16:06:12 | 000,000,261 | ---- | C] () -- C:\WINDOWS1\System32\$winnt$.inf
[2011/07/14 16:00:42 | 2145,386,496 | ---- | C] () -- C:\WINDOWS1\MEMORY.DMP
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS1\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS1\System32\mlang.dat
[2004/08/04 07:00:00 | 000,311,934 | ---- | C] () -- C:\WINDOWS1\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS1\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS1\System32\dssec.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS1\System32\mib.bin
[2004/08/04 07:00:00 | 000,040,196 | ---- | C] () -- C:\WINDOWS1\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS1\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS1\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS1\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS1\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS1\System32\noise.dat

========== LOP Check ==========

[2006/01/20 09:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Aim
[2009/04/26 06:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Skinux
[2009/04/26 06:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Windows Desktop Search
[2005/10/06 13:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Aim
[2010/05/12 21:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/10/30 17:40:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2008/07/03 20:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2011/04/01 18:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2011/01/22 20:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/04/25 13:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/02/23 19:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010/07/13 15:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLAC to MP3
[2011/05/12 08:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Links 2003
[2011/04/26 20:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NFS Underground
[2011/05/10 12:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2005/04/03 16:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2011/03/07 17:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2011/03/05 18:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soluto
[2011/04/25 10:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/15 10:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VRCGameUpdater
[2011/03/19 21:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/07/15 08:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\AVAST Software
[2009/05/24 19:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Skinux
[2009/05/24 19:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elvis\Application Data\Windows Desktop Search
[2009/05/09 16:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Aim
[2009/04/02 21:35:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Auslogics
[2010/10/30 17:40:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Broderbund
[2011/01/22 20:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Canneverbe Limited
[2010/10/23 11:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Catalina Marketing Corp
[2011/03/13 18:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\DAEMON Tools Lite
[2011/02/23 19:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\DAEMON Tools Pro
[2010/08/03 18:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\E-centives
[2011/03/13 19:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\fotw
[2005/08/16 19:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\FUJIFILM
[2011/05/06 19:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Gygan
[2011/04/06 18:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Iqtafe
[2011/02/24 19:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Leadertech
[2011/04/16 20:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\McGraw-HillLicensing
[2011/03/18 17:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Nordic Games
[2009/04/18 16:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Skinux
[2011/04/13 20:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\SystemRequirementsLab
[2011/06/16 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\TypingMaster7
[2011/04/27 20:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Unity
[2011/04/25 10:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\URSoft
[2011/04/06 18:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Usifu
[2011/07/11 18:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\uTorrent
[2010/01/10 20:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\WeatherBug
[2009/04/02 20:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Windows Desktop Search
[2009/04/03 00:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klown\Application Data\Windows Search

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS1\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS1\ServicePackFiles\i386\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS1\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS1\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS1\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS1\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS1\system32\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS1\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS1\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS1\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS1\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS1\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2004/08/04 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS1\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS1\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS1\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS1\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS1\system32\ie4uinit.exe" -reinstall [2011/04/25 07:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS1\system32\ie4uinit.exe" -hide [2011/04/25 07:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS1\system32\ie4uinit.exe" -show [2011/04/25 07:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C265C458
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63238B95

< End of report >
  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Nothing apparent there - do you still experience the crashes ? Or was it a one off
  • 0

#12
klown69

klown69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Yes it crashed this morning when attempting to run the OTL.
Also when I tried to export the bookmarks from the IE in the old account it gave me some error message about IE and refused to open.
I have not tried Outlook yet to export anything but wanted to make sure the system is clean before proceeding.
I did manage to get into the old account yesterday but eventually the same crash as originally stated happen. Screen went to a pixelated blue screen and only way to fix it was to ctrl+al+del a couple of times.
I can attempt to run sfc /scannow in that account but I think the issue is either a hidden infection in that account of that the OS has been severely compromised.
If you are not seeing anything in any account I fear she will have to recreate everything in the new account and delete the old. I await your suggestions and thoughts on this situation. :) :unsure:
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I would recreate the data rather than attempt to transfer it over, as my tools will not see into the old windows installation. But, this one might as you have Avast onboard..



Download aswMBR.exe ( 1.8mb ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0

#14
klown69

klown69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
aswMBR version 0.9.7.777 Copyright© 2011 AVAST Software
Run date: 2011-07-17 14:48:16
-----------------------------
14:48:16.640 OS Version: Windows 5.1.2600 Service Pack 3
14:48:16.640 Number of processors: 2 586 0xF0D
14:48:16.640 ComputerName: KELLY-CBA445F79 UserName: Klown
14:48:17.625 Initialize success
14:48:17.843 AVAST engine defs: 11071700
14:48:30.109 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
14:48:30.109 Disk 0 Vendor: Hitachi_HDP725025GLA380 GM2OA52A Size: 238475MB BusType: 3
14:48:30.125 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T1L0-19
14:48:30.140 Disk 1 Vendor: Maxtor_6Y080P0 YAR41BW0 Size: 78167MB BusType: 3
14:48:30.156 Disk 0 MBR read successfully
14:48:30.171 Disk 0 MBR scan
14:48:30.187 Disk 0 Windows XP default MBR code
14:48:30.187 Disk 0 scanning sectors +488392065
14:48:30.250 Disk 0 scanning C:\WINDOWS1\system32\drivers
14:48:39.000 Service scanning
14:48:39.828 Disk 0 trace - called modules:
14:48:39.828 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
14:48:39.828 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3f6ab8]
14:48:39.828 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000068[0x8a4ab340]
14:48:39.828 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a3f8940]
14:48:40.359 AVAST engine scan C:\WINDOWS1
14:48:48.875 AVAST engine scan C:\WINDOWS1\system32
14:50:02.031 AVAST engine scan C:\WINDOWS1\system32\drivers
14:50:15.203 AVAST engine scan C:\Documents and Settings\Klown.KELLY-CBA445F79
14:54:13.140 AVAST engine scan C:\Documents and Settings\All Users.WINDOWS1
14:54:20.453 Scan finished successfully
14:56:52.703 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\MBR.dat"
14:56:52.718 The log file has been saved successfully to "C:\Documents and Settings\Klown.KELLY-CBA445F79\Desktop\aswMBRlog.txt"
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That looks OK - when it crashes does it give a readout of what happened ?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP