My system is a 32bit and runs Windows Vista (which came with the machine - no disk). I initially thought my hard drive died, but upon taking my laptop apart, I could hear the hard drive still spinning. Thinking that some other hardware had broken down, I removed the HD and placed it in a old dell laptop and it booted fine. On running ESET nod32 Ver4, it detected a Win32 Mebroot trojan but it couldn't remove it.
I've tried a few virus/malware scanners like Malwarebyes, Avast and Dr. Web's cureit but to no avail. I've also tried a system restore. If someone could help, it'll be much appreciated.
The following is the Malwarebytes log and the OTL log.
//////////////////////////////////////////////////////////////////////////////////
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7697
Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.6001.19048
12/09/2011 11:05:35 AM
mbam-log-2011-09-12 (11-05-35).txt
Scan type: Quick scan
Objects scanned: 170819
Time elapsed: 4 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1E1CB3CAFC3EFBDB (Trojan.SpyEyes) -> Value: 1E1CB3CAFC3EFBDB -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
//////////////////////////////////////////////////////////////////////////////////
OTL logfile created on: 12/09/2011 11:13:16 AM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Administrator\Downloads
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.92% Memory free
4.22 Gb Paging File | 3.67 Gb Available in Paging File | 86.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 19.33 Gb Free Space | 17.29% Space Free | Partition Type: NTFS
Drive D: | 66.71 Gb Total Space | 25.51 Gb Free Space | 38.24% Space Free | Partition Type: NTFS
Computer Name: AL-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/12 11:09:31 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Downloads\OTL.exe
PRC - [2011/07/06 19:52:38 | 001,047,656 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011/06/30 07:15:19 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/10/29 16:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011/06/30 07:15:19 | 001,014,744 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/06/21 10:01:51 | 006,271,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Unknown | Stopped] -- -- (wscsvc)
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - [2010/04/21 02:13:21 | 000,371,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/21 02:13:21 | 000,371,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/09/29 12:11:10 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/29 12:03:46 | 000,735,960 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/08/24 22:16:12 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008/01/18 22:33:44 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/16 02:47:48 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007/05/08 19:45:27 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/05/01 18:52:17 | 001,489,688 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\AMT\UNS.EXE -- (UNS) Intel®
SRV - [2007/05/01 18:52:13 | 000,183,064 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\AMT\ATCHKSRV.EXE -- (atchksrv) Intel®
SRV - [2007/05/01 18:52:05 | 000,121,624 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\AMT\LMS.EXE -- (LMS) Intel®
SRV - [2007/04/03 11:38:10 | 000,234,496 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Stator - AFM\Stator_AUpd.exe -- (Anfield Capital: Stator-AFM Professional update permissions manager. 9845.)
SRV - [2007/02/06 11:13:14 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/29 09:17:50 | 000,123,248 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2006/12/10 10:31:13 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Stopped] -- C:\Windows\System32\StkCSrv.exe -- (StkSSrv)
SRV - [2006/11/02 23:40:12 | 000,174,656 | R--- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/06/14 11:58:00 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/10/04 07:24:56 | 000,053,248 | ---- | M] ( Advanced Software Technologies) [Auto | Stopped] -- C:\Windows\System32\AstSrv.exe -- (astcc)
========== Driver Services (SafeList) ==========
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009/09/29 12:05:58 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/09/29 12:02:58 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/29 11:56:32 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/09/28 01:02:44 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Downloads\PeerBlock_r181__Win32_Release_(Vista)\pbfilter.sys -- (pbfilter)
DRV - [2009/06/25 11:04:04 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009/06/25 11:04:04 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009/06/05 11:08:41 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/04/23 16:51:18 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2009/01/08 18:00:54 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AsAudioDevice_351.sys -- (AsAudioDevice_351)
DRV - [2008/11/04 18:45:46 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2008/11/04 18:45:46 | 000,108,200 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2008/11/04 18:45:46 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008/11/04 18:45:44 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008/11/04 18:45:44 | 000,086,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2008/11/04 18:45:44 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2008/11/04 18:45:44 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/08/15 13:27:54 | 000,105,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zgwhsnmea.sys -- (zgwhsnmea)
DRV - [2008/08/15 13:27:34 | 000,105,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zgwhsmdm.sys -- (zgwhsmdm)
DRV - [2008/08/15 13:27:14 | 000,105,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zgwhsdiag.sys -- (zgwhsdiag)
DRV - [2008/07/21 16:34:36 | 000,121,872 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2008/03/17 11:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/01/18 22:42:14 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008/01/18 20:53:24 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/06/07 03:37:00 | 007,120,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/05/04 13:21:47 | 000,208,896 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel®
DRV - [2007/05/03 12:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2007/04/30 08:45:17 | 002,219,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/04/25 13:32:42 | 000,031,232 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smscirda.sys -- (SMSCIRDA)
DRV - [2007/04/12 02:18:33 | 000,048,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2007/04/06 11:27:35 | 000,044,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2007/03/29 09:44:22 | 000,140,424 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/03/22 15:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/25 07:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/05 20:53:58 | 000,011,632 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007/02/01 13:44:17 | 000,223,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/01/24 20:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2007/01/24 09:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/01/03 00:55:55 | 001,133,312 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkCMini.sys -- (StkCMini)
DRV - [2006/12/14 02:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006/11/22 19:34:59 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/16 12:02:19 | 000,015,216 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2006/11/02 17:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/11/02 17:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2006/11/02 17:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/08/16 02:32:44 | 000,034,944 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2006/02/07 21:52:57 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Stopped] -- C:\Windows\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2005/10/01 11:00:00 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2005/10/01 11:00:00 | 000,026,120 | ---- | M] (Rainbow Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SNTNLUSB.SYS -- (Sntnlusb)
DRV - [1999/10/08 08:52:28 | 000,053,248 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\SSIPDDP.SYS -- (SSIPDDP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-118959114-2448864244-3603343370-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKU\S-1-5-21-118959114-2448864244-3603343370-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKU\S-1-5-21-118959114-2448864244-3603343370-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKU\S-1-5-21-118959114-2448864244-3603343370-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E8 FC 62 52 6B 1A CC 01 [binary data]
IE - HKU\S-1-5-21-118959114-2448864244-3603343370-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-118959114-2448864244-3603343370-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-118959114-2448864244-3603343370-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:62098
========== FireFox ==========
FF - prefs.js..browser.search.selectedengine: "Dictionary.com"
FF - prefs.js..browser.startup.homepage: "http://www.news.com.au/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.3
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: orbit_ffext@orbitdownloader:2.02
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/06 16:50:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/06 16:50:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/09/14 19:47:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/09/14 19:47:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011/04/01 09:36:43 | 000,000,000 | ---D | M]
[2009/03/30 11:50:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2009/03/30 11:50:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/09/12 11:05:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ogkfjykd.default\extensions
[2010/02/03 20:32:53 | 000,000,000 | ---D | M] (Traders Laboratory Toolbar) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ogkfjykd.default\extensions\{1d553f65-3e31-412c-9f3e-ead683425127}
[2010/12/05 21:41:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ogkfjykd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/09/22 13:17:53 | 000,000,000 | ---D | M] ("Blue Ice") -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ogkfjykd.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2011/06/24 09:26:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ogkfjykd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/09/22 13:17:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ogkfjykd.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}(2)
[2009/05/04 11:22:07 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ogkfjykd.default\extensions\ChoiceGuard@Microsoft
[2008/09/22 13:17:53 | 000,000,000 | ---D | M] (VideoDownloader) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ogkfjykd.default\extensions\[email protected]
[2009/03/25 09:04:34 | 000,000,896 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ogkfjykd.default\searchplugins\conduit.xml
[2011/12/15 12:29:06 | 000,001,466 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ogkfjykd.default\searchplugins\dictionarycom.xml
[2011/09/12 11:05:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/19 18:23:47 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009/06/09 12:32:06 | 000,000,000 | ---D | M] (Orbit Downloader Firefox Integration) -- C:\PROGRAM FILES\ORBITDOWNLOADER\ADDONS\ORBITFF
[2010/01/23 00:04:22 | 000,061,832 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll
[2007/02/04 23:02:56 | 001,642,496 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2008/05/15 15:08:16 | 000,086,016 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\NPQUEST3D.DLL
O1 HOSTS File: ([2010/08/24 12:38:37 | 000,000,949 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 IntelAMT.amt.com # LMS GENERATED LINE
O1 - Hosts: 127.0.0.1 wardsystems.org
O1 - Hosts: 127.0.0.1 www.wardsystems.org
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IE to GetRight Helper) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll (Headlight Software, Inc.)
O2 - BHO: (Idea2 SidebarBrowserMonitor Class) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-118959114-2448864244-3603343370-500\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [atchk] C:\Program Files\Intel\AMT\atchk.exe (Intel Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [BVRPLiveUpdate] File not found
O4 - HKLM..\Run: [C:\Program Files\Free Video Zilla\FVZilla.exe] File not found
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [GuideMenu] C:\Program Files\Corel\Corel GuideMenu\GuideMenu.exe (Corel Copyright © 2007)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-118959114-2448864244-3603343370-500..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] File not found
O4 - HKU\S-1-5-21-118959114-2448864244-3603343370-500..\Run: [Slawdog Smart Shutdown] C:\Program Files\Slawdog\Smart Shutdown\Smart Shutdown.exe (Slawdog E-Solutions, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-21-118959114-2448864244-3603343370-500..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10t_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe ()
O7 - HKU\S-1-5-21-118959114-2448864244-3603343370-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-118959114-2448864244-3603343370-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRDownload.htm ()
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRBrowse.htm ()
O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.8.cab (DLM Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AB46D28-D84D-4498-8192-995E989E0400}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C48D4A8A-257B-4236-A859-27E2412F4DCB}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 07:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{52962a39-8967-11dd-b53d-001d6069c407}\Shell - "" = AutoRun
O33 - MountPoints2\{52962a39-8967-11dd-b53d-001d6069c407}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{52962a5e-8967-11dd-b53d-001d6069c407}\Shell - "" = AutoRun
O33 - MountPoints2\{52962a5e-8967-11dd-b53d-001d6069c407}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{52962a60-8967-11dd-b53d-8969194966ed}\Shell - "" = AutoRun
O33 - MountPoints2\{52962a60-8967-11dd-b53d-8969194966ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{52962a61-8967-11dd-b53d-8969194966ed}\Shell - "" = AutoRun
O33 - MountPoints2\{52962a61-8967-11dd-b53d-8969194966ed}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{72e35a4d-c6f1-11dc-8c0f-001d6069c407}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{7c06dac3-c81f-11dd-a293-ef0a25bd4b05}\Shell - "" = AutoRun
O33 - MountPoints2\{7c06dac3-c81f-11dd-a293-ef0a25bd4b05}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7c06dac4-c81f-11dd-a293-ef0a25bd4b05}\Shell - "" = AutoRun
O33 - MountPoints2\{7c06dac4-c81f-11dd-a293-ef0a25bd4b05}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{89b07d54-d793-11dd-b2f9-87f82a7c207e}\Shell - "" = AutoRun
O33 - MountPoints2\{89b07d54-d793-11dd-b2f9-87f82a7c207e}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{ef36f23f-a3f0-11dd-90ed-b465fe0d6782}\Shell - "" = AutoRun
O33 - MountPoints2\{ef36f23f-a3f0-11dd-90ed-b465fe0d6782}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ef36f242-a3f0-11dd-90ed-b465fe0d6782}\Shell - "" = AutoRun
O33 - MountPoints2\{ef36f242-a3f0-11dd-90ed-b465fe0d6782}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-118959114-2448864244-3603343370-500..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-118959114-2448864244-3603343370-500\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011/09/06 17:57:53 | 000,083,968 | -H-- | C] (eSage Lab) -- C:\Users\Administrator\Desktop\remover.exe
[2011/09/06 17:49:03 | 000,083,968 | -H-- | C] (eSage Lab) -- C:\Windows\System32\remover.exe
[2011/09/06 12:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/09/06 12:41:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/06 12:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/09/04 19:16:18 | 000,000,000 | ---D | C] -- C:\Users\Administrator\DoctorWeb
[2007/01/24 20:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
========== Files - Modified Within 30 Days ==========
[2011/09/12 10:54:15 | 000,672,832 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/12 10:54:15 | 000,426,824 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2011/09/12 10:54:15 | 000,390,344 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2011/09/12 10:54:15 | 000,130,744 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2011/09/12 10:54:15 | 000,130,744 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/09/12 10:54:15 | 000,130,298 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2011/09/12 10:49:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/06 18:30:08 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/06 18:30:08 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/09/06 18:30:07 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/06 18:08:42 | 000,000,057 | ---- | M] () -- C:\Users\Administrator\Desktop\remover.bat
[2011/09/06 17:52:35 | 000,568,832 | ---- | M] () -- C:\Windows\System32\BTKR_RunBox.exe
[2011/09/06 17:42:40 | 000,089,088 | ---- | M] () -- C:\mbr.exe
[2011/09/06 17:30:46 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe
[2011/09/06 17:20:15 | 242,695,214 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/09/04 18:51:08 | 000,001,356 | ---- | M] () -- C:\Users\Administrator\AppData\Local\d3d9caps.dat
[2011/08/27 06:29:26 | 000,134,883 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\nvModes.001
[2011/08/23 08:18:42 | 000,134,883 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\nvModes.dat
[1 C:\Windows\System32\drivers\etc\*.tmp files -> C:\Windows\System32\drivers\etc\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/06 18:04:38 | 000,000,057 | ---- | C] () -- C:\Users\Administrator\Desktop\remover.bat
[2011/09/06 17:52:35 | 000,568,832 | ---- | C] () -- C:\Windows\System32\BTKR_RunBox.exe
[2011/09/06 17:45:22 | 000,089,088 | ---- | C] () -- C:\mbr.exe
[2011/09/06 17:30:45 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe
[2011/05/25 09:35:40 | 000,004,814 | -HS- | C] () -- C:\Users\Administrator\AppData\Local\jvfe16rj777337e4y1564f
[2011/05/25 09:35:40 | 000,004,814 | -HS- | C] () -- C:\ProgramData\jvfe16rj777337e4y1564f
[2010/11/19 18:24:46 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/08/24 12:06:20 | 000,000,008 | ---- | C] () -- C:\Windows\System32\Msspsn.dll
[2010/08/10 20:19:13 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2010/03/08 09:22:00 | 000,098,304 | ---- | C] () -- C:\Windows\System32\NtDirect.dll
[2009/12/29 19:51:43 | 000,000,200 | ---- | C] () -- C:\Windows\System32\srcr.dat
[2009/12/28 02:21:02 | 000,015,132 | ---- | C] () -- C:\Windows\System32\359fsp5rze706.exe
[2009/12/23 06:44:46 | 000,009,452 | ---- | C] () -- C:\Windows\System32\25533z9rm1.dll
[2009/12/22 22:52:23 | 000,000,819 | ---- | C] () -- C:\Windows\nstrddir.ini
[2009/12/22 22:33:42 | 000,004,093 | ---- | C] () -- C:\Windows\NSTRADER.INI
[2009/12/21 17:30:46 | 000,012,200 | ---- | C] () -- C:\Windows\System32\2b8az9dware1205.exe
[2009/12/19 10:23:06 | 000,004,142 | ---- | C] () -- C:\Windows\System32\e769owzl5ader1494.bin
[2009/12/13 15:51:22 | 000,013,393 | ---- | C] () -- C:\Windows\System32\92z4tr9j6d5.dll
[2009/12/11 19:08:03 | 000,015,205 | ---- | C] () -- C:\Windows\System32\2bf8sp5r9e8z1.exe
[2009/11/22 21:17:56 | 000,000,000 | ---- | C] () -- C:\Windows\aiq32cvt.INI
[2009/11/22 21:17:53 | 000,000,870 | ---- | C] () -- C:\Windows\aiq32.ini
[2009/11/22 21:17:53 | 000,000,416 | ---- | C] () -- C:\Windows\AIQCH32.INI
[2009/11/09 11:13:31 | 000,000,024 | ---- | C] () -- C:\Windows\KADJISYS.INI
[2009/11/09 11:13:31 | 000,000,022 | ---- | C] () -- C:\Windows\CTRLXAF4.INI
[2009/11/09 11:13:28 | 000,000,322 | ---- | C] () -- C:\Windows\astros.ini
[2009/11/09 11:12:42 | 000,001,705 | ---- | C] () -- C:\Windows\F4MAIL98.DLL
[2009/11/09 10:57:32 | 000,000,248 | ---- | C] () -- C:\Windows\FTGT32.INI
[2009/11/09 10:56:45 | 000,065,536 | ---- | C] () -- C:\Windows\System32\CTA32.dll
[2009/11/09 10:56:45 | 000,045,056 | ---- | C] () -- C:\Windows\System32\CompDLL.dll
[2009/11/09 10:56:45 | 000,036,352 | ---- | C] () -- C:\Windows\System32\SX32W.DLL
[2009/11/09 10:56:45 | 000,028,672 | ---- | C] () -- C:\Windows\System32\proxydll.dll
[2009/11/07 03:23:28 | 000,012,638 | ---- | C] () -- C:\Windows\System32\z6927hacktoo535d.bin
[2009/11/02 03:19:20 | 000,017,659 | ---- | C] () -- C:\Windows\System32\9458zworm65a.exe
[2009/10/26 18:15:17 | 000,015,091 | ---- | C] () -- C:\Windows\System32\zd44st9al9145.dll
[2009/10/20 00:45:30 | 000,006,702 | ---- | C] () -- C:\Windows\System32\595dth5zat13590.dll
[2009/10/14 09:17:08 | 000,017,591 | ---- | C] () -- C:\Windows\System32\1c859hrezt290435.bin
[2009/10/11 13:40:20 | 000,013,441 | ---- | C] () -- C:\Windows\System32\29z31sp5a3.bin
[2009/10/08 21:08:02 | 000,018,294 | ---- | C] () -- C:\Windows\System32\5z6athief5799.bin
[2009/10/05 04:27:45 | 000,011,036 | ---- | C] () -- C:\Windows\System32\495fsparse268z.exe
[2009/10/01 20:25:13 | 000,008,190 | ---- | C] () -- C:\Windows\System32\z5725s5ambo950b.bin
[2009/09/20 23:50:56 | 000,002,903 | ---- | C] () -- C:\Windows\System32\2z5caddwa59475.dll
[2009/09/18 12:19:39 | 000,018,094 | ---- | C] () -- C:\Windows\17z45sp9676.exe
[2009/09/18 12:19:39 | 000,018,028 | ---- | C] () -- C:\Windows\56946sp95z2.exe
[2009/09/18 12:19:39 | 000,015,496 | ---- | C] () -- C:\Windows\995etzief999.exe
[2009/09/18 12:19:39 | 000,015,029 | ---- | C] () -- C:\Windows\2z955hac9t5ol7a3.dll
[2009/09/18 12:19:39 | 000,014,016 | ---- | C] () -- C:\Windows\92z40not-a-virus2ce5.exe
[2009/09/18 12:19:39 | 000,013,655 | ---- | C] () -- C:\Windows\15azthief30395.dll
[2009/09/18 12:19:39 | 000,013,319 | ---- | C] () -- C:\Windows\84825pzmbot2069.dll
[2009/09/18 12:19:39 | 000,012,526 | ---- | C] () -- C:\Windows\1z1895acktool9a3.bin
[2009/09/18 12:19:39 | 000,012,059 | ---- | C] () -- C:\Windows\7095thze538.dll
[2009/09/18 12:19:39 | 000,011,599 | ---- | C] () -- C:\Windows\1c64dowzloa5er978.bin
[2009/09/18 12:19:39 | 000,011,321 | ---- | C] () -- C:\Windows\4za99teal19405.dll
[2009/09/18 12:19:39 | 000,010,032 | ---- | C] () -- C:\Windows\7z14sp5rs91479.bin
[2009/09/18 12:19:39 | 000,009,448 | ---- | C] () -- C:\Windows\1a79steal3z05.exe
[2009/09/18 12:19:39 | 000,008,569 | ---- | C] () -- C:\Windows\57e9downloadez775.bin
[2009/09/18 12:19:39 | 000,008,532 | ---- | C] () -- C:\Windows\8525w9rm77z.dll
[2009/09/18 12:19:39 | 000,007,898 | ---- | C] () -- C:\Windows\12180v9rus659z.bin
[2009/09/18 12:19:39 | 000,007,757 | ---- | C] () -- C:\Windows\10652zpy987.dll
[2009/09/18 12:19:39 | 000,006,707 | ---- | C] () -- C:\Windows\19988not-5-zirus99.exe
[2009/09/18 12:19:39 | 000,006,313 | ---- | C] () -- C:\Windows\4a3down5oaderz149.bin
[2009/09/18 12:19:39 | 000,005,659 | ---- | C] () -- C:\Windows\2f5zadd9are2349.exe
[2009/09/18 12:19:39 | 000,004,852 | ---- | C] () -- C:\Windows\5z6595eal2134.dll
[2009/09/18 12:19:39 | 000,004,362 | ---- | C] () -- C:\Windows\58cas9zrs52750.exe
[2009/09/18 12:19:39 | 000,003,114 | ---- | C] () -- C:\Windows\2139zhacktoo5596.dll
[2009/09/18 12:19:39 | 000,002,873 | ---- | C] () -- C:\Windows\59291vir9sz61.bin
[2009/09/18 12:08:10 | 000,017,356 | ---- | C] () -- C:\Windows\71bazt59l2149.bin
[2009/09/18 12:08:10 | 000,016,574 | ---- | C] () -- C:\Windows\7az7s9eal5085.exe
[2009/09/18 12:08:10 | 000,014,981 | ---- | C] () -- C:\Windows\5c54szy59re1969.bin
[2009/09/18 12:08:10 | 000,013,924 | ---- | C] () -- C:\Windows\7633tr9jzb5.exe
[2009/09/18 12:08:10 | 000,013,695 | ---- | C] () -- C:\Windows\System32\z729vir15445.exe
[2009/09/18 12:08:10 | 000,012,341 | ---- | C] () -- C:\Windows\System32\9249viru95z3.exe
[2009/09/18 12:08:10 | 000,007,315 | ---- | C] () -- C:\Windows\System32\1z085wo5m90d.dll
[2009/09/18 12:08:10 | 000,003,537 | ---- | C] () -- C:\Windows\System32\507z9hief20375.bin
[2009/09/18 12:08:09 | 000,017,765 | ---- | C] () -- C:\Windows\40fza5dware24509.dll
[2009/09/18 12:08:09 | 000,015,207 | ---- | C] () -- C:\Windows\System32\97775spyzb2.dll
[2009/09/18 12:08:09 | 000,013,888 | ---- | C] () -- C:\Windows\21908s5amboz9f.dll
[2009/09/18 12:08:09 | 000,013,650 | ---- | C] () -- C:\Windows\21543sp9mbotz5.bin
[2009/09/18 12:08:09 | 000,011,178 | ---- | C] () -- C:\Windows\System32\43acthrez5317569.bin
[2009/09/18 12:08:09 | 000,010,706 | ---- | C] () -- C:\Windows\31659s9zmb5t31b.exe
[2009/09/18 12:08:09 | 000,009,338 | ---- | C] () -- C:\Windows\System32\3b4cszar9e27775.exe
[2009/09/18 12:08:09 | 000,009,149 | ---- | C] () -- C:\Windows\System32\92599zo5m452.exe
[2009/09/18 12:08:09 | 000,008,404 | ---- | C] () -- C:\Windows\System32\9fczteal1795.dll
[2009/09/18 12:08:09 | 000,008,323 | ---- | C] () -- C:\Windows\455az9arse1882.exe
[2009/09/18 12:08:09 | 000,008,319 | ---- | C] () -- C:\Windows\System32\513zspyw9re5007.bin
[2009/09/18 12:08:09 | 000,008,083 | ---- | C] () -- C:\Windows\System32\15517s9amboz486.dll
[2009/09/18 12:08:09 | 000,007,613 | ---- | C] () -- C:\Windows\System32\12z195roj729.exe
[2009/09/18 12:08:09 | 000,007,174 | ---- | C] () -- C:\Windows\28949worm995z.exe
[2009/09/18 12:08:09 | 000,006,859 | ---- | C] () -- C:\Windows\25z8th9ef1549.bin
[2009/09/18 12:08:09 | 000,006,645 | ---- | C] () -- C:\Windows\System32\26189szy557.bin
[2009/09/18 12:08:09 | 000,005,948 | ---- | C] () -- C:\Windows\System32\163fthi5932z.bin
[2009/09/18 12:08:09 | 000,004,896 | ---- | C] () -- C:\Windows\4e995ir24z5.exe
[2009/09/18 12:08:09 | 000,004,259 | ---- | C] () -- C:\Windows\2845sp9rse2270z.bin
[2009/09/18 12:08:09 | 000,003,401 | ---- | C] () -- C:\Windows\4915down9oader8z5.dll
[2009/09/18 12:08:08 | 000,017,996 | ---- | C] () -- C:\Windows\786zspy9are2580.bin
[2009/09/18 12:08:08 | 000,016,868 | ---- | C] () -- C:\Windows\System32\z8850worm99.exe
[2009/09/18 12:08:08 | 000,015,601 | ---- | C] () -- C:\Windows\System32\4c9f95wnlzader615.bin
[2009/09/18 12:08:08 | 000,015,150 | ---- | C] () -- C:\Windows\80z5sp54459.dll
[2009/09/18 12:08:08 | 000,015,091 | ---- | C] () -- C:\Windows\System32\7566sparsez009.dll
[2009/09/18 12:08:08 | 000,012,424 | ---- | C] () -- C:\Windows\System32\159z29roj74a.exe
[2009/09/18 12:08:08 | 000,012,356 | ---- | C] () -- C:\Windows\System32\7a1z5teal9511.dll
[2009/09/18 12:08:08 | 000,012,048 | ---- | C] () -- C:\Windows\System32\35245ackdooz3919.dll
[2009/09/18 12:08:08 | 000,012,010 | ---- | C] () -- C:\Windows\2912adzwar53181.bin
[2009/09/18 12:08:08 | 000,010,438 | ---- | C] () -- C:\Windows\697csp5rz9349.dll
[2009/09/18 12:08:08 | 000,010,314 | ---- | C] () -- C:\Windows\32947spz5bot45a.exe
[2009/09/18 12:08:08 | 000,010,239 | ---- | C] () -- C:\Windows\System32\z641spambo9445.bin
[2009/09/18 12:08:08 | 000,010,153 | ---- | C] () -- C:\Windows\System32\52e2downloa9er1013z.exe
[2009/09/18 12:08:08 | 000,009,743 | ---- | C] () -- C:\Windows\System32\92b1viz1533.exe
[2009/09/18 12:08:08 | 000,009,071 | ---- | C] () -- C:\Windows\3347hacz5ool9fe.bin
[2009/09/18 12:08:08 | 000,009,041 | ---- | C] () -- C:\Windows\z9992s5y1ae.dll
[2009/09/18 12:08:08 | 000,008,325 | ---- | C] () -- C:\Windows\System32\1160zpy559.exe
[2009/09/18 12:08:08 | 000,008,054 | ---- | C] () -- C:\Windows\System32\5zbdsteal5419.exe
[2009/09/18 12:08:08 | 000,007,752 | ---- | C] () -- C:\Windows\System32\9543wzrm73a.dll
[2009/09/18 12:08:08 | 000,007,040 | ---- | C] () -- C:\Windows\System32\1457do9nloader9z5.bin
[2009/09/18 12:08:08 | 000,006,134 | ---- | C] () -- C:\Windows\System32\240485acktzol19.exe
[2009/09/18 12:08:08 | 000,005,624 | ---- | C] () -- C:\Windows\System32\170265p9mbot4zf.dll
[2009/09/18 12:08:08 | 000,004,635 | ---- | C] () -- C:\Windows\2619tzoj44e5.exe
[2009/09/18 12:08:08 | 000,003,687 | ---- | C] () -- C:\Windows\z22719py157.exe
[2009/09/18 12:08:08 | 000,003,475 | ---- | C] () -- C:\Windows\22099spy950z.bin
[2009/09/18 12:08:08 | 000,002,985 | ---- | C] () -- C:\Windows\1979vz51622.dll
[2009/09/18 12:08:08 | 000,002,868 | ---- | C] () -- C:\Windows\56f895wnlzader1623.bin
[2009/09/18 12:08:08 | 000,002,524 | ---- | C] () -- C:\Windows\18b0stzal2592.exe
[2009/09/18 12:08:07 | 000,018,166 | ---- | C] () -- C:\Windows\System32\3547z59j2c8.exe
[2009/09/18 12:08:07 | 000,013,525 | ---- | C] () -- C:\Windows\System32\351z1troj3a9.dll
[2009/09/18 12:08:07 | 000,008,444 | ---- | C] () -- C:\Windows\System32\35a9spyware25z0.bin
[2009/09/18 12:08:07 | 000,007,408 | ---- | C] () -- C:\Windows\System32\31z39not-a-virus257.exe
[2009/09/18 12:08:07 | 000,007,233 | ---- | C] () -- C:\Windows\1826spazbot9d5.exe
[2009/09/18 12:08:07 | 000,007,081 | ---- | C] () -- C:\Windows\System32\z99v59us315.bin
[2009/09/18 12:08:07 | 000,006,651 | ---- | C] () -- C:\Windows\System32\10199worm5z4.bin
[2009/09/18 12:08:07 | 000,005,742 | ---- | C] () -- C:\Windows\z616st5al972.dll
[2009/09/18 12:08:07 | 000,005,645 | ---- | C] () -- C:\Windows\System32\555a9ownloader1z65.bin
[2009/09/18 12:08:07 | 000,003,957 | ---- | C] () -- C:\Windows\System32\19540sz96b7.exe
[2009/09/18 12:08:07 | 000,003,804 | ---- | C] () -- C:\Windows\25544haz9tool65a.bin
[2009/09/18 12:08:07 | 000,003,371 | ---- | C] () -- C:\Windows\System32\4745sp9rze1574.bin
[2009/09/18 12:08:07 | 000,002,976 | ---- | C] () -- C:\Windows\16169spz9bot3fc5.dll
[2009/09/18 12:08:07 | 000,002,929 | ---- | C] () -- C:\Windows\170715iru94dz.exe
[2009/09/17 05:04:32 | 000,009,044 | ---- | C] () -- C:\Windows\System32\6d15stez5392.bin
[2009/09/15 06:00:59 | 000,008,537 | ---- | C] () -- C:\Windows\194z8sp9mbot572.exe
[2009/09/14 08:16:59 | 000,012,083 | ---- | C] () -- C:\Windows\23874t95j5eez.bin
[2009/09/14 02:40:38 | 000,004,824 | ---- | C] () -- C:\Windows\System32\56abackd9zr597.exe
[2009/09/13 13:00:42 | 000,018,410 | ---- | C] () -- C:\Windows\System32\21a5addware988z.exe
[2009/09/04 04:03:20 | 000,010,632 | ---- | C] () -- C:\Windows\System32\z91715pambot368.exe
[2009/08/29 01:44:42 | 000,004,614 | ---- | C] () -- C:\Windows\System32\792zdownloader6895.exe
[2009/08/26 17:52:17 | 000,002,767 | ---- | C] () -- C:\Windows\1253hackzoo960.dll
[2009/08/26 07:36:49 | 000,009,440 | ---- | C] () -- C:\Windows\z259virus35f.exe
[2009/08/24 04:25:54 | 000,010,293 | ---- | C] () -- C:\Windows\25995roj752z.bin
[2009/08/23 23:17:49 | 000,014,181 | ---- | C] () -- C:\Windows\5c85za9kdoor85.dll
[2009/08/20 10:46:11 | 000,003,447 | ---- | C] () -- C:\Windows\System32\62029a5kdoorz311.exe
[2009/08/18 15:41:41 | 000,002,833 | ---- | C] () -- C:\Windows\5579zddware2801.exe
[2009/08/16 09:04:22 | 000,003,422 | ---- | C] () -- C:\Windows\79e25ackdoor9z6.exe
[2009/08/14 18:56:24 | 000,016,736 | ---- | C] () -- C:\Windows\195evir2z2.dll
[2009/08/14 06:23:15 | 000,002,841 | ---- | C] () -- C:\Windows\System32\25795ir899z.exe
[2009/08/12 02:09:05 | 000,015,440 | ---- | C] () -- C:\Windows\System32\za069h5eat28000.exe
[2009/08/11 23:49:52 | 000,017,338 | ---- | C] () -- C:\Windows\1bzd5hief1923.dll
[2009/08/08 10:22:42 | 000,009,664 | ---- | C] () -- C:\Windows\System32\z52149py4a85.dll
[2009/08/05 05:00:13 | 000,004,544 | ---- | C] () -- C:\Windows\z995thief2495.exe
[2009/08/03 06:57:12 | 000,002,714 | ---- | C] () -- C:\Windows\System32\30649spa9bo5z6b.exe
[2009/08/01 23:26:07 | 000,009,616 | ---- | C] () -- C:\Windows\System32\3d1z9hrea51500.exe
[2009/07/29 08:03:38 | 000,009,884 | ---- | C] () -- C:\Windows\409zth5ef256.exe
[2009/07/28 05:29:44 | 000,002,692 | ---- | C] () -- C:\Windows\System32\52z4vir95105.dll
[2009/07/27 19:26:15 | 000,006,264 | ---- | C] () -- C:\Windows\1z6849pambot57c.exe
[2009/07/25 19:32:48 | 000,004,286 | ---- | C] () -- C:\Windows\System32\94dthrz9t276265.exe
[2009/07/22 17:43:47 | 000,017,007 | ---- | C] () -- C:\Windows\System32\692zdownloader27925.dll
[2009/07/21 05:26:37 | 000,015,559 | ---- | C] () -- C:\Windows\System32\46z9not-a5virus3479.bin
[2009/07/17 23:07:45 | 000,003,866 | ---- | C] () -- C:\Windows\System32\1496s5ambzt396.bin
[2009/07/16 17:20:32 | 000,005,575 | ---- | C] () -- C:\Windows\System32\9593thi5z55.dll
[2009/07/15 09:49:29 | 000,004,207 | ---- | C] () -- C:\Windows\3bbespa95e1z75.exe
[2009/07/09 23:13:39 | 000,014,556 | ---- | C] () -- C:\Windows\System32\446e9parz52895.dll
[2009/07/07 12:43:46 | 000,013,785 | ---- | C] () -- C:\Windows\z3593w5rm2aa.bin
[2009/07/07 11:45:21 | 000,014,521 | ---- | C] () -- C:\Windows\6526vz52309.dll
[2009/07/05 02:15:48 | 000,016,824 | ---- | C] () -- C:\Windows\195645pamboz3a9.dll
[2009/07/03 22:10:50 | 000,005,874 | ---- | C] () -- C:\Windows\z5715orm91.exe
[2009/06/28 11:41:21 | 000,006,864 | ---- | C] () -- C:\Windows\System32\6z90hac5tool98d.exe
[2009/06/27 22:10:03 | 000,013,647 | ---- | C] () -- C:\Windows\19395ir1047z.exe
[2009/06/27 12:32:07 | 000,016,678 | ---- | C] () -- C:\Windows\System32\6a5zthief16529.bin
[2009/06/25 15:47:52 | 000,009,224 | ---- | C] () -- C:\Windows\System32\2279zown9oader537.exe
[2009/06/18 09:32:03 | 000,014,224 | ---- | C] () -- C:\Windows\System32\7959spars92576z.dll
[2009/06/18 08:37:31 | 000,009,667 | ---- | C] () -- C:\Windows\15b1st5alz9899.dll
[2009/06/17 08:28:10 | 000,006,398 | ---- | C] () -- C:\Windows\225549or5zcc.dll
[2009/06/15 01:09:04 | 000,018,388 | ---- | C] () -- C:\Windows\29560spambot1z2.dll
[2009/06/12 22:51:11 | 000,008,408 | ---- | C] () -- C:\Windows\System32\29926tro5za2.dll
[2009/06/12 21:33:08 | 000,008,625 | ---- | C] () -- C:\Windows\System32\4009zdd5are2429.exe
[2009/06/11 09:10:23 | 000,014,591 | ---- | C] () -- C:\Windows\5728not-a-vzru59c7.bin
[2009/06/06 12:40:47 | 000,016,044 | ---- | C] () -- C:\Windows\System32\19577szy38f.dll
[2009/06/05 17:22:17 | 000,015,932 | ---- | C] () -- C:\Windows\System32\2eze95eal589.bin
[2009/06/05 08:38:57 | 000,016,535 | ---- | C] () -- C:\Windows\System32\873znot-a-vir5s9ff.dll
[2009/06/04 06:11:53 | 000,005,047 | ---- | C] () -- C:\Windows\System32\28985wormz5.dll
[2009/06/02 17:15:58 | 000,017,153 | ---- | C] () -- C:\Windows\1z925vi9us555.bin
[2009/06/01 11:43:23 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2009/05/27 13:07:24 | 000,008,878 | ---- | C] () -- C:\Windows\System32\1bd65z91435.bin
[2009/05/27 01:09:01 | 000,008,964 | ---- | C] () -- C:\Windows\16879hac5toz915f.exe
[2009/05/26 04:06:15 | 000,015,107 | ---- | C] () -- C:\Windows\System32\25249virzs555.dll
[2009/05/25 19:39:16 | 000,018,412 | ---- | C] () -- C:\Windows\975badzwar52484.bin
[2009/05/23 20:35:21 | 000,011,908 | ---- | C] () -- C:\Windows\System32\25e5downloade9z58.dll
[2009/05/20 19:23:49 | 000,018,102 | ---- | C] () -- C:\Windows\System32\6958vizus479.exe
[2009/05/18 15:03:41 | 000,013,174 | ---- | C] () -- C:\Windows\14c8spy5are199z.exe
[2009/05/16 05:47:11 | 000,017,283 | ---- | C] () -- C:\Windows\70df5zie92099.dll
[2009/05/15 16:14:00 | 000,006,408 | ---- | C] () -- C:\Windows\System32\63edz5reat3469.exe
[2009/05/14 01:10:22 | 000,012,455 | ---- | C] () -- C:\Windows\590espzrse466.exe
[2009/05/13 17:28:41 | 000,013,917 | ---- | C] () -- C:\Windows\System32\9913not-a-vz5u9448.bin
[2009/05/13 07:09:19 | 000,015,797 | ---- | C] () -- C:\Windows\96997sp572z.bin
[2009/05/12 07:05:55 | 000,006,843 | ---- | C] () -- C:\Windows\1z5backdoor20789.dll
[2009/05/10 23:12:37 | 000,011,995 | ---- | C] () -- C:\Windows\System32\1c89tzief1855.exe
[2009/05/10 18:11:22 | 000,004,653 | ---- | C] () -- C:\Windows\System32\915z3hacktool55.dll
[2009/05/09 17:40:33 | 000,017,515 | ---- | C] () -- C:\Windows\351backdooz1599.exe
[2009/05/08 14:39:20 | 000,005,789 | ---- | C] () -- C:\Windows\4b9bthzea9109915.bin
[2009/05/07 22:36:09 | 000,010,636 | ---- | C] () -- C:\Windows\9876download5r3046z.dll
[2009/05/06 00:09:22 | 000,016,709 | ---- | C] () -- C:\Windows\1edzspyware16549.dll
[2009/05/05 23:47:26 | 000,012,873 | ---- | C] () -- C:\Windows\5745thrzat9918.bin
[2009/05/03 17:42:43 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/05/03 17:42:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/05/03 04:19:30 | 000,017,593 | ---- | C] () -- C:\Windows\System32\517es9yw5re5z5.bin
[2009/05/02 03:54:54 | 000,007,308 | ---- | C] () -- C:\Windows\System32\51620hacktoo9343z.exe
[2009/04/28 00:24:29 | 000,002,608 | ---- | C] () -- C:\Windows\System32\3b589teal24z.bin
[2009/04/24 07:31:19 | 000,004,660 | ---- | C] () -- C:\Windows\174z65a9ktool3fc.bin
[2009/04/23 13:58:16 | 000,008,067 | ---- | C] () -- C:\Windows\System32\322439iz5s586.bin
[2009/04/20 00:23:26 | 000,012,586 | ---- | C] () -- C:\Windows\47f5zpy5are2089.dll
[2009/04/18 06:19:34 | 000,015,924 | ---- | C] () -- C:\Windows\System32\7591vi5uz262.dll
[2009/04/18 05:43:06 | 000,011,216 | ---- | C] () -- C:\Windows\System32\472zs5ambo93e1.exe
[2009/04/17 10:20:32 | 000,013,805 | ---- | C] () -- C:\Windows\7ffd9p5zare77.dll
[2009/04/16 13:08:18 | 000,007,482 | ---- | C] () -- C:\Windows\7z9bbackdoor582.bin
[2009/04/15 15:21:10 | 000,003,935 | ---- | C] () -- C:\Windows\9551viruszbf.bin
[2009/04/15 05:52:03 | 000,014,402 | ---- | C] () -- C:\Windows\zc84vir24459.dll
[2009/04/13 13:26:43 | 000,004,190 | ---- | C] () -- C:\Windows\91303zpamb5t3bc.dll
[2009/04/10 20:40:04 | 000,006,168 | ---- | C] () -- C:\Windows\79a7stza51954.bin
[2009/04/10 16:08:00 | 000,011,055 | ---- | C] () -- C:\Windows\System32\157z9w9rm5de.dll
[2009/04/09 08:19:45 | 000,013,717 | ---- | C] () -- C:\Windows\System32\23760viru59z3.dll
[2009/04/08 11:53:21 | 000,009,933 | ---- | C] () -- C:\Windows\System32\7676haczto5l30b9.dll
[2009/04/08 10:24:53 | 000,009,688 | ---- | C] () -- C:\Windows\548dbackdo9rz101.exe
[2009/04/05 23:56:03 | 000,000,042 | ---- | C] () -- C:\Windows\MS.INI
[2009/04/05 00:50:50 | 000,014,680 | ---- | C] () -- C:\Windows\239505ozm2b8.dll
[2009/03/30 08:13:16 | 000,002,202 | ---- | C] () -- C:\Windows\winros.ini
[2009/03/30 08:13:16 | 000,000,046 | ---- | C] () -- C:\Windows\reader.Ini
[2009/03/30 08:13:16 | 000,000,009 | ---- | C] () -- C:\Windows\WinSig.Ini
[2009/03/30 08:13:04 | 000,080,624 | ---- | C] () -- C:\Windows\System32\SH30W32.DLL
[2009/03/24 05:09:59 | 000,014,967 | ---- | C] () -- C:\Windows\System32\84985iruszec9.dll
[2009/03/23 09:21:08 | 000,000,084 | ---- | C] () -- C:\Windows\netdet.ini
[2009/03/22 16:03:58 | 000,003,313 | ---- | C] () -- C:\Windows\6d09thze51104.bin
[2009/03/21 03:17:13 | 000,012,949 | ---- | C] () -- C:\Windows\System32\5979spzmbo93c3.dll
[2009/03/19 20:48:15 | 000,139,264 | ---- | C] () -- C:\Windows\ShareBarData.dll
[2009/03/19 18:46:47 | 000,002,316 | ---- | C] () -- C:\Windows\elwave76.ini
[2009/03/17 21:02:39 | 000,003,556 | ---- | C] () -- C:\Windows\System32\26685notza-vi9us56f.exe
[2009/03/15 05:07:21 | 000,014,622 | ---- | C] () -- C:\Windows\23215not5a9viruz75.bin
[2009/03/11 14:21:49 | 000,008,576 | ---- | C] () -- C:\Windows\System32\1a0s5ywarez109.bin
[2009/03/11 07:30:46 | 000,018,042 | ---- | C] () -- C:\Windows\System32\15705wzrm9a.dll
[2009/03/10 20:49:46 | 000,007,358 | ---- | C] () -- C:\Windows\System32\3893wozm159.bin
[2009/03/06 07:37:34 | 000,005,950 | ---- | C] () -- C:\Windows\System32\55eddow9loadez28285.exe
[2009/03/04 19:25:33 | 000,004,010 | ---- | C] () -- C:\Windows\1z85st9al638.exe
[2009/03/01 09:19:55 | 000,007,647 | ---- | C] () -- C:\Windows\System32\19855zac5tool414.exe
[2009/02/26 18:14:55 | 000,011,596 | ---- | C] () -- C:\Windows\System32\5553vizus69e9.exe
[2009/02/25 17:22:21 | 000,005,808 | ---- | C] () -- C:\Windows\System32\4a92thiefz475.dll
[2009/02/19 06:53:36 | 000,009,832 | ---- | C] () -- C:\Windows\System32\5be5v9r5z04.dll
[2009/02/17 03:18:20 | 000,008,583 | ---- | C] () -- C:\Windows\56489troj3z9.exe
[2009/02/15 21:10:09 | 000,011,761 | ---- | C] () -- C:\Windows\System32\16e55pyw9rez600.exe
[2009/02/12 14:48:39 | 000,013,902 | ---- | C] () -- C:\Windows\System32\289165ot-a9viruszba.dll
[2009/02/12 09:00:18 | 000,003,737 | ---- | C] () -- C:\Windows\System32\12925spy590z.dll
[2009/02/11 15:14:01 | 000,007,554 | ---- | C] () -- C:\Windows\5225t9ief1812z.dll
[2009/02/11 06:30:34 | 000,008,843 | ---- | C] () -- C:\Windows\6005b9c5dozr2839.exe
[2009/02/10 10:17:10 | 000,007,297 | ---- | C] () -- C:\Windows\235dth9ef2949z.exe
[2009/02/10 06:28:25 | 000,004,022 | ---- | C] () -- C:\Windows\System32\9580hac5tool3z8.bin
[2009/02/06 05:31:51 | 000,014,608 | ---- | C] () -- C:\Windows\System32\53acstealz597.exe
[2009/02/04 06:00:49 | 000,010,798 | ---- | C] () -- C:\Windows\10z79troj588.exe
[2009/02/03 09:34:48 | 000,006,275 | ---- | C] () -- C:\Windows\System32\z7057spa9bot2ba.exe
[2009/01/29 19:35:48 | 000,000,018 | ---- | C] () -- C:\Windows\UseDop.ini
[2009/01/27 20:31:47 | 000,000,018 | ---- | C] () -- C:\Windows\DirSelUseDop.ini
[2009/01/27 10:58:35 | 000,002,688 | ---- | C] () -- C:\Windows\System32\198355pyz9.dll
[2009/01/25 06:05:47 | 000,004,107 | ---- | C] () -- C:\Windows\2d2bthi5z679.exe
[2009/01/24 10:17:10 | 000,005,945 | ---- | C] () -- C:\Windows\2158hacktoo5z9f.exe
[2009/01/23 02:32:37 | 000,007,811 | ---- | C] () -- C:\Windows\System32\3c1fz5arse2981.bin
[2009/01/23 01:46:36 | 000,012,751 | ---- | C] () -- C:\Windows\459aspyza95952.bin
[2009/01/19 06:54:58 | 000,012,264 | ---- | C] () -- C:\Windows\System32\1295zsp53d6.exe
[2009/01/18 13:18:37 | 000,014,110 | ---- | C] () -- C:\Windows\22691v9ruszda5.bin
[2009/01/17 21:23:41 | 000,007,652 | ---- | C] () -- C:\Windows\1z649not-a-virus17c5.exe
[2009/01/16 23:27:12 | 000,015,117 | ---- | C] () -- C:\Windows\System32\9c05viz2135.bin
[2009/01/16 12:33:14 | 000,006,968 | ---- | C] () -- C:\Windows\3a59viz1597.bin
[2009/01/14 17:06:38 | 000,007,213 | ---- | C] () -- C:\Windows\565fspywarz498.bin
[2009/01/14 06:46:58 | 000,010,291 | ---- | C] () -- C:\Windows\31673spz7579.dll
[2009/01/08 10:51:59 | 000,003,341 | ---- | C] () -- C:\Windows\59cethie9425z.dll
[2009/01/08 08:43:24 | 000,004,739 | ---- | C] () -- C:\Windows\4859addw9rz589.exe
[2009/01/07 01:11:48 | 000,009,047 | ---- | C] () -- C:\Windows\566ezparse5419.dll
[2009/01/06 23:14:46 | 000,018,069 | ---- | C] () -- C:\Windows\System32\15dbdow9l5ader25z1.dll
[2008/12/29 00:25:16 | 000,012,993 | ---- | C] () -- C:\Windows\13590sz5mbot2c6.dll
[2008/12/27 13:22:45 | 000,011,903 | ---- | C] () -- C:\Windows\7bfthr59t29545z.dll
[2008/12/20 05:52:17 | 000,010,129 | ---- | C] () -- C:\Windows\z865virus1c9.dll
[2008/12/18 19:16:53 | 000,012,639 | ---- | C] () -- C:\Windows\55cedo5nloz9er379.dll
[2008/12/15 18:50:34 | 000,001,356 | ---- | C] () -- C:\Users\Administrator\AppData\Local\d3d9caps.dat
[2008/12/15 16:36:09 | 000,018,412 | ---- | C] () -- C:\Windows\13z32v5rus29e9.bin
[2008/12/10 04:57:45 | 000,006,217 | ---- | C] () -- C:\Windows\System32\185775ro9z27.exe
[2008/12/06 08:54:38 | 000,008,302 | ---- | C] () -- C:\Windows\51213tro9z47.dll
[2008/12/03 11:20:40 | 000,014,778 | ---- | C] () -- C:\Windows\System32\6589spyware8z9.bin
[2008/12/02 19:53:50 | 000,012,241 | ---- | C] () -- C:\Windows\System32\5b41stz5l1999.dll
[2008/11/28 10:58:48 | 000,004,742 | ---- | C] () -- C:\Windows\System32\50892v9rzsad.exe
[2008/11/27 18:10:04 | 000,002,998 | ---- | C] () -- C:\Windows\System32\3199h5ckzoo9126.dll
[2008/11/25 20:26:27 | 000,014,895 | ---- | C] () -- C:\Windows\1204downzo5der429.bin
[2008/11/24 15:09:55 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2008/11/24 15:09:32 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2008/11/24 02:30:41 | 000,007,909 | ---- | C] () -- C:\Windows\System32\7z49downloader2514.exe
[2008/11/23 09:19:20 | 000,004,310 | ---- | C] () -- C:\Windows\System32\193235pamboz449.bin
[2008/11/20 13:28:30 | 000,004,289 | ---- | C] () -- C:\Windows\7z9fth59at15408.bin
[2008/11/19 11:33:49 | 000,011,667 | ---- | C] () -- C:\Windows\System32\1580zno5-a-virus498.exe
[2008/11/17 09:42:51 | 000,011,566 | ---- | C] () -- C:\Windows\System32\z05ethie91076.bin
[2008/11/17 02:35:09 | 000,007,793 | ---- | C] () -- C:\Windows\System32\3e51thie9z316.exe
[2008/11/16 10:54:53 | 000,008,380 | ---- | C] () -- C:\Windows\System32\18857za9kt5ol776.dll
[2008/11/15 02:23:54 | 000,009,827 | ---- | C] () -- C:\Windows\System32\9zd8vir27825.bin
[2008/11/14 18:10:03 | 000,015,847 | ---- | C] () -- C:\Windows\b5esteal19z29.exe
[2008/11/14 07:34:42 | 000,017,068 | ---- | C] () -- C:\Windows\20591v9rus4zd.exe
[2008/11/14 05:31:29 | 000,005,061 | ---- | C] () -- C:\Windows\28505szamb9tcd.bin
[2008/11/13 04:55:49 | 000,003,651 | ---- | C] () -- C:\Windows\System32\9503s9z123.exe
[2008/11/12 04:52:56 | 000,008,200 | ---- | C] () -- C:\Windows\System32\7323thief2594z.dll
[2008/11/10 13:38:49 | 000,003,375 | ---- | C] () -- C:\Windows\25831wormz3b9.dll
[2008/11/10 02:49:31 | 000,008,642 | ---- | C] () -- C:\Windows\System32\21051troj69ez.exe
[2008/11/07 21:07:27 | 000,007,872 | ---- | C] () -- C:\Windows\522vz9us5e.bin
[2008/11/02 09:33:00 | 000,017,846 | ---- | C] () -- C:\Windows\7583spamb9tza7.bin
[2008/10/25 01:34:39 | 000,002,583 | ---- | C] () -- C:\Windows\System32\z0d5down5oa9er1533.dll
[2008/10/24 11:35:56 | 000,012,406 | ---- | C] () -- C:\Windows\System32\1049zh5cktool5d29.exe
[2008/10/24 02:40:12 | 000,010,008 | ---- | C] () -- C:\Windows\16796za9ktool557.exe
[2008/10/23 15:57:29 | 000,018,206 | ---- | C] () -- C:\Windows\50feszy9are1915.exe
[2008/10/19 23:07:31 | 000,003,712 | ---- | C] () -- C:\Windows\z0fas5ea92911.exe
[2008/10/17 21:25:00 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/10/17 21:25:00 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/10/17 21:24:38 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf07a.dat
[2008/10/15 11:40:22 | 000,012,392 | ---- | C] () -- C:\Windows\System32\z5742h5ckt9ol4b9.bin
[2008/10/14 15:14:57 | 000,011,814 | ---- | C] () -- C:\Windows\f4st5zl9217.dll
[2008/10/13 03:41:33 | 000,006,384 | ---- | C] () -- C:\Windows\54079zrm52.bin
[2008/10/01 22:36:36 | 000,014,828 | ---- | C] () -- C:\Windows\System32\3076zspy259.exe
[2008/09/28 13:16:24 | 000,006,608 | ---- | C] () -- C:\Windows\System32\19a7th5eatz2277.dll
[2008/09/25 19:44:08 | 000,008,449 | ---- | C] () -- C:\Windows\77dbt9ief2z25.bin
[2008/09/24 17:19:27 | 000,011,032 | ---- | C] () -- C:\Windows\z489spy5are1705.dll
[2008/09/24 09:06:08 | 000,015,347 | ---- | C] () -- C:\Windows\System32\24227zp922a5.exe
[2008/09/23 01:02:40 | 000,013,974 | ---- | C] () -- C:\Windows\31956not-a-vz5us242.exe
[2008/09/22 12:52:28 | 000,000,143 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2008/09/19 17:48:44 | 000,005,780 | ---- | C] () -- C:\Windows\System32\93z7t5oj469.exe
[2008/09/18 16:48:13 | 000,003,039 | ---- | C] () -- C:\Windows\System32\56a45p9zse991.bin
[2008/09/18 08:34:07 | 000,014,437 | ---- | C] () -- C:\Windows\23242n5t-a-9irus7cz.exe
[2008/09/16 04:02:28 | 000,016,997 | ---- | C] () -- C:\Windows\System32\5565v9r1z45.exe
[2008/09/12 20:13:08 | 000,007,757 | ---- | C] () -- C:\Windows\System32\2z365vi9us215.dll
[2008/09/12 13:13:25 | 000,015,685 | ---- | C] () -- C:\Windows\23494virus225z.dll
[2008/09/12 11:54:59 | 000,010,932 | ---- | C] () -- C:\Windows\System32\292235p9mboz394.dll
[2008/09/09 21:33:35 | 000,000,042 | ---- | C] () -- C:\Windows\ib.ini
[2008/09/09 21:33:34 | 000,026,624 | ---- | C] () -- C:\Windows\GetIe.dll
[2008/09/09 19:59:20 | 000,003,632 | ---- | C] () -- C:\Windows\System32\6592thre5t27019z.dll
[2008/09/09 03:08:52 | 000,002,817 | ---- | C] () -- C:\Windows\19zesteal2465.dll
[2008/09/08 07:04:48 | 000,011,932 | ---- | C] () -- C:\Windows\297steal1953z.bin
[2008/09/06 18:27:44 | 000,004,305 | ---- | C] () -- C:\Windows\41855pamzot1799.dll
[2008/09/03 03:00:30 | 000,003,965 | ---- | C] () -- C:\Windows\7d95szarse2811.exe
[2008/08/28 19:19:46 | 000,016,183 | ---- | C] () -- C:\Windows\System32\9620sp91z65.bin
[2008/08/26 04:42:04 | 000,018,406 | ---- | C] () -- C:\Windows\System32\3532trzj3fe9.dll
[2008/08/20 15:22:41 | 000,006,776 | ---- | C] () -- C:\Windows\System32\7f3eviz21795.dll
[2008/08/18 08:07:49 | 000,003,561 | ---- | C] () -- C:\Windows\System32\24afbackdoorz9925.bin
[2008/08/17 04:59:38 | 000,003,997 | ---- | C] () -- C:\Windows\289a5ddw9rez959.bin
[2008/08/16 18:54:14 | 000,016,039 | ---- | C] () -- C:\Windows\System32\21836not-a9virus65z.dll
[2008/08/15 09:50:53 | 000,003,578 | ---- | C] () -- C:\Windows\29dbacz9oor5178.exe
[2008/08/14 14:54:29 | 000,003,989 | ---- | C] () -- C:\Windows\5b94s5eaz1673.bin
[2008/08/14 12:56:34 | 000,016,375 | ---- | C] () -- C:\Windows\System32\9566tr9j55fz.exe
[2008/08/14 09:52:50 | 000,003,153 | ---- | C] () -- C:\Windows\25a5st5a9z270.dll
[2008/08/09 21:42:40 | 000,012,619 | ---- | C] () -- C:\Windows\System32\22899s5amzot2c0.bin
[2008/08/06 23:07:19 | 000,002,694 | ---- | C] () -- C:\Windows\System32\19593spazbotd9.bin
[2008/08/03 11:16:42 | 000,005,124 | ---- | C] () -- C:\Windows\System32\7059downlzader2952.dll
[2008/08/01 18:42:54 | 000,018,076 | ---- | C] () -- C:\Windows\System32\228925zoj635.dll
[2008/07/29 05:26:32 | 000,011,351 | ---- | C] () -- C:\Windows\24426not-z-viru9de5.dll
[2008/07/27 04:26:39 | 000,018,335 | ---- | C] () -- C:\Windows\System32\6986vir5z4e2.dll
[2008/07/25 04:38:56 | 000,010,246 | ---- | C] () -- C:\Windows\System32\59a4addware213z.dll
[2008/07/22 18:52:58 | 000,008,339 | ---- | C] () -- C:\Windows\15599hac5tooz12b.exe
[2008/07/19 18:46:10 | 000,005,004 | ---- | C] () -- C:\Windows\System32\2987t5reat268z1.bin
[2008/07/14 16:38:37 | 000,005,300 | ---- | C] () -- C:\Windows\System32\779f5parsz9823.bin
[2008/07/14 09:36:12 | 000,016,990 | ---- | C] () -- C:\Windows\c09spaz5e2727.dll
[2008/07/06 01:27:07 | 000,016,249 | ---- | C] () -- C:\Windows\10690hazktoo5599.bin
[2008/07/05 00:53:04 | 000,013,539 | ---- | C] () -- C:\Windows\System32\5aa59hzeat30457.dll
[2008/07/05 00:36:16 | 000,016,154 | ---- | C] () -- C:\Windows\System32\815znot-a5v9rus623.dll
[2008/06/27 22:35:44 | 000,013,143 | ---- | C] () -- C:\Windows\5d9cba9kdzor2285.dll
[2008/06/25 10:20:09 | 000,003,584 | ---- | C] () -- C:\Windows\System32\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/25 10:20:09 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/06/24 23:32:24 | 000,015,261 | ---- | C] () -- C:\Windows\298895orz29a.bin
[2008/06/22 23:41:13 | 000,011,476 | ---- | C] () -- C:\Windows\System32\z8519spy38f.bin
[2008/06/22 08:18:59 | 000,003,295 | ---- | C] () -- C:\Windows\z08945irus919.dll
[2008/06/19 13:25:50 | 000,007,897 | ---- | C] () -- C:\Windows\System32\512dspzrse9877.dll
[2008/06/17 12:51:29 | 000,018,413 | ---- | C] () -- C:\Windows\System32\99922szy5a5.dll
[2008/06/16 08:16:12 | 000,012,076 | ---- | C] () -- C:\Windows\System32\zfb2sp5rse2609.exe
[2008/06/14 08:54:41 | 000,008,111 | ---- | C] () -- C:\Windows\System32\49z5spy40c.dll
[2008/06/13 03:56:31 | 000,015,973 | ---- | C] () -- C:\Windows\25235zpy5b9.bin
[2008/06/11 09:01:35 | 000,011,322 | ---- | C] () -- C:\Windows\System32\59z5r398.exe
[2008/06/09 12:48:26 | 000,007,596 | ---- | C] () -- C:\Windows\System32\89z7not5a-virus5c1.bin
[2008/06/04 20:18:52 | 000,014,069 | ---- | C] () -- C:\Windows\System32\962zvir1594.bin
[2008/06/04 18:52:02 | 000,018,269 | ---- | C] () -- C:\Windows\7a7download5r2549z.exe
[2008/06/02 14:08:34 | 000,003,002 | ---- | C] () -- C:\Windows\31501sp95dz.bin
[2008/05/26 01:53:23 | 000,002,549 | ---- | C] () -- C:\Windows\System32\97f4st5az2367.exe
[2008/05/25 20:35:47 | 000,009,244 | ---- | C] () -- C:\Windows\System32\63cfad9ware552z.bin
[2008/05/22 09:23:30 | 000,008,501 | ---- | C] () -- C:\Windows\20273spa5z9t550.dll
[2008/05/22 06:58:35 | 000,004,130 | ---- | C] () -- C:\Windows\System32\5bcezown5o9der2066.bin
[2008/05/19 23:52:23 | 000,016,307 | ---- | C] () -- C:\Windows\System32\35b5zownl9ader3265.bin
[2008/05/19 02:52:12 | 000,015,779 | ---- | C] () -- C:\Windows\System32\6a9back5oo92z53.dll
[2008/05/17 17:56:29 | 000,010,834 | ---- | C] () -- C:\Windows\System32\2917zroj597.dll
[2008/05/15 02:36:14 | 000,010,957 | ---- | C] () -- C:\Windows\zcespywa9e1558.exe
[2008/05/14 03:56:26 | 000,007,185 | ---- | C] () -- C:\Windows\System32\955s5eal47z.dll
[2008/05/13 15:11:03 | 000,009,925 | ---- | C] () -- C:\Windows\222245o9mz61.exe
[2008/05/10 11:53:57 | 000,006,808 | ---- | C] () -- C:\Windows\System32\5059downzoader1980.bin
[2008/05/10 03:23:28 | 000,015,135 | ---- | C] () -- C:\Windows\2866thzef9759.bin
[2008/05/10 02:53:35 | 000,004,012 | ---- | C] () -- C:\Windows\System32\z1679w5rm1c2.bin
[2008/05/08 18:26:49 | 000,016,582 | ---- | C] () -- C:\Windows\128129zr5s548.dll
[2008/05/07 16:37:27 | 000,011,039 | ---- | C] () -- C:\Windows\System32\5d73st95l3121z.dll
[2008/05/05 02:06:03 | 000,015,295 | ---- | C] () -- C:\Windows\System32\792czhre9523275.dll
[2008/05/04 17:45:17 | 000,000,073 | ---- | C] () -- C:\Windows\ORChart.Ini
[2008/05/04 11:09:09 | 000,011,746 | ---- | C] () -- C:\Windows\22a9vi535z.bin
[2008/05/03 15:37:16 | 000,017,502 | ---- | C] () -- C:\Windows\System32\870troz6859.dll
[2008/05/01 14:30:49 | 000,004,076 | ---- | C] () -- C:\Windows\System32\3z95thief2912.bin
[2008/04/29 04:30:03 | 000,008,735 | ---- | C] () -- C:\Windows\System32\1937spar9e459z.bin
[2008/04/28 14:06:30 | 000,249,856 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/28 13:33:15 | 000,078,336 | ---- | C] () -- C:\Windows\System32\SSIREGM.EXE
[2008/04/28 13:33:15 | 000,067,584 | ---- | C] () -- C:\Windows\System32\SSIREGI.EXE
[2008/04/28 13:33:15 | 000,053,248 | ---- | C] () -- C:\Windows\System32\drivers\SSIPDDP.SYS
[2008/04/28 13:33:15 | 000,026,624 | ---- | C] () -- C:\Windows\System32\SSIVDDP.DLL
[2008/04/28 13:33:15 | 000,000,740 | ---- | C] () -- C:\Windows\System32\drivers\SSIDDDP.SYS
[2008/04/28 13:32:12 | 000,001,272 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/04/28 13:32:11 | 000,000,037 | ---- | C] () -- C:\Windows\Server.INI
[2008/04/28 13:31:57 | 000,040,448 | ---- | C] () -- C:\Windows\System32\REGOBJ.DLL
[2008/04/28 13:31:57 | 000,004,528 | ---- | C] () -- C:\Windows\System32\SETBROWS.EXE
[2008/04/24 23:33:36 | 000,009,153 | ---- | C] () -- C:\Windows\System32\6659szeal825.bin
[2008/04/24 02:23:59 | 000,005,304 | ---- | C] () -- C:\Windows\System32\6935spyw5rz963.exe
[2008/04/17 00:16:07 | 000,007,171 | ---- | C] () -- C:\Windows\System32\302z8not-a-9i5usf.bin
[2008/04/14 02:03:22 | 000,007,695 | ---- | C] () -- C:\Windows\5z97hackto5l4ad9.bin
[2008/04/13 10:36:50 | 000,003,452 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/04/13 10:36:50 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\ACB52E02CC.sys
[2008/04/13 09:22:21 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/04/13 09:22:21 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/04/13 09:22:21 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/04/13 09:22:21 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/04/13 09:22:21 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/04/13 09:22:21 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/04/13 09:19:58 | 000,001,237 | ---- | C] () -- C:\Program Files\WinDVDSetup.iss
[2008/04/13 09:18:00 | 000,001,233 | ---- | C] () -- C:\Program Files\GuideMenuSetup.iss
[2008/04/11 07:17:04 | 000,016,868 | ---- | C] () -- C:\Windows\System32\754threatz08589.exe
[2008/04/08 22:47:37 | 000,010,770 | ---- | C] () -- C:\Windows\System32\199515py1z2.dll
[2008/04/08 09:59:54 | 000,017,218 | ---- | C] () -- C:\Windows\1f2caddware3595z.dll
[2008/04/08 05:16:04 | 000,018,125 | ---- | C] () -- C:\Windows\3597wor52z.bin
[2008/04/05 20:35:05 | 000,004,354 | ---- | C] () -- C:\Windows\System32\509ca5dzare931.exe
[2008/04/01 15:29:00 | 000,017,896 | ---- | C] () -- C:\Windows\73d29i5267z.exe
[2008/03/28 02:00:40 | 000,015,760 | ---- | C] () -- C:\Windows\System32\39dathrezt9509.dll
[2008/03/26 05:22:47 | 000,003,056 | ---- | C] () -- C:\Windows\System32\z9a1vi93527.bin
[2008/03/26 00:10:48 | 000,007,557 | ---- | C] () -- C:\Windows\d579zreat5954.dll
[2008/03/25 13:58:48 | 000,004,675 | ---- | C] () -- C:\Windows\4c5fvir9594z.bin
[2008/03/19 20:21:38 | 000,015,855 | ---- | C] () -- C:\Windows\System32\9c70steal515z.dll
[2008/03/14 05:36:16 | 000,003,315 | ---- | C] () -- C:\Windows\3azc9h5eat23554.bin
[2008/03/11 21:06:27 | 000,017,295 | ---- | C] () -- C:\Windows\34ffthi5z97.exe
[2008/03/11 20:33:22 | 000,011,502 | ---- | C] () -- C:\Windows\57999zpy3fa.exe
[2008/03/10 00:31:46 | 000,012,524 | ---- | C] () -- C:\Windows\50925szy7cf.dll
[2008/03/07 15:13:37 | 000,005,673 | ---- | C] () -- C:\Windows\7830dow5lzade91113.exe
[2008/03/07 07:57:16 | 000,002,660 | ---- | C] () -- C:\Windows\System32\2753zspamb591ab.exe
[2008/03/06 23:31:35 | 000,002,779 | ---- | C] () -- C:\Windows\System32\24c5sparse2469z.exe
[2008/03/02 22:57:08 | 000,003,768 | ---- | C] () -- C:\Windows\3f849hzef1154.dll
[2008/02/25 14:43:14 | 000,011,591 | ---- | C] () -- C:\Windows\9023thz5f2688.bin
[2008/02/24 11:17:43 | 000,010,585 | ---- | C] () -- C:\Windows\System32\z706not5a9virus40e.dll
[2008/02/24 09:13:30 | 000,012,600 | ---- | C] () -- C:\Windows\System32\655bba5k9zor2924.exe
[2008/02/24 01:18:25 | 000,011,669 | ---- | C] () -- C:\Windows\5z2cthie9238.bin
[2008/02/23 12:00:31 | 000,003,069 | ---- | C] () -- C:\Windows\5395v9rusfz5.exe
[2008/02/22 13:11:39 | 000,012,884 | ---- | C] () -- C:\Windows\System32\51320viru9521z.bin
[2008/02/18 23:30:16 | 000,012,504 | ---- | C] () -- C:\Windows\15z99i52708.exe
[2008/02/17 21:21:53 | 000,016,364 | ---- | C] () -- C:\Windows\System32\677as9zware5762.dll
[2008/02/17 17:03:40 | 000,017,278 | ---- | C] () -- C:\Windows\System32\3908n5t9a-vzrus204.exe
[2008/02/17 06:39:47 | 000,004,045 | ---- | C] () -- C:\Windows\4692zteal1257.exe
[2008/02/06 11:08:56 | 000,014,529 | ---- | C] () -- C:\Windows\6099add5are29z7.bin
[2008/02/06 03:38:02 | 000,006,962 | ---- | C] () -- C:\Windows\System32\220czack95or955.exe
[2008/02/05 00:35:35 | 000,008,990 | ---- | C] () -- C:\Windows\752fsp9warz491.dll
[2008/02/04 13:45:08 | 000,016,876 | ---- | C] () -- C:\Windows\System32\19140s5y9c7z.bin
[2008/02/03 01:17:30 | 000,010,496 | ---- | C] () -- C:\Windows\1bd2z5yware2979.dll
[2008/01/28 15:21:36 | 000,014,742 | ---- | C] () -- C:\Windows\System32\250baczd9or856.bin
[2008/01/28 00:57:36 | 000,007,080 | ---- | C] () -- C:\Windows\System32\26f25pzr9e151.exe
[2008/01/27 11:07:09 | 000,004,065 | ---- | C] () -- C:\Windows\35e8az9war52810.bin
[2008/01/26 20:04:42 | 000,013,755 | ---- | C] () -- C:\Windows\1935tzoj3fa9.dll
[2008/01/20 17:38:01 | 000,006,900 | ---- | C] () -- C:\Windows\System32\7z529parse1052.exe
[2008/01/18 01:48:49 | 000,014,664 | ---- | C] () -- C:\Windows\z95t9i5f928.exe
[2008/01/17 08:46:13 | 000,014,767 | ---- | C] () -- C:\Windows\8zcs9a5se1614.bin
[2008/01/16 16:37:29 | 000,012,904 | ---- | C] () -- C:\Windows\System32\2f40zhrea528942.exe
[2008/01/14 15:37:04 | 000,016,026 | ---- | C] () -- C:\Windows\System32\c57zt5al1496.bin
[2008/01/13 17:24:38 | 000,014,990 | ---- | C] () -- C:\Windows\System32\92a2downlzader354.dll
[2008/01/13 08:41:00 | 000,012,063 | ---- | C] () -- C:\Windows\System32\29905vizus13f9.bin
[2008/01/12 06:23:13 | 000,008,106 | ---- | C] () -- C:\Windows\System32\96599acktooz2f.bin
[2008/01/11 03:24:06 | 000,003,107 | ---- | C] () -- C:\Windows\z955worm895.exe
[2008/01/10 23:55:33 | 000,011,874 | ---- | C] () -- C:\Windows\System32\14974sza9bot5a3.dll
[2008/01/09 18:34:24 | 000,009,230 | ---- | C] () -- C:\Windows\System32\6d4ev9z1538.dll
[2008/01/09 14:01:48 | 000,053,248 | ---- | C] () -- C:\Windows\bdoscandel.exe
[2008/01/09 14:01:48 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008/01/09 06:08:54 | 000,015,109 | ---- | C] () -- C:\Windows\148z6t9oj3f55.exe
[2008/01/09 05:34:34 | 000,008,427 | ---- | C] () -- C:\Windows\System32\e97thzeat51956.bin
[2008/01/08 20:23:32 | 000,017,517 | ---- | C] () -- C:\Windows\6f89thizf5931.exe
[2008/01/06 09:48:09 | 000,008,571 | ---- | C] () -- C:\Windows\41z7threa92572.exe
[2008/01/05 08:17:25 | 000,004,385 | ---- | C] () -- C:\Windows\System32\297905ormz2e.bin
[2008/01/05 04:42:06 | 000,013,625 | ---- | C] () -- C:\Windows\7ebes9arsz552.dll
[2007/12/16 09:16:21 | 000,000,000 | ---- | C] () -- C:\Windows\asym.ini
[2007/12/16 07:17:44 | 000,164,864 | ---- | C] () -- C:\Windows\System32\patchw32.dll
[2007/12/16 07:17:44 | 000,158,720 | ---- | C] () -- C:\Windows\System32\LFCMP61N.DLL
[2007/12/16 07:17:44 | 000,110,080 | ---- | C] () -- C:\Windows\System32\Lfpng61n.dll
[2007/12/16 07:17:44 | 000,043,008 | ---- | C] () -- C:\Windows\System32\LTFIL61N.DLL
[2007/12/16 07:17:44 | 000,017,920 | ---- | C] () -- C:\Windows\System32\MSWTHK32.DLL
[2007/12/16 07:17:44 | 000,017,920 | ---- | C] () -- C:\Windows\System32\IMPLODE.DLL
[2007/12/16 07:17:44 | 000,003,360 | ---- | C] () -- C:\Windows\System32\MSWTHK16.DLL
[2007/12/16 04:15:04 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin
[2007/12/12 15:24:03 | 000,134,883 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\nvModes.001
[2007/12/12 15:20:32 | 000,134,883 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\nvModes.dat
[2007/12/12 15:17:05 | 000,000,067 | ---- | C] () -- C:\Windows\ICILoc.INI
[2007/12/04 09:17:15 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/10/16 16:20:31 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe
[2007/10/16 16:20:21 | 000,037,232 | ---- | C] () -- C:\Windows\ASScrProlog.exe
[2007/10/16 16:20:17 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2007/10/16 16:08:13 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2007/10/16 15:42:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/10/16 14:47:21 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/06/22 19:30:20 | 000,426,824 | ---- | C] () -- C:\Windows\System32\perfh011.dat
[2007/06/22 19:30:20 | 000,139,030 | ---- | C] () -- C:\Windows\System32\perfi011.dat
[2007/06/22 19:30:20 | 000,130,744 | ---- | C] () -- C:\Windows\System32\perfc011.dat
[2007/06/22 19:30:20 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd011.dat
[2007/06/22 19:20:24 | 000,390,344 | ---- | C] () -- C:\Windows\System32\prfh0404.dat
[2007/06/22 19:20:24 | 000,130,298 | ---- | C] () -- C:\Windows\System32\prfc0404.dat
[2007/06/22 19:20:24 | 000,116,540 | ---- | C] () -- C:\Windows\System32\prfi0404.dat
[2007/06/22 19:20:24 | 000,030,674 | ---- | C] () -- C:\Windows\System32\prfd0404.dat
[2007/06/22 19:15:16 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007/05/04 13:28:59 | 000,167,936 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2007/04/17 05:31:38 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2006/12/12 12:22:43 | 000,057,344 | ---- | C] () -- C:\Windows\StkUnist.exe
[2006/11/02 22:55:52 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 22:46:27 | 000,450,232 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 22:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 21:18:36 | 000,000,006 | ---- | C] () -- C:\Windows\System32\rasmon.bin
[2006/11/02 21:18:36 | 000,000,004 | -H-- | C] () -- C:\Windows\System32\ddefact.bin
[2006/11/02 20:33:01 | 000,672,832 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 20:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 20:33:01 | 000,130,744 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 20:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 20:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 20:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 18:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 18:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 17:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 17:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/25 05:31:57 | 000,000,040 | ---- | C] () -- C:\Users\Administrator\AppData\Local\6a7011db8eb3184.dat
[2006/03/09 12:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/04/03 09:29:59 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll
[2003/11/30 12:58:28 | 000,413,696 | ---- | C] () -- C:\Windows\System32\MetaLib.dll
[2003/07/17 16:56:18 | 000,045,056 | ---- | C] () -- C:\Windows\System32\wx.dll
[2003/07/10 14:57:16 | 000,139,264 | ---- | C] () -- C:\Windows\System32\NST-TS32.DLL
[2002/09/26 12:03:50 | 000,180,224 | ---- | C] () -- C:\Windows\System32\WSGAIQ.DLL
[2002/05/24 08:37:32 | 000,090,112 | ---- | C] () -- C:\Windows\System32\M3HIST.DLL
[2002/05/24 08:36:48 | 000,188,416 | ---- | C] () -- C:\Windows\System32\M3ACCESS.DLL
[2001/03/14 06:52:08 | 000,114,688 | ---- | C] () -- C:\Windows\System32\AIQSDKIF.DLL
[2001/03/14 06:51:52 | 000,036,864 | ---- | C] () -- C:\Windows\System32\AIQSDKIO.DLL
[2000/07/01 09:14:06 | 000,000,040 | ---- | C] () -- C:\Windows\806e6f6e6963215.ini
[1998/10/12 11:50:20 | 000,059,900 | ---- | C] () -- C:\Windows\System32\NSTRD-TS.DLL
[1998/10/06 16:16:30 | 000,016,896 | ---- | C] () -- C:\Windows\System32\NSTOMG32.DLL
[1998/05/06 14:09:59 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll
[1997/10/28 10:04:02 | 000,004,096 | ---- | C] () -- C:\Windows\System32\NSTRDAUT.DLL
[1997/09/22 11:02:16 | 000,000,947 | ---- | C] () -- C:\Windows\NSTRDDL.INI
[1997/09/22 11:02:16 | 000,000,734 | ---- | C] () -- C:\Windows\NSTRDAIQ.INI
[1997/09/22 10:41:12 | 000,000,843 | ---- | C] () -- C:\Windows\DDDOWN.INI
========== LOP Check ==========
[2010/01/04 11:33:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\BinaryMark
[2011/09/06 12:31:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
[2008/04/28 12:57:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Desktop Sidebar
[2009/05/11 09:01:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ESET
[2008/04/28 18:32:21 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Fidelity Wealth-Lab Pro
[2009/06/10 19:37:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FVZilla
[2010/04/02 11:22:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GetRight
[2009/06/09 12:32:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GrabPro
[2007/12/12 15:37:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Halifax
[2011/04/27 20:43:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Hayqeb
[2009/06/05 11:29:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Home Designer Suite 8.0
[2007/10/16 16:16:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Infineon
[2008/10/27 19:10:40 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\InterVideo
[2011/04/26 10:03:39 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Ixaro
[2008/11/26 16:58:41 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Kaspersky_Key_Finder_(KKF
[2009/12/11 21:22:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\LimeWire
[2009/07/02 22:40:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera
[2011/09/06 12:31:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2010/10/05 09:06:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OrderPad
[2009/12/20 10:27:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PE Explorer
[2009/06/02 16:55:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\play2p
[2009/05/11 15:55:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Spacejock Software
[2008/04/28 13:15:39 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2010/01/09 09:53:59 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TradeStation Technologies
[2008/07/20 13:38:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Trading Applications
[2008/04/13 10:38:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Ulead Systems
[2011/08/05 13:24:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent
[2008/04/28 12:00:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Windows Sidebar Styler
[2011/09/06 18:30:07 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/06/09 10:52:31 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CC0982BA-96C2-47DC-B950-CC74AC6FBB12}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2011/09/06 17:42:40 | 000,089,088 | ---- | M] () -- C:\mbr.exe
< MD5 for: EXPLORER.EXE >
[2008/10/29 16:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 16:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 16:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 13:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/05/10 12:18:57 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/05/10 12:18:57 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008/10/28 12:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 19:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/18 22:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SVCHOST.EXE >
[2006/11/02 19:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/18 22:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/18 22:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >
[2008/01/18 22:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/18 22:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 19:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006/11/02 19:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/18 22:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/18 22:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< C:\Windows\assembly\tmp\U /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:93D87D71
@Alternate Data Stream - 177 bytes -> C:\ProgramData\TEMP:66C7F108
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:A73B0434
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:8CE646EE
< End of report >
///////////////////////////////////////////////////////////////////////////////////
OTL Extras logfile created on: 12/09/2011 11:13:16 AM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Administrator\Downloads
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.92% Memory free
4.22 Gb Paging File | 3.67 Gb Available in Paging File | 86.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 19.33 Gb Free Space | 17.29% Space Free | Partition Type: NTFS
Drive D: | 66.71 Gb Total Space | 25.51 Gb Free Space | 38.24% Space Free | Partition Type: NTFS
Computer Name: AL-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-118959114-2448864244-3603343370-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Media Players\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Media Players\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Media Players\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F853BD-309B-4329-AF0C-BDA87344A166}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{0645543A-4FE6-4B5F-80F8-56B1DF5AEFFE}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{0A384976-C4B8-4B57-82C8-9A19766218E3}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{0FE64378-B74B-412E-A845-CCEDFE345B4B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{135904C3-9B16-48F0-8149-09DBDDF774E4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{1558DFDF-8339-41D2-86BB-55165003F924}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2D60A20C-F879-4D3C-8B09-4050ABC35D79}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3095BCFE-AB95-46D0-9EBA-7D0B40D97EF9}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 |
"{36CA5F50-6209-4504-B75B-067D598A9603}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 |
"{3AAF7886-DA0F-424E-8839-D5106229B17E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{41BFA71D-EEEA-4130-B276-38081AC03E31}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{444774C0-66FC-485A-B276-0BDED9B4CDE8}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{468513F0-8364-4AF1-8D30-026A16297680}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4E550E7B-14EA-41D8-B0B3-A4C3AE1D993F}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 |
"{4EAE89E4-9CEE-4C39-9F7A-414F80EB6E15}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{53D5849D-B4EE-45D6-80B4-DF2D2C1E70E6}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{614021F0-A366-4DCF-AD18-FB0868FE0E8B}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{6266B4A7-1A69-4D17-BB1C-5931A3E2074B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{62BE6AC8-BFCF-4003-BE0E-63198DCA007C}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6E87442F-1E92-4D04-8DBB-E0C18ED2481C}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 |
"{76271B2F-0B04-45CC-832D-C868BDBB32C7}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 |
"{771AB1D5-5AF3-4EDB-8306-D2125E712E4A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7C297CD7-13E7-453E-BC15-40B79FD9A128}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{81C69958-905C-4D92-AEA9-DE50B4278662}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 |
"{824B4EA3-DFB4-4801-A1A7-99E335719C00}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8DC80606-F67D-4DA8-A77F-D84658A7EF6E}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{9872DDC1-A216-4FE4-B2BC-675644505A68}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 |
"{9A9E2865-39AB-4CAF-8047-1BFBA3AABC13}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 |
"{9B770E3F-CEDD-4A28-A358-5F5F746897DD}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A8FFE4B0-C4DF-449F-924B-6B255C2B878E}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 |
"{AAAA4C65-2DAB-48DB-8E28-3E8BD4B63C7B}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 |
"{AD7BDDFB-B30A-4B3C-AC20-6F5390D355F6}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{B2A4D8DF-7C79-43EF-816B-47DC628979E1}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{C6EDA810-440B-4A89-ADBD-56C4BF92E52D}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{CB61BCB2-FEDB-4801-A643-EB65A542D956}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CC3AAFFE-923B-47F5-BBFD-FAC3A9B69D30}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{D70FEBD1-EBDE-4F2F-8F9E-E416D9909846}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{EACF92FA-B3C2-439C-A692-C9A0729E0146}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 |
"{F77CD18D-4BF7-4017-A206-B4041E5187F6}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03114243-342E-404C-9FD6-80E6FDD740C8}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{1CE7962F-CEFA-48D9-8C72-DB357FA2F5DD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2C6ED11F-2E9B-4BAA-B554-CC15640FCB6D}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{3B9E42F2-3B72-481E-8734-83E37703A33E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{43A7B84D-B88B-4080-B645-01ACEE9B82B1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{43DA337B-8739-4B71-87F0-8AA7ACB7CB0A}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5043C855-52CC-430B-A4A6-C82EEB7387B0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5130FD5B-0D63-45C0-A12A-E9F928C63D9D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{53310A10-4365-4793-9B83-11F952A8973F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{57C6F67C-EF2B-496C-B004-7D6232B51C02}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{6CC3E249-CBE5-444A-BA8A-C4940D0B9E46}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7246345B-76B2-4D24-8AB2-4638669B4F9F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7655437F-7A5F-4DCA-8030-5E21E00D1944}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9B253337-0229-4E1A-998E-4E14A10C3125}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9FFFCD44-710D-4556-A289-AF0761BD0815}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BE20592A-22E1-4DB5-B1E5-4A59BBAD0892}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C0866EC8-D89A-4D5A-91FD-BA6FBC0D25BA}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{E17C46D5-0032-4775-9F72-82586A75F83F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{EB079421-81F5-41C3-B251-8A52B6F1F65C}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{F77C3629-80DE-451D-A540-F3AC7D3A67B8}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"TCP Query User{1B66F7F1-3EF2-4D87-96F7-14593AAAF153}C:\program files\downloaders\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\downloaders\utorrent.exe |
"TCP Query User{7996A774-E7B9-4C9D-AF33-6EC8C686EB53}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{5AA9228A-BD32-45AB-8D0D-09F00B71E239}C:\program files\downloaders\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\downloaders\utorrent.exe |
"UDP Query User{AD0AC805-3391-4F4F-A21D-C24F2887FA91}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D2E80C8-0875-43EB-9623-47118E2DFBCA}" = Quicken 2007
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile Device Center
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 13
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{30B090E9-273C-47C2-AA96-8BA0AAB60BBD}_is1" = TurTrades
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = Go Trader MT4 4.00
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4B719A70-F14A-4f5c-90B5-346B24B7FFF1}" = Windows 7 Upgrade Advisor
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5C1E1493-42CB-4CE8-8744-97BF094B429D}" = NinjaTrader 6.5
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D299DC3-31E2-45C6-8E36-263A2AB1CE8C}" = InterVideo WinDVD SE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72FD5F2E-1F7A-4E9B-8838-29E842E178CD}" = Join ME
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7823AE39-410B-4C73-8206-0715FB1B9E7E}" = MTPredictor6
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{83104339-BF03-4ECA-910F-7B5344717EB5}" = GuideMenu
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{85C70286-A56F-4834-BD24-B34EB76A93A2}" = ESET NOD32 Antivirus
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8CD0B297-122D-4718-9CE1-B72E796F7B21}" = Sony Ericsson Media Manager 1.2
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8FAE8F4A-E32A-49DA-B29F-DF51657AB4E6}" = Tim Ord Volume Charts
"{900792CC-3203-356C-EC2D-C3E558991ACE}" = Home Designer Suite 8
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Turbo Memory and Intel® Matrix Storage Manager
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BAF043B-82FC-43E2-96EA-5F68015F4FA2}" = AuthenTec Fingerprint Sensor Minimum Install
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A29F583C-DAB1-435F-BD87-6D76834D7A0A}" = NeuroShell Trader 5
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A5002D88-7A93-48D5-9844-2DD3FB9230C1}" = Order Pad
"{A92D7264-1A13-45BE-B769-88445DD04FD6}" = Desktop Sidebar
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B547CB8D-549A-436E-97B5-E79F911B11E2}" = SDP Downloader
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B5EB7577-CF3A-4D39-85E4-0E8F3EA56C3C}" = Market System Analyzer 3.0
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BD5AEA80-86E6-4227-A093-6610BA0DF735}" = Windows Sidebar Styler
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C6D88D38-4DBD-452C-8F9E-0FCC03E243D7}" = E-BUDDY Setup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile Device Center Driver Update
"{CD52CB3A-AE96-47D2-AEFA-D464B8BCF44E}" = TradeStation 8.5 (Build 2274)
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D12CD09C-BFEE-4B6F-A7F7-054AEA2E369C}" = Network Recording Player
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DFF56DFF-F703-467C-AF1D-B8FAA99C7416}" = Ulead DVD MovieFactory SE
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E8C43C7E-D23C-4787-B657-A551C735D07D}" = HALIFAXONLINE
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{EEE90C2D-8ACE-4007-9CF6-B07D0516F6B9}" = Intel® PRO Network Connections 12.0.36.0
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F17B8386-A74A-4E4E-A7DD-435372991E14}" = Microsoft Visual Basic PowerPacks 2.0
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced GET" = Advanced GET
"AmiBroker_is1" = AmiBroker 5.30
"AoA Audio Extractor_is1" = AoA Audio Extractor 1.0
"Asus_VX2S_ScreenSaver" = Asus_VX2S_ScreenSaver
"Biorhythm Calculator Free" = Biorhythm Calculator Free 2009
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DT5" = Dynamic Traders Group, Inc. DT5 84
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FCharts_is1" = FCharts
"Fibonacci/Galactic Trader 4" = Fibonacci/Galactic Trader 4
"FLV Player" = FLV Player 2.0 (build 25)
"GetRight_is1" = GetRight
"HECI" = Intel® Management Engine Interface
"InstallShield_{6D299DC3-31E2-45C6-8E36-263A2AB1CE8C}" = InterVideo WinDVD SE
"InstallShield_{83104339-BF03-4ECA-910F-7B5344717EB5}" = Corel GuideMenu
"InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack
"Investor/RT" = Investor/RT
"LimeWire" = LimeWire PRO 5.0.11
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"MESOL" = Intel® Active Management Technology Device Software
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Mozilla Thunderbird (2.0.0.9)" = Mozilla Thunderbird (2.0.0.9)
"NVIDIA Drivers" = NVIDIA Drivers
"Orbit_is1" = Orbit Downloader
"PatternExplorer" = PatternExplorer
"PDF Protection Remover_is1" = PDF Protection Remover 2.0
"PE Explorer_is1" = PE Explorer 1.99 R6
"ProInst" = Intel® PROSet/Wireless Software
"PROSetDX" = Intel® PRO Network Connections 12.0.36.0
"QFeed ActiveX Components" = QFeed ActiveX Components
"Quest3D Web Plugins_is1" = Quest3D Web Player installer 4.1
"Quest3D Web Viewers 4.1.1_is1" = Quest3D Web Viewers 4.1.1
"Rainbow Sentinel Driver" = Sentinel System Driver
"RAR Password Recovery Magic_is1" = RAR Password Recovery Magic v6.1.0.2018
"RealAlt_is1" = Real Alternative 1.9.0
"Slawdog Smart Shutdown" = Slawdog Smart Shutdown
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"ST6UNST #1" = IC-Investor Version 1.89.10
"ST6UNST #2" = IC-Investor Version 1.91.56
"Stator-AFM Professional2.2" = Stator-AFM Professional
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TradeGuider EOD" = TradeGuider EOD
"Trader Workstation 4.0" = Trader Workstation 4.0
"Trading Blox" = Trading Blox
"TradingExpert Pro 5.0" = TradingExpert Pro 5.0
"UltSounds" = Windows Sound Schemes
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
"Universal Extractor_is1" = Universal Extractor 1.6
"Update Service" = Update Service
"USB2.0 1.3M WebCam" = USB2.0 1.3M WebCam
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"Wireless Broadband" = Wireless Broadband
"yRead3_is1" = yRead3
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-118959114-2448864244-3603343370-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DataTools" = DataTools
"DataUpdater" = Premium Data
"fx2" = Premium Forex
"GoToMeeting" = GoToMeeting 4.5.0.456
"MetaStock 7.2" = MetaStock 7.2
"Trader Workstation" = Trader Workstation
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13/09/2009 9:11:43 AM | Computer Name = Al-PC | Source = RasClient | ID = 20227
Description =
Error - 13/09/2009 7:37:42 PM | Computer Name = Al-PC | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 6.0.6000.16386, time stamp
0x4549b0e1, faulting module USER32.dll, version 6.0.6001.18000, time stamp 0x4791a7a6,
exception code 0xc0000142, fault offset 0x00009cac, process id 0x1028, application
start time 0x01ca34cb2d9cfc4e.
Error - 13/09/2009 7:37:52 PM | Computer Name = Al-PC | Source = RasClient | ID = 20227
Description =
Error - 13/09/2009 7:39:03 PM | Computer Name = Al-PC | Source = RasClient | ID = 20227
Description =
Error - 13/09/2009 7:40:04 PM | Computer Name = Al-PC | Source = RasClient | ID = 20227
Description =
Error - 13/09/2009 7:41:05 PM | Computer Name = Al-PC | Source = RasClient | ID = 20227
Description =
Error - 13/09/2009 7:43:21 PM | Computer Name = Al-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 13/09/2009 7:50:46 PM | Computer Name = Al-PC | Source = RasClient | ID = 20227
Description =
Error - 17/09/2009 10:22:55 PM | Computer Name = Al-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 17/09/2009 10:26:17 PM | Computer Name = Al-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ OSession Events ]
Error - 10/04/2009 5:34:01 AM | Computer Name = Al-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 3430
seconds with 60 seconds of active time. This session ended with a crash.
Error - 5/07/2009 10:05:10 PM | Computer Name = Al-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.
Error - 10/09/2009 11:32:29 PM | Computer Name = Al-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.6501.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2352
seconds with 0 seconds of active time. This session ended with a crash.
Error - 20/10/2009 5:19:33 AM | Computer Name = Al-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 41
seconds with 0 seconds of active time. This session ended with a crash.
Error - 27/11/2009 6:38:47 PM | Computer Name = Al-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 150
seconds with 60 seconds of active time. This session ended with a crash.
Error - 10/12/2009 4:55:52 AM | Computer Name = Al-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 51
seconds with 0 seconds of active time. This session ended with a crash.
Error - 16/12/2009 7:58:37 AM | Computer Name = Al-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.6501.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13776
seconds with 420 seconds of active time. This session ended with a crash.
Error - 6/04/2010 8:23:53 AM | Computer Name = Al-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.6501.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 331
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 6/09/2011 4:23:54 AM | Computer Name = Al-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6/09/2011 4:23:54 AM | Computer Name = Al-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6/09/2011 4:23:54 AM | Computer Name = Al-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6/09/2011 4:26:07 AM | Computer Name = Al-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 11/09/2011 8:50:43 PM | Computer Name = Al-PC | Source = DCOM | ID = 10005
Description =
Error - 11/09/2011 8:50:53 PM | Computer Name = Al-PC | Source = DCOM | ID = 10005
Description =
Error - 11/09/2011 8:50:56 PM | Computer Name = Al-PC | Source = DCOM | ID = 10005
Description =
Error - 11/09/2011 8:51:00 PM | Computer Name = Al-PC | Source = DCOM | ID = 10005
Description =
Error - 11/09/2011 8:51:15 PM | Computer Name = Al-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 11/09/2011 8:51:15 PM | Computer Name = Al-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >