Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Rootkit


  • Please log in to reply

#1
schmidttyduo

schmidttyduo

    New Member

  • Member
  • Pip
  • 1 posts
Windows xp pro service pack 3. Malwarebytes infected with possible dropper couple weeks ago. Eset found Win/32.

2/5/2012 5:47:52 AM Real-time file system protection file C:\System Volume Information\_restore{7323898E-20BE-43EF-8343-67D5922C3F31}\RP1005\A0149777.exe a variant of Win32/Systweak potentially unwanted application deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\system32\svchost.exe.
2/5/2012 5:47:08 AM Real-time file system protection file C:\System Volume Information\_restore{7323898E-20BE-43EF-8343-67D5922C3F31}\RP1005\A0149724.exe Win32/RegistryBooster potentially unwanted application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\system32\svchost.exe.
2/4/2012 5:58:42 PM Real-time file system protection file C:\SYSTEM VOLUME INFORMATION\_RESTORE{7323898E-20BE-43EF-8343-67D5922C3F31}\RP976\A0108236.DLL Win32/Toolbar.MyWebSearch potentially unwanted application cleaned by deleting - quarantined BRAD\Super User Event occurred during an attempt to access the file by the application: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe.
2/4/2012 5:58:41 PM Real-time file system protection file C:\SYSTEM VOLUME INFORMATION\_RESTORE{7323898E-20BE-43EF-8343-67D5922C3F31}\RP976\A0108234.DLL Win32/Toolbar.MyWebSearch potentially unwanted application cleaned by deleting - quarantined BRAD\Super User Event occurred during an attempt to access the file by the application: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Eset, malwarebytes, and superantispyware all come up with clean scans. Since having the dropper virus, Advance system care, Driver manager, Win Utilities and Secunia PSI have been installed. I tried to get the system restore to go back several times all the way to Jan 1, 2012. The operation would not complete. In fear of still haveing a virus I turned it off. Internet connection has been changed to gateway and computer is responding slow. Went to Gmer and downloaded program for results to come back with rootkit. Under processes in Gmer C:\windows\explorer.exe is highlighted in red along with C:\documents under libraries on the processes tab. I would appreciate any help at this point to diagnose and read logs. Thanks in advance.

Schmidts

OTL logfile created on: 2/7/2012 3:43:16 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Super User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.00 Mb Total Physical Memory | 458.60 Mb Available Physical Memory | 44.83% Memory free
2.40 Gb Paging File | 1.68 Gb Available in Paging File | 69.84% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114.48 Gb Total Space | 100.22 Gb Free Space | 87.54% Space Free | Partition Type: NTFS

Computer Name: BRAD | User Name: Super User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/07 15:42:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Super User\Desktop\OTL.exe
PRC - [2011/12/29 22:29:04 | 000,497,496 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2011/10/14 00:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/10/14 00:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011/09/22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011/07/16 22:21:04 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Super User\Local Settings\Temp\Temporary Directory 1 for gmer[1].zip\gmer.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/10 22:43:26 | 000,138,072 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll
MOD - [2011/07/16 22:21:04 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Super User\Local Settings\Temp\Temporary Directory 1 for gmer[1].zip\gmer.exe
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl


========== Win32 Services (SafeList) ==========

SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/12/29 22:29:04 | 000,497,496 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2011/10/14 00:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 00:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011/03/18 11:07:16 | 000,503,032 | ---- | M] (Atheros) [On_Demand | Stopped] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2010/04/16 09:03:12 | 000,386,424 | ---- | M] (SupportSoft, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (MEMSWEEP2)
DRV - [2012/02/07 05:31:08 | 000,024,064 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/09 14:24:52 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011/08/04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2011/08/04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011/03/11 18:08:58 | 001,963,936 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2010/09/01 02:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/09/30 19:22:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/03/16 23:19:42 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2008/03/06 10:51:14 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2006/07/05 04:33:24 | 000,472,000 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WPN311.sys -- (AR5211)
DRV - [2002/04/22 13:53:10 | 000,089,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1000nt5.sys -- (E1000) Intel®
DRV - [2001/08/17 12:53:32 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qv2kux.sys -- (QV2KUX)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kansascity.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Super User\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/02/04 16:00:02 | 000,000,000 | ---D | M]


Hosts file not found
O2 - BHO: (no name) - Disabled:{18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Lookup on Merriam Webster - Reg Error: Value error. File not found
O8 - Extra context menu item: Lookup on Wikipedia - Reg Error: Value error. File not found
O15 - HKCU\..Trusted Domains: bleepingcomputer.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: custhelp.com ([bigfishgames] https in Trusted sites)
O15 - HKCU\..Trusted Domains: dell.com ([support] http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} http://download.micr...helpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/...erInstaller.CAB (PogoWebLauncher Control)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (BitDefender QuickScan Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1247988086134 (WUWebControl Class)
O16 - DPF: {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/...t/Ode/pcd86.cab (Launcher Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1248215162875 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Amazing%20Adventures%20The%20Forgotten%20Dynasty/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{273248D6-34C0-464A-A62B-BA3959CE2614}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\Documents and Settings\Super User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Super User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/17 01:15:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/07 15:42:44 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Super User\Desktop\OTL.exe
[2012/02/07 06:17:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\My Documents\iColorFolder
[2012/02/07 06:13:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Start Menu\Programs\iColorFolder
[2012/02/07 06:00:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Super User\Desktop\Saved Web Sites
[2012/02/07 05:36:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Local Settings\Application Data\RepositoryManager
[2012/02/07 00:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2012/02/07 00:07:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sophos
[2012/02/06 20:49:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Super User\Desktop\Game Utilities
[2012/02/06 20:46:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Super User\Desktop\Scan Utilities
[2012/02/06 20:45:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Super User\Desktop\Purchased Games
[2012/02/06 08:43:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/02/06 08:43:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Repository Manager
[2012/02/06 08:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Start Menu\Programs\Dell Inc
[2012/02/06 08:43:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WinFast
[2012/02/06 08:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Jigsaws Galore
[2012/02/06 01:59:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\ElevatedDiagnostics
[2012/02/06 01:28:18 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/02/06 00:25:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/06 00:25:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Super User\My Documents\My Videos
[2012/02/06 00:25:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2012/02/05 19:30:37 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012/02/05 16:52:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\PCDr
[2012/02/05 03:01:38 | 000,000,000 | ---D | C] -- C:\Program Files\Jigsaws Galore
[2012/02/04 18:51:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Super User\Desktop\Autoruns
[2012/02/04 17:58:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\ESET
[2012/02/04 16:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET
[2012/02/04 11:11:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2012/02/04 09:32:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2012/02/04 06:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Doctor Web
[2012/02/04 06:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Doctor Web
[2012/02/04 06:19:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Local Settings\Application Data\Downloaded Installations
[2012/02/04 06:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\QuickScan
[2012/02/04 04:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/02/03 23:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2012/02/03 22:43:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Super User\My Documents\Unused Desktop Shortcuts
[2012/02/03 22:36:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Super User\Desktop\Software Lic's-KeyCodes
[2012/02/03 22:29:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Super User\Desktop\Set Ups.EXE's
[2012/02/03 21:27:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/02/03 19:31:57 | 000,000,000 | ---D | C] -- C:\Intel
[2012/02/02 18:33:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2012/02/01 23:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Game Booster 3
[2012/02/01 18:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MythPeople
[2012/02/01 04:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2012/02/01 04:44:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Local Settings\Application Data\PC_Drivers_Headquarters
[2012/02/01 04:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Manager
[2012/02/01 04:42:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Manager
[2012/02/01 04:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Manager
[2012/01/31 17:58:19 | 001,963,936 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\athw.sys
[2012/01/31 15:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinUtilities
[2012/01/31 15:23:55 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\WINDOWS\System32\wbocx.ocx
[2012/01/31 15:23:55 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll
[2012/01/31 15:23:54 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\WINDOWS\System32\anim.dll
[2012/01/31 15:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\WinUtilities
[2012/01/31 14:35:32 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2012/01/31 14:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2012/01/31 14:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\Heroes of Kalevala
[2012/01/31 14:24:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Heroes of Kalevala
[2012/01/31 12:26:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2012/01/31 12:26:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2012/01/31 12:26:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2012/01/31 12:23:03 | 000,021,336 | ---- | C] (IObit) -- C:\WINDOWS\System32\RegistryDefragBootTime.exe
[2012/01/31 11:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/01/31 11:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 5
[2012/01/31 11:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\IObit
[2012/01/31 11:38:29 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2012/01/31 11:20:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Super User\Recent
[2012/01/31 10:46:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\GetRightToGo
[2012/01/31 10:30:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Local Settings\Application Data\Secunia PSI
[2012/01/31 10:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2012/01/31 09:14:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\Malwarebytes
[2012/01/31 09:07:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/31 09:07:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/01/31 09:07:14 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/31 09:07:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/31 06:11:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012/01/31 04:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2012/01/31 04:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AtherosRangeMaxDriverCliUtil
[2012/01/31 04:15:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Options
[2012/01/31 04:14:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\Jigsaws Galore
[2012/01/30 20:55:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/01/30 20:46:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/01/30 17:37:20 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/01/30 17:37:20 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/01/30 17:36:58 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/01/30 17:36:57 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/01/30 17:36:32 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/01/30 17:36:32 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/01/30 17:36:26 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/01/30 17:36:17 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/01/30 17:36:06 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/01/30 17:36:06 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/01/30 17:36:06 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/01/30 17:36:03 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/01/30 17:36:02 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/01/30 17:36:01 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/01/30 17:36:00 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/01/30 17:35:55 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/01/30 17:35:52 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/01/30 17:35:52 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/01/30 17:35:51 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/01/30 17:35:44 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/01/30 17:35:40 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/01/30 17:35:39 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/01/30 17:35:38 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/01/30 17:35:34 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/01/30 17:35:33 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/01/30 17:35:33 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/01/30 17:35:33 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/01/30 17:35:32 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/01/30 17:35:32 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/01/30 17:35:25 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/01/30 17:35:23 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/01/30 17:35:23 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/01/30 17:35:22 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/01/30 17:35:20 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/01/30 17:35:20 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/01/30 17:35:15 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/01/30 17:35:14 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/01/30 17:35:06 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/01/30 17:35:05 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/01/30 17:35:05 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/01/30 17:35:04 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/01/30 17:35:01 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/01/30 17:34:53 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/01/30 17:22:55 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/01/30 17:22:54 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/01/30 17:22:54 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/01/30 17:22:53 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/01/30 17:22:53 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/01/30 17:22:42 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/01/30 17:22:42 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/01/30 17:22:41 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/01/30 17:22:40 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/01/30 17:22:31 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/01/30 17:22:31 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/01/30 17:22:30 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/01/30 17:22:30 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/01/30 17:21:40 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/01/30 17:21:38 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/01/30 17:21:38 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/01/30 17:21:33 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/01/30 17:21:33 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/01/30 17:21:33 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/01/30 17:21:32 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/01/30 17:21:32 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/01/30 17:21:32 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/01/30 17:21:31 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/01/30 17:21:31 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/01/30 17:21:31 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/01/30 17:21:29 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/01/30 17:21:29 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/01/30 17:21:27 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/01/30 17:21:26 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/01/30 17:21:21 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/01/30 17:21:17 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/01/30 17:21:17 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/01/30 17:21:16 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/01/30 17:20:42 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/01/30 17:20:41 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/01/30 17:20:34 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/01/30 17:20:33 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/01/30 17:20:33 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/01/30 17:20:28 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/01/30 17:20:08 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/01/30 17:20:07 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/01/30 17:20:06 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/01/30 17:20:06 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/01/30 17:19:59 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/01/30 17:19:58 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/01/30 17:19:58 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/01/30 17:19:57 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/01/30 17:19:45 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/01/30 17:19:33 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/01/30 17:19:32 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/01/30 17:19:30 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/01/30 17:19:26 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/01/30 17:19:26 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/01/30 17:19:22 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/01/30 17:19:22 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/01/30 17:19:22 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/01/30 17:19:21 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/01/30 17:19:21 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/01/30 17:19:21 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/01/30 17:19:19 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/01/30 17:19:19 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/01/30 17:19:19 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/01/30 17:19:18 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/01/30 17:19:18 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/01/30 17:18:48 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/01/30 17:18:30 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/01/30 17:18:18 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/01/30 17:18:17 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012/01/30 17:18:16 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/01/30 17:18:16 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/01/30 17:18:15 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/01/30 17:18:15 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/01/30 17:18:11 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/01/30 17:18:09 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/01/30 17:18:09 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/01/30 17:18:08 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/01/30 17:18:06 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/01/30 17:18:06 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/01/30 17:17:27 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/01/30 17:16:53 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/01/30 17:16:18 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/01/30 17:16:17 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/01/30 17:16:03 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/01/30 17:16:03 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/01/30 17:16:02 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/01/30 17:15:57 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/01/30 17:15:50 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/01/30 17:15:49 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/01/30 17:15:46 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/01/30 17:15:45 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/01/30 17:15:45 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/01/30 17:15:43 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/01/30 17:13:56 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/01/30 17:13:55 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/01/30 17:13:54 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/01/30 17:13:28 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/01/30 17:13:24 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/01/30 17:13:18 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/01/30 17:13:18 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/01/30 17:13:17 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/01/30 17:13:16 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/01/30 17:13:16 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/01/30 17:13:15 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/01/30 17:13:15 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/01/30 17:13:14 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/01/30 17:13:06 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/01/30 17:13:06 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/01/30 17:13:03 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/01/30 17:12:49 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/01/30 17:12:49 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/01/30 17:12:49 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/01/30 17:12:49 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/01/30 17:12:48 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/01/30 17:12:48 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/01/30 17:12:48 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/01/30 17:12:47 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/01/30 17:12:44 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/01/30 17:12:34 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/01/30 17:12:29 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/01/30 17:12:22 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/01/30 17:12:22 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/01/30 17:12:22 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/01/30 17:12:22 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/01/30 17:12:21 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/01/30 17:12:19 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/01/30 17:12:19 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/01/30 17:12:19 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/01/30 17:12:18 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/01/30 17:12:17 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/01/30 17:12:17 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/01/30 17:11:50 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/01/30 17:11:49 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/01/30 17:11:49 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/01/30 17:11:49 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/01/30 17:11:48 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/01/30 17:11:48 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/01/30 17:11:48 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/01/30 17:11:47 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/01/30 17:11:46 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/01/30 17:11:46 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/01/30 17:11:45 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/01/30 17:11:45 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/01/30 17:11:44 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/01/30 17:11:44 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/01/30 17:11:43 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/01/30 17:11:43 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/01/30 17:11:43 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/01/30 17:11:42 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/01/30 17:11:39 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/01/30 17:11:37 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/01/30 17:11:36 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/01/30 17:11:35 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/01/30 17:11:35 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/01/30 17:11:34 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/01/30 17:11:34 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/01/30 17:11:34 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/01/30 17:11:18 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/01/30 17:11:10 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/01/30 17:08:56 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/01/30 17:08:54 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/01/30 17:08:54 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/01/30 17:08:53 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/01/30 17:08:53 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/01/30 17:08:51 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/01/30 17:08:49 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/01/30 17:08:48 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/01/30 17:08:47 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/01/30 17:08:47 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/01/30 17:04:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Local Settings\Application Data\FreeFixer
[2012/01/30 17:04:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\FreeFixer
[2012/01/30 17:03:58 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFixer
[2012/01/30 16:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2012/01/30 15:48:43 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\wsimd.sys
[2012/01/30 15:48:42 | 001,273,088 | ---- | C] (Devicescape) -- C:\WINDOWS\System32\dsa.dll
[2012/01/30 15:48:42 | 000,426,097 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wgapi.dll
[2012/01/30 15:48:42 | 000,417,000 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapi.dll
[2012/01/30 15:48:42 | 000,339,200 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapiU.dll
[2012/01/30 15:48:42 | 000,314,624 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20U.dll
[2012/01/30 15:48:42 | 000,302,312 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20.dll
[2012/01/30 15:48:42 | 000,257,256 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsfwDS.dll
[2012/01/30 15:48:42 | 000,253,160 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.dll
[2012/01/30 15:48:42 | 000,130,312 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20resU.dll
[2012/01/30 15:48:42 | 000,130,288 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20res.dll
[2012/01/30 15:48:42 | 000,085,256 | ---- | C] (Devicescape, Inc.) -- C:\WINDOWS\System32\dsaNac.dll
[2012/01/30 15:48:42 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.sys
[2012/01/30 15:48:42 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2012/01/30 15:48:33 | 001,963,936 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athw.sys
[2012/01/30 15:30:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Atheros
[2012/01/30 15:30:39 | 000,000,000 | ---D | C] -- C:\Drivers
[2012/01/30 03:20:34 | 000,000,000 | ---D | C] -- C:\Program Files\bfgclient
[2012/01/29 04:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2012/01/29 03:02:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2012/01/29 02:28:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\My Documents\iWin
[2012/01/27 17:28:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\Fuzzy Bug Interactive
[2012/01/27 16:28:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\NevoSoft
[2012/01/27 14:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Saints and Sinners Bingo
[2012/01/27 14:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\Saints and Sinners Bingo
[2012/01/27 01:32:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\Dekovir
[2012/01/27 01:21:31 | 000,000,000 | ---D | C] -- C:\Program Files\Jewel Quest Solitaire II
[2012/01/25 04:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\MumboJumbo
[2012/01/25 03:49:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QB9 S.R.L
[2012/01/25 03:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\My Documents\Slingo Quest Amazon Documents
[2012/01/22 07:37:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\The Revills Games
[2012/01/22 03:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\My Documents\Solitaire Kingdom Supreme Documents
[2012/01/22 03:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\funkitron
[2012/01/21 23:04:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\My Documents\RUIN_Saves
[2012/01/20 18:15:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Grey Alien Games
[2012/01/20 18:05:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Fairway Solitaire
[2012/01/20 18:05:07 | 000,000,000 | ---D | C] -- C:\Program Files\Fairway Solitaire
[2012/01/14 17:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\Colibri Games
[2012/01/14 17:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Colibri Games
[2012/01/14 11:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\Application Data\Western Software Technologies
[2012/01/13 09:20:44 | 000,000,000 | ---D | C] -- C:\Program Files\Youdagames
[2012/01/13 09:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Youdagames
[2012/01/13 07:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HiddenSecretsNightmare
[2012/01/13 07:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2012/01/12 13:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Super User\My Documents\Big Fish Games
[2012/01/11 06:08:37 | 000,000,000 | ---D | C] -- C:\Program Files\iWin.com
[2012/01/11 06:07:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2012/01/10 21:52:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[8 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[210 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/07 15:42:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Super User\Desktop\OTL.exe
[2012/02/07 14:52:35 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{08B4F46C-FEEE-46AC-B219-71B298A45361}.job
[2012/02/07 13:53:37 | 000,000,409 | ---- | M] () -- C:\Documents and Settings\Super User\Desktop\File Describer.url
[2012/02/07 05:31:08 | 000,024,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2012/02/07 00:09:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/07 00:09:02 | 1072,762,880 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/06 20:39:11 | 000,000,046 | ---- | M] () -- C:\WINDOWS\System32\_WKERNEL.FRE
[2012/02/06 20:02:35 | 000,498,634 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/06 20:02:35 | 000,087,464 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/06 19:26:53 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/02/06 17:54:57 | 000,003,097 | ---- | M] () -- C:\Documents and Settings\Super User\My Documents\latest eset finds.xml
[2012/02/06 17:20:47 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\ASC5_AutoUpdate.job
[2012/02/06 06:03:37 | 000,138,056 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/06 02:05:19 | 000,002,052 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/02/06 02:04:47 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/05 19:25:42 | 000,000,434 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2012/02/05 18:26:30 | 006,525,440 | ---- | M] () -- C:\Documents and Settings\Super User\My Documents\Dell_Repository_Manager_1.3.124.msi
[2012/02/05 03:02:05 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2012/02/04 22:34:48 | 000,000,442 | ---- | M] () -- C:\WINDOWS\tasks\Wise Registry Cleaner Schedule Task.job
[2012/02/04 22:34:47 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/04 22:34:47 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/04 22:31:34 | 001,555,822 | ---- | M] () -- C:\Documents and Settings\Super User\My Documents\AutoRuns.arn
[2012/02/04 15:49:19 | 000,000,212 | -H-- | M] () -- C:\boot.ini
[2012/02/04 15:04:28 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\Super User\My Documents\1viruses.rtf
[2012/02/04 15:03:40 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\Super User\My Documents\viruses.rtf
[2012/02/04 07:58:53 | 000,000,067 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2012/02/04 06:05:50 | 000,180,008 | ---- | M] () -- C:\Documents and Settings\Super User\Local Settings\Application Data\census.cache
[2012/02/04 06:05:39 | 000,192,365 | ---- | M] () -- C:\Documents and Settings\Super User\Local Settings\Application Data\ars.cache
[2012/02/04 05:54:18 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Super User\Local Settings\Application Data\housecall.guid.cache
[2012/02/03 18:37:58 | 000,000,233 | ---- | M] () -- C:\Documents and Settings\Super User\My Documents\DellServTagExpSrvCode.rtf
[2012/02/01 22:44:23 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/02/01 22:44:18 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/02/01 22:44:18 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/02/01 03:17:55 | 000,180,660 | ---- | M] () -- C:\Documents and Settings\Super User\My Documents\Trojan-Dropper_Win32_Agent_albv - Securelist.mht
[2012/02/01 01:32:35 | 000,028,521 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\(0-28521)Blue hills.jpg
[2012/01/31 11:39:04 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Super User\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
[2012/01/31 11:23:25 | 000,010,642 | ---- | M] () -- C:\Documents and Settings\Super User\My Documents\cc_20120131_112321.reg
[2012/01/31 10:40:27 | 000,000,021 | ---- | M] () -- C:\WINDOWS\tpcsd
[2012/01/29 11:56:01 | 000,009,184 | ---- | M] () -- C:\Documents and Settings\Super User\My Documents\cc_20120129_115556.reg
[2012/01/29 11:07:33 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Super User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/27 14:26:45 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpE4DBF.FOT
[2012/01/27 14:26:44 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp7EBBF.FOT
[2012/01/26 13:51:52 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2012/01/12 13:18:50 | 000,000,300 | ---- | M] () -- C:\Documents and Settings\Super User\Desktop\U.S. Employees.url
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[210 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/07 01:15:04 | 000,000,409 | ---- | C] () -- C:\Documents and Settings\Super User\Desktop\File Describer.url
[2012/02/07 00:09:02 | 1072,762,880 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/06 19:26:53 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/02/06 17:54:57 | 000,003,097 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\latest eset finds.xml
[2012/02/06 02:05:19 | 000,002,052 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/02/05 18:26:15 | 006,525,440 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\Dell_Repository_Manager_1.3.124.msi
[2012/02/04 22:31:33 | 001,555,822 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\AutoRuns.arn
[2012/02/04 15:04:23 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\1viruses.rtf
[2012/02/04 15:03:40 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\viruses.rtf
[2012/02/04 06:40:06 | 000,000,067 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/02/04 06:05:50 | 000,180,008 | ---- | C] () -- C:\Documents and Settings\Super User\Local Settings\Application Data\census.cache
[2012/02/04 06:05:39 | 000,192,365 | ---- | C] () -- C:\Documents and Settings\Super User\Local Settings\Application Data\ars.cache
[2012/02/04 05:54:18 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Super User\Local Settings\Application Data\housecall.guid.cache
[2012/02/03 18:37:58 | 000,000,233 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\DellServTagExpSrvCode.rtf
[2012/02/02 17:19:40 | 000,180,660 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\Trojan-Dropper_Win32_Agent_albv - Securelist.mht
[2012/02/01 23:28:46 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\smoke odor control.url
[2012/02/01 22:29:48 | 000,000,302 | ---- | C] () -- C:\WINDOWS\tasks\ASC5_AutoUpdate.job
[2012/02/01 21:50:51 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2012/02/01 14:41:58 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/01 14:41:58 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/01 02:40:10 | 000,000,432 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{08B4F46C-FEEE-46AC-B219-71B298A45361}.job
[2012/02/01 01:32:26 | 000,028,521 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\(0-28521)Blue hills.jpg
[2012/01/31 17:53:24 | 000,000,491 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\Shortcut to Pics.lnk
[2012/01/31 15:35:07 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\_WKERNEL.FRE
[2012/01/31 15:23:54 | 000,000,439 | ---- | C] () -- C:\WINDOWS\System32\shfolder.inf
[2012/01/31 11:39:04 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\Super User\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
[2012/01/31 11:23:23 | 000,010,642 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\cc_20120131_112321.reg
[2012/01/31 10:51:51 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2012/01/31 10:40:27 | 000,000,021 | ---- | C] () -- C:\WINDOWS\tpcsd
[2012/01/30 17:37:19 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/01/30 17:37:18 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/01/30 17:20:30 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/01/30 17:20:29 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/01/30 17:18:53 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/01/30 17:16:18 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/01/30 17:16:17 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/01/30 17:16:16 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/01/30 17:16:15 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/01/30 17:16:14 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/01/30 17:13:17 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/01/30 17:13:17 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/01/30 17:13:16 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/01/30 17:11:28 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/01/30 17:11:28 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/01/30 17:11:28 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/01/30 17:11:27 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/01/30 17:11:27 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/01/30 17:11:27 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/01/30 17:11:26 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/01/30 17:11:26 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/01/30 17:11:25 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/01/30 17:11:21 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/01/30 15:49:10 | 000,265,456 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2012/01/30 15:48:42 | 000,042,475 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.cat
[2012/01/30 15:48:42 | 000,042,065 | ---- | C] () -- C:\WINDOWS\System32\wsimd.cat
[2012/01/30 15:48:42 | 000,005,361 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.inf
[2012/01/30 15:48:42 | 000,002,179 | ---- | C] () -- C:\WINDOWS\System32\wsimd.inf
[2012/01/30 15:48:33 | 000,241,757 | ---- | C] () -- C:\WINDOWS\System32\netathw.inf
[2012/01/30 15:48:33 | 000,061,008 | ---- | C] () -- C:\WINDOWS\System32\netathw.cat
[2012/01/30 03:20:45 | 000,001,584 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Game Manager.lnk
[2012/01/30 03:20:45 | 000,001,184 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\More Great Games.lnk
[2012/01/29 11:55:59 | 000,009,184 | ---- | C] () -- C:\Documents and Settings\Super User\My Documents\cc_20120129_115556.reg
[2012/01/29 11:07:34 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Super User\Start Menu\Programs\Outlook Express.lnk
[2012/01/27 14:26:45 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpE4DBF.FOT
[2012/01/27 14:26:44 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp7EBBF.FOT
[2012/01/26 13:51:52 | 000,000,000 | ---- | C] () -- C:\install.rdf
[2012/01/12 15:27:38 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/11/16 17:40:57 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011/08/12 17:49:39 | 000,000,456 | ---- | C] () -- C:\Program Files\0812201118493968.bat
[2011/08/09 11:54:22 | 000,000,458 | ---- | C] () -- C:\Program Files\0809201112542210.bat
[2011/08/02 17:10:33 | 000,000,461 | ---- | C] () -- C:\Program Files\0802201118103366.bat
[2011/07/11 17:57:27 | 021,022,914 | ---- | C] () -- C:\Program Files\VLC.exe
[2010/11/26 10:02:20 | 000,130,222 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1409082233-2139871995-682003330-1003-0.dat
[2010/11/21 19:07:23 | 000,130,222 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/07/20 11:27:22 | 000,158,828 | ---- | C] () -- C:\WINDOWS\hphins33.dat
[2010/07/20 11:27:22 | 000,000,586 | ---- | C] () -- C:\WINDOWS\hphmdl33.dat
[2010/06/30 08:15:50 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Super User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/17 09:28:57 | 000,209,010 | ---- | C] () -- C:\WINDOWS\System32\_003856_.tmp.dll
[2010/01/21 17:15:04 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2009/10/19 14:39:50 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/22 17:27:59 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009/07/21 05:08:34 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/07/19 07:40:36 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2007/10/19 11:21:13 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2007/10/17 01:17:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/10/17 01:13:01 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/10/16 20:04:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/10/16 20:03:53 | 000,138,056 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/12/04 10:57:38 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2004/08/03 19:07:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/02 08:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/03/31 06:00:00 | 000,498,634 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/03/31 06:00:00 | 000,087,464 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/03/31 06:00:00 | 000,021,116 | ---- | C] () -- C:\WINDOWS\System32\_003825_.tmp.dll
[2003/03/31 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/08/22 20:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/22 20:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/22 20:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/22 20:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/22 20:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/22 20:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/22 20:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== LOP Check ==========

[2011/09/17 14:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar
[2011/08/12 19:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2012/01/29 12:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2012/01/08 04:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avalon-Legends-Solitaire
[2011/12/31 18:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Awem
[2012/01/31 04:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2011/12/22 15:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\casualArts
[2011/09/17 20:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cateia Games
[2011/10/02 10:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2012/01/14 17:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Colibri Games
[2012/01/30 20:55:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/02/04 08:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Doctor Web
[2011/11/25 19:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DragonsEye Studios
[2012/02/01 04:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Manager
[2009/07/21 16:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2011/12/05 20:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elephant Games
[2012/01/29 04:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2012/02/04 09:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011/11/06 17:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2011/11/18 18:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Floodlight Games
[2012/01/11 00:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2012/01/31 04:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Funny Bear Studio
[2011/12/31 10:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameXzone
[2010/11/21 13:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Garmin
[2012/01/20 18:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grey Alien Games
[2012/01/13 07:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HiddenSecretsNightmare
[2011/11/20 19:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitPoint Studios
[2012/02/01 23:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/01/11 06:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2011/08/16 18:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2012/01/31 08:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/08/15 04:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MNYYLHRFYG
[2012/01/25 04:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2012/01/06 17:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\My Games
[2012/02/01 18:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MythPeople
[2011/11/06 17:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/12/22 21:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Odian Games
[2010/12/07 21:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2011/12/02 18:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/12/21 18:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2011/03/22 17:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayTime
[2012/01/25 03:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QB9 S.R.L
[2011/12/22 13:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rionix
[2010/01/18 12:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2012/01/15 02:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SugarGames
[2011/08/15 04:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SXYYLHRFYG
[2012/02/07 05:59:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/01/22 07:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Revills Games
[2012/02/01 04:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2011/08/15 04:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YLYYLHRFYG
[2012/01/13 09:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Youdagames
[2011/09/17 14:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Alawar
[2011/11/18 20:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Artifex Mundi
[2012/01/01 16:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Awem
[2011/11/23 21:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Az-Art
[2012/01/31 04:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Big Fish Games
[2011/11/20 19:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Boomzap
[2011/12/22 15:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\casualArts
[2011/11/16 17:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\CattaleGames
[2012/01/14 17:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Colibri Games
[2012/01/08 04:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Daedalic Entertainment
[2012/01/27 01:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Dekovir
[2011/08/29 18:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\DivoGames
[2011/11/25 19:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\DragonsEye Studios
[2009/07/21 16:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\DriverCure
[2011/12/22 21:47:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\EleFun Games
[2011/12/05 20:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Elephant Games
[2012/02/06 01:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\ElevatedDiagnostics
[2011/12/31 16:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\ERS G-Studio
[2011/12/02 18:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\ERS Game Studios
[2011/11/06 17:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Flood Light Games
[2011/11/18 18:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Floodlight Games
[2012/01/30 17:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\FreeFixer
[2011/12/16 20:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Friday's games
[2012/01/25 03:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\funkitron
[2012/01/27 17:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Fuzzy Bug Interactive
[2011/08/09 11:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Gaijin Ent
[2011/12/22 20:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\GameInvest
[2010/11/21 11:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\GARMIN
[2012/01/06 17:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\gemsweeperextractedgfx
[2012/01/31 10:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\GetRightToGo
[2012/01/08 03:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Harmonic Flow
[2011/11/20 19:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\HitPoint Studios
[2012/01/08 02:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\iMaxGen
[2012/02/05 02:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\IObit
[2012/01/27 01:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\iWin
[2011/12/17 09:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\JaiboGames
[2012/02/05 03:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Jigsaws Galore
[2011/12/27 17:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Lazy Turtle Games
[2011/08/16 18:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Merscom
[2011/10/09 21:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Monkey Barrel Games
[2012/01/25 04:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\MumboJumbo
[2012/01/27 16:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\NevoSoft
[2011/11/16 21:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Oberon Media
[2011/12/22 21:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Odian Games
[2011/11/09 18:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Orneon
[2010/12/07 20:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\ParetoLogic
[2012/02/06 08:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\PCDr
[2011/12/02 18:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\PlayFirst
[2011/11/19 23:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\playmink
[2011/08/16 17:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Pogo Games
[2012/02/04 06:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\QuickScan
[2011/09/19 19:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Sammsoft
[2011/11/23 21:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Skunk Studios
[2011/09/17 21:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\SpinTop
[2011/09/17 21:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\SpinTop Games
[2011/11/29 23:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\SulusGames
[2012/02/02 20:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Toolbar4
[2010/05/17 09:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Uniblue
[2010/07/14 14:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Unity
[2012/01/14 11:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Super User\Application Data\Western Software Technologies
[2012/02/06 17:20:47 | 000,000,302 | ---- | M] () -- C:\WINDOWS\Tasks\ASC5_AutoUpdate.job
[2012/02/07 14:52:35 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{08B4F46C-FEEE-46AC-B219-71B298A45361}.job
[2012/02/04 22:34:48 | 000,000,442 | ---- | M] () -- C:\WINDOWS\Tasks\Wise Registry Cleaner Schedule Task.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E636D62
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:28DB0DC4
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:09CD1DC6
@Alternate Data Stream - 252 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EB86F355
@Alternate Data Stream - 247 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:164561C8
@Alternate Data Stream - 246 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:639BB5E9
@Alternate Data Stream - 245 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E894A3ED
@Alternate Data Stream - 243 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A26AFC00
@Alternate Data Stream - 240 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93F3E4C9
@Alternate Data Stream - 240 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1604D047
@Alternate Data Stream - 239 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F5B51004
@Alternate Data Stream - 238 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E40D7F76
@Alternate Data Stream - 235 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D5CCCBAA
@Alternate Data Stream - 235 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AE75CCC8
@Alternate Data Stream - 235 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E200C29
@Alternate Data Stream - 232 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:160ADF0B
@Alternate Data Stream - 230 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AECF4772
@Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C820549A
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F72306CC
@Alternate Data Stream - 224 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:000D6A25
@Alternate Data Stream - 222 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BB8C675
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8C6D2EC3
@Alternate Data Stream - 219 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:678C1866
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A4AF8D0D
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D4BB0AD6
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B9555D8
@Alternate Data Stream - 214 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A9223B61
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BB7898D
@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:66AA0486
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3407BF66
@Alternate Data Stream - 203 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ABFEED8E
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:131C0EE9
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:69A6B28F
@Alternate Data Stream - 186 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ABD3B354
@Alternate Data Stream - 155 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:15C4429D
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5304CF6F
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5CD70138
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F9689B72
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9195103F
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D10517E
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E9D68B36
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2B0AAB4
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1BA9C8DC
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F610C203
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8DAF782
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:390B30B4
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD0A043E
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1095ECE1
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:09867A8B
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A76A1B1B
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4BB4F863
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CAF8DAC8
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2C86E2AD
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAA03B47
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9812B773
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:884C7316
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57B4E612
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:425759C6
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:67310058
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDD83DC4
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5AABC977
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:58E38390
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0968E571
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CB91C31
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89CC3B44
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:02CC0035
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E6537A16
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD23791F
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57B374AB
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:65C4D44A
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20EB6823
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BED8A204
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BA81121F
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D6EAEC3
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:85376176
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:06C34166
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3C9B05C4
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1901337E
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0588E665
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:800FE171
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7DC5D762
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2216A431
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5A437AC3
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5311B0B8
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CD3F344
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3BB7C79C
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F3AD1365
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B36361EE
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CA05B44
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:46CBC45C
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3606FCC
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ACCFA538
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:872B86AD
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B2BB690
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7631EA83
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E0EFF7B
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61FEC5E3
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC3A9923
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B4686D7
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5A15BCD4
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:58481C6F
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:14362DF8
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D4D3884D
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC83EA04
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1DD8718C
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9B285B76
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:853CCFC7
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AFC732F7
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:86148D88
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4911BB5C

< End of report >
OTL Extras logfile created on: 2/7/2012 3:43:16 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Super User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.00 Mb Total Physical Memory | 458.60 Mb Available Physical Memory | 44.83% Memory free
2.40 Gb Paging File | 1.68 Gb Available in Paging File | 69.84% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114.48 Gb Total Space | 100.22 Gb Free Space | 87.54% Space Free | Partition Type: NTFS

Computer Name: BRAD | User Name: Super User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Notepad] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\bfgclient\bfgclient.exe" = C:\Program Files\bfgclient\bfgclient.exe:*:Enabled:bfgclient -- ()
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes Anti-Malware -- (Malwarebytes Corporation)
"C:\Program Files\Secunia\PSI\psi.exe" = C:\Program Files\Secunia\PSI\psi.exe:*:Enabled:Secunia PSI -- (Secunia)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 29
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2CD0168D-FBBC-4667-8810-105CB6EC6348}" = HP Deskjet D1600 Printer Driver Software 13.0 Rel .6
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5727583F-3530-45FD-B09E-7E1CB6C135AD}" = DJ_SF_06_D1600_SW_Min
"{672D8979-3408-4C85-AD41-4F3751F3D4A1}" = Atheros Client Installation Program
"{686695ED-BB3F-415D-B0DB-18CF535F7B50}" = Driver Manager
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{838EE104-F895-4E43-9CBD-60FB4292A1B8}" = Dell Repository Manager
"{8537ABE9-DCE4-4149-A0B4-9926E449AD01}" = ESET NOD32 Antivirus
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901C0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB938897-211A-4999-9749-236D2E8E464A}" = NETGEAR WPN311 Wireless Adapter
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7DACB79-D0BE-477B-B63F-4BBF33F39B7A}" = TWC Client ActiveX Controls
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EAE8CF06-28CA-4213-839C-A32817A47E00}" = D1600
"{F69FD33C-8815-46BF-9134-A643DE68F3C0}" = WinFast® Display Driver
"{FC274982-5AAD-4C20-848D-4424A5043010}_is1" = WinUtilities 10.41 Free Edition
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Belarc Advisor" = Belarc Advisor 8.1
"BFG-Avalon Legends Solitaire" = Avalon Legends Solitaire
"BFGC" = Big Fish Games: Game Manager
"BFG-Fairway Solitaire" = Fairway Solitaire
"BFG-Heroes of Kalevala" = Heroes of Kalevala
"BFG-Jigsaws Galore" = Jigsaws Galore
"BFG-Saints and Sinners Bingo" = Saints and Sinners Bingo
"CCleaner" = CCleaner
"Cisco Connect" = Cisco Connect
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ESET Online Scanner" = ESET Online Scanner v3
"Game Booster_is1" = Game Booster 3
"iColorFolder" = iColorFolder
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{AB938897-211A-4999-9749-236D2E8E464A}" = NETGEAR WPN311 Wireless Adapter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"OpenAL" = OpenAL
"PROSet" = Intel® PRO Ethernet Adapter and Software
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"ShoppingList_is1" = Shopping List 2.2.7.1
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.20
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VLC media player 1.1.11
"VLC Media Player_is1" = VLC Media Player
"Watch Football TV" = Watch Football TV

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bd4d3a0508d364f5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/2/2012 11:48:50 PM | Computer Name = BRAD | Source = McLogEvent | ID = 5046
Description =

Error - 2/3/2012 12:32:24 AM | Computer Name = BRAD | Source = McLogEvent | ID = 5046
Description =

Error - 2/3/2012 1:53:10 PM | Computer Name = BRAD | Source = McLogEvent | ID = 5046
Description =

Error - 2/4/2012 4:17:35 AM | Computer Name = BRAD | Source = McLogEvent | ID = 5046
Description =

Error - 2/4/2012 5:34:46 AM | Computer Name = BRAD | Source = McLogEvent | ID = 5046
Description =

Error - 2/4/2012 11:51:18 PM | Computer Name = BRAD | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\1d13e.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 2/4/2012 11:51:34 PM | Computer Name = BRAD | Source = MsiInstaller | ID = 1008
Description = The installation of C:\WINDOWS\Installer\1d13e.msi is not permitted
due to an error in software restriction policy processing. The object cannot be
trusted.

Error - 2/5/2012 4:49:47 AM | Computer Name = BRAD | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x0305038d.

Error - 2/6/2012 4:05:19 AM | Computer Name = BRAD | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF0A Description:Microsoft Security Essentials installation
was canceled. You canceled the Security Essentials installation on your computer.
Error code:0x8004FF0A.

Error - 2/6/2012 4:05:21 AM | Computer Name = BRAD | Source = Microsoft Security Client | ID = 5000
Description =

[ Doctor Web Events ]
Error - 2/4/2012 11:27:34 AM | Computer Name = BRAD | Source = Dr.Web Engine | ID = 5016
Description =

[ System Events ]
Error - 2/7/2012 1:38:38 AM | Computer Name = BRAD | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
BANTExt ehdrv Fips intelppm SASDIFSV SASKUTIL SpiderG3

Error - 2/7/2012 2:08:23 AM | Computer Name = BRAD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2/7/2012 2:10:06 AM | Computer Name = BRAD | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SpiderG3

Error - 2/7/2012 4:28:32 AM | Computer Name = BRAD | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 2/7/2012 5:29:34 AM | Computer Name = BRAD | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 2/7/2012 5:29:35 AM | Computer Name = BRAD | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 2/7/2012 5:29:36 AM | Computer Name = BRAD | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 2/7/2012 1:49:52 PM | Computer Name = BRAD | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 2/7/2012 1:49:52 PM | Computer Name = BRAD | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 2/7/2012 1:56:42 PM | Computer Name = BRAD | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP