Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

TROJAN PARTY IN MY PC, CD DRIVE WONT WORK! HELPPP

Started by TigerLily78 , Jun 24 2012 04:06 AM

  • Please log in to reply

#1
TigerLily78
Posted 24 June 2012 - 04:06 AM

TigerLily78

    New Member

  • Member
  • Pip
  • 1 posts
GOOD DAY TO ALL!

PLEASE HELP ME... :( :help: :surrender:
WOULD APPRECIATE YOUR PROMPT RESPONSE AND KIND ASSISTANCE!


D:\Documents and Settings\Mom Dave Tam\Application Data\3.exe (Trojan.Downloader)

Even when I quarantine this, Malwarebytes just keeps popping up boxes to ask about a next one...3.exe goes up to even 72.exe and so on. Or 3A.exe


From Superspyware: (AZAPAPA) Trojan.Agent/Gen-Autorun[Swisyn]
Few weeks ago before I used Combofix, PC had so much trojans.

I had 2 hard disk on initially, but the craziness began when I tried to plug my PC on a powerboard (extension cord) that was turned on. It kinda sparked a bit and when i tried it again, it couldnt locate my Windows. So I tried to reformat one HD just to get a clean start. I mustve used a CD with the Trojan already in it for Windows XP. Since then I could not access my other hard disks without this particular HD where I first installed the XP. Now I have 2 of 3 HD with Windows and have to choose between the 2 at every start up.
Sadly, I cannot access my other HD (important files stored), and my CD drives cant be read when I try to pop a cd in. Even if it is detected at start up.


Its driving me insane :(

==================================
FROM OTL

OTL logfile created on: 6/24/2012 5:38:29 PM - Run 1
OTL by OldTimer - Version 3.2.50.0 Folder = D:\Documents and Settings\Mom Dave Tam\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.30 Mb Total Physical Memory | 404.68 Mb Available Physical Memory | 39.55% Memory free
2.40 Gb Paging File | 1.58 Gb Available in Paging File | 65.69% Paging File free
Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 37.30 Gb Total Space | 5.71 Gb Free Space | 15.30% Space Free | Partition Type: NTFS
Drive D: | 37.30 Gb Total Space | 28.90 Gb Free Space | 77.48% Space Free | Partition Type: NTFS
Drive F: | 19.02 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 1.86 Gb Total Space | 0.12 Gb Free Space | 6.36% Space Free | Partition Type: FAT

Computer Name: ALL-9894982D403 | User Name: Mom Dave Tam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/24 17:18:28 | 000,596,992 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Mom Dave Tam\Desktop\OTL.com
PRC - [2012/06/24 17:17:30 | 000,098,952 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\24.exe
PRC - [2012/06/17 12:11:05 | 000,913,888 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/06/16 14:38:04 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- D:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/06/15 05:50:40 | 000,536,576 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\Sun Broadband Wireless.exe
PRC - [2012/06/12 00:26:06 | 003,905,408 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/12 07:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- D:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010/05/08 19:48:36 | 000,229,376 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/08/09 15:48:40 | 000,528,384 | R--- | M] (VIA Technologies, Inc.) -- D:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
PRC - [2007/02/08 01:12:48 | 000,488,984 | ---- | M] (Logitech Inc.) -- D:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/02/06 17:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) -- d:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2006/04/01 10:45:16 | 001,253,448 | ---- | M] () -- D:\Program Files\rnamfler\naomf.exe
PRC - [2006/04/01 10:45:16 | 000,167,936 | ---- | M] () -- d:\Program Files\rnamfler\radprcmp.exe
PRC - [2006/04/01 10:45:16 | 000,055,296 | ---- | M] () -- D:\Program Files\rnamfler\naofsvc.exe
PRC - [2004/08/04 12:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/24 17:17:30 | 000,098,952 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\24.exe
MOD - [2012/06/24 17:01:28 | 000,052,736 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/06/24 17:01:27 | 000,065,024 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/06/17 12:11:03 | 002,042,848 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/06/16 14:01:48 | 009,459,912 | ---- | M] () -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2012/06/16 06:59:27 | 000,117,760 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/06/16 06:59:27 | 000,052,224 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012/06/15 05:50:40 | 000,536,576 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\Sun Broadband Wireless.exe
MOD - [2010/05/08 19:48:36 | 000,229,376 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
MOD - [2009/12/15 17:39:02 | 000,991,232 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\NDISAPI.dll
MOD - [2009/12/15 17:39:02 | 000,598,016 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\atcomm.dll
MOD - [2009/12/15 17:39:02 | 000,229,376 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\DeviceMgrUIPlugin.dll
MOD - [2009/12/15 17:39:02 | 000,167,936 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\DetectDev.dll
MOD - [2009/12/15 17:39:02 | 000,163,840 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\SMSPlugin.dll
MOD - [2009/12/15 17:39:02 | 000,151,552 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\NetInfoPlugin.dll
MOD - [2009/12/15 17:39:02 | 000,143,360 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\LocaleMgrPlugin.dll
MOD - [2009/12/15 17:39:02 | 000,114,688 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\DeviceMgrPlugin.dll
MOD - [2009/12/15 17:39:02 | 000,090,112 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\FileManager.dll
MOD - [2009/12/15 17:39:02 | 000,090,112 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\DialUpPlugin.dll
MOD - [2009/12/15 17:39:02 | 000,073,728 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\CallPlugin.dll
MOD - [2009/12/15 17:39:02 | 000,061,440 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\XCodec.dll
MOD - [2009/12/15 17:39:02 | 000,061,440 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\DeviceOperate.dll
MOD - [2009/12/15 17:39:02 | 000,061,440 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\ConfigFilePlugin.dll
MOD - [2009/12/15 17:39:02 | 000,032,768 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\NotifyServicePlugin.dll
MOD - [2009/12/15 17:39:02 | 000,014,848 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\isaputrace.dll
MOD - [2006/04/01 10:45:16 | 001,253,448 | ---- | M] () -- D:\Program Files\rnamfler\naomf.exe
MOD - [2006/04/01 10:45:16 | 000,167,936 | ---- | M] () -- d:\Program Files\rnamfler\radprcmp.exe
MOD - [2006/04/01 10:45:16 | 000,062,976 | ---- | M] () -- D:\Program Files\rnamfler\radhslib.dll
MOD - [2006/04/01 10:45:16 | 000,055,296 | ---- | M] () -- D:\Program Files\rnamfler\naofsvc.exe
MOD - [2006/04/01 10:45:16 | 000,047,104 | ---- | M] () -- D:\Program Files\rnamfler\radprlib.dll
MOD - [2004/08/04 12:56:44 | 000,059,904 | ---- | M] () -- D:\WINDOWS\system32\devenum.dll
MOD - [2004/08/04 12:56:44 | 000,014,336 | ---- | M] () -- D:\WINDOWS\system32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/06/17 12:11:04 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/12 07:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010/05/08 19:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- D:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/02/06 17:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- D:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/02/06 17:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Running] -- d:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2006/04/01 10:45:16 | 000,055,296 | ---- | M] () [Auto | Running] -- D:\Program Files\rnamfler\naofsvc.exe -- (RdnaoFlSvc)
SRV - [2004/08/04 09:26:48 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/06/24 16:51:28 | 000,054,016 | ---- | M] () [Kernel | Boot | Unknown] -- D:\WINDOWS\system32\drivers\sxbjubrc.sys -- (rlwkylc)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/23 00:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/13 05:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/06/01 14:07:00 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010/05/22 14:48:20 | 000,070,656 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010/03/25 10:08:30 | 000,105,728 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/03/20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2007/06/27 14:42:00 | 000,207,488 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2007/02/06 17:45:04 | 000,025,632 | ---- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/02/06 17:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/02/06 17:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/02/03 10:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/02/03 10:27:28 | 000,938,272 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2007/02/03 10:27:16 | 000,014,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2005/01/15 08:25:36 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...r=&d=&v=&sap=hp
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: D:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: D:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/16 14:38:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012/06/17 12:11:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins

[2012/06/16 06:23:06 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Mom Dave Tam\Application Data\Mozilla\Extensions
[2012/06/17 12:15:32 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Mom Dave Tam\Application Data\Mozilla\Firefox\Profiles\1eicrf2k.default\extensions
[2012/06/16 06:12:35 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2012/06/17 12:11:05 | 000,085,472 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/16 07:23:24 | 000,003,750 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/06/01 23:39:16 | 000,002,252 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/01 23:39:16 | 000,002,040 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = D:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = D:\Documents and Settings\Mom Dave Tam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = D:\Documents and Settings\Mom Dave Tam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = D:\Documents and Settings\Mom Dave Tam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = D:\Documents and Settings\Mom Dave Tam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2002/08/30 00:00:00 | 000,000,734 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AudioDeck] D:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] D:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] D:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] D:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [wrna3ls] D:\Program Files\rnamfler\naomf.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] D:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 202.138.128.50 202.138.128.54
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A91EC04-2E8D-40CC-8C93-D1729D04E6DF}: DhcpNameServer = 202.138.128.50 202.138.128.54
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/17 22:02:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/05/09 11:48:36 | 000,126,976 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/09/20 17:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/06/14 10:26:38 | 000,000,024 | ---- | M] () - H:\autorun.txt -- [ FAT ]
O32 - AutoRun File - [2012/05/27 22:08:16 | 000,000,000 | ---D | M] - H:\autorun.inf -- [ FAT ]
O33 - MountPoints2\{5e66e69c-728b-11e0-a9fc-00142ab99958}\Shell - "" = AutoRun
O33 - MountPoints2\{5e66e69c-728b-11e0-a9fc-00142ab99958}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5e66e69c-728b-11e0-a9fc-00142ab99958}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b98f423c-73f6-11e0-aa00-00142ab99958}\Shell - "" = AutoRun
O33 - MountPoints2\{b98f423c-73f6-11e0-aa00-00142ab99958}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b98f423c-73f6-11e0-aa00-00142ab99958}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/05/09 11:48:36 | 000,126,976 | R--- | M] ()
O33 - MountPoints2\{c42874a8-8628-11e1-a5bb-00142ab99958}\Shell - "" = AutoRun
O33 - MountPoints2\{c42874a8-8628-11e1-a5bb-00142ab99958}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c42874a8-8628-11e1-a5bb-00142ab99958}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/24 17:43:46 | 000,046,080 | ---- | C] (SiaSoft) -- D:\Documents and Settings\Mom Dave Tam\Application Data\3B.exe
[2012/06/24 17:19:23 | 000,596,992 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Mom Dave Tam\Desktop\OTL.com
[2012/06/24 16:41:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2012/06/23 23:14:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\My Documents\mrs-fields.franchise.1995.12.23_files
[2012/06/23 23:13:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\My Documents\tgif.franchise_files
[2012/06/23 15:49:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Wildfire
[2012/06/23 15:49:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Start Menu\Programs\GameHouse
[2012/06/23 15:49:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\GameHouse
[2012/06/23 15:48:56 | 000,000,000 | ---D | C] -- D:\Program Files\GameHouse
[2012/06/23 15:30:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\PopCapY
[2012/06/23 15:30:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\PopCap Games
[2012/06/23 15:29:50 | 000,000,000 | ---D | C] -- D:\Program Files\PopCap Games
[2012/06/23 14:52:05 | 000,000,000 | RH-D | C] -- D:\Program Files\rnamfler
[2012/06/17 22:23:17 | 000,000,000 | --SD | C] -- D:\ComboFix
[2012/06/17 13:58:13 | 000,000,000 | ---D | C] -- D:\ComboFix(2)
[2012/06/17 12:23:13 | 000,518,144 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWREG.exe
[2012/06/17 12:23:13 | 000,406,528 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWSC.exe
[2012/06/17 12:23:13 | 000,212,480 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWXCACLS.exe
[2012/06/17 12:23:13 | 000,060,416 | ---- | C] (NirSoft) -- D:\WINDOWS\NIRCMD.exe
[2012/06/17 12:22:57 | 000,000,000 | ---D | C] -- D:\Qoobox
[2012/06/17 12:22:53 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Mom Dave Tam\Start Menu\Programs\Administrative Tools
[2012/06/17 12:22:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\erdnt
[2012/06/17 12:13:10 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Mom Dave Tam\My Documents\Dropbox
[2012/06/17 11:51:57 | 004,560,591 | R--- | C] (Swearware) -- D:\Documents and Settings\Mom Dave Tam\Desktop\ComboFix.exe
[2012/06/16 14:38:24 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\xing shared
[2012/06/16 14:38:13 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- D:\WINDOWS\System32\rmoc3260.dll
[2012/06/16 14:38:06 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- D:\WINDOWS\System32\pndx5016.dll
[2012/06/16 14:38:06 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- D:\WINDOWS\System32\pndx5032.dll
[2012/06/16 14:38:05 | 000,272,896 | ---- | C] (Progressive Networks) -- D:\WINDOWS\System32\pncrt.dll
[2012/06/16 14:38:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks
[2012/06/16 14:37:59 | 000,000,000 | ---D | C] -- D:\Program Files\Real
[2012/06/16 14:37:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Real
[2012/06/16 14:37:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Real
[2012/06/16 14:23:30 | 000,000,000 | ---D | C] -- D:\Program Files\Dropbox
[2012/06/16 14:23:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Start Menu\Programs\Dropbox
[2012/06/16 14:22:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Local Settings\Application Data\WinZip
[2012/06/16 14:17:32 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Mom Dave Tam\Recent
[2012/06/16 14:16:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Dropbox
[2012/06/16 14:11:45 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2012/06/16 13:45:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\WinZip
[2012/06/16 13:45:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\WinZip
[2012/06/16 13:45:16 | 000,000,000 | ---D | C] -- D:\Program Files\WinZip
[2012/06/16 11:11:57 | 000,000,000 | ---D | C] -- D:\Program Files\Noel Danjou
[2012/06/16 11:05:18 | 000,000,000 | ---D | C] -- D:\Praise
[2012/06/16 11:00:00 | 000,000,000 | ---D | C] -- D:\Fulton Sheen
[2012/06/16 07:26:02 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Mom Dave Tam\My Documents\My Videos
[2012/06/16 07:23:27 | 000,000,000 | ---D | C] -- D:\Program Files\AVG Secure Search
[2012/06/16 07:10:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2012/06/16 07:08:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Malwarebytes
[2012/06/16 07:08:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/16 07:08:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/06/16 07:08:20 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2012/06/16 07:08:19 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware
[2012/06/16 06:59:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Local Settings\Application Data\Temp
[2012/06/16 06:59:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2012/06/16 06:58:38 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\SUPERAntiSpyware.com
[2012/06/16 06:58:38 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Local Settings\Application Data\Google
[2012/06/16 06:58:36 | 000,000,000 | ---D | C] -- D:\Program Files\Google
[2012/06/16 06:58:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/06/16 06:58:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/06/16 06:58:14 | 000,000,000 | ---D | C] -- D:\Program Files\SUPERAntiSpyware
[2012/06/16 06:54:19 | 000,938,272 | ---- | C] (Logitech Inc.) -- D:\WINDOWS\System32\drivers\LV302V32.SYS
[2012/06/16 06:54:19 | 000,527,136 | ---- | C] (Logitech Inc.) -- D:\WINDOWS\System32\LVUI2RC.dll
[2012/06/16 06:54:19 | 000,348,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\msvcr71.dll
[2012/06/16 06:54:19 | 000,264,992 | ---- | C] (Logitech Inc.) -- D:\WINDOWS\System32\lvcodec2.dll
[2012/06/16 06:54:18 | 000,215,840 | ---- | C] (Logitech Inc.) -- D:\WINDOWS\System32\LVUI2.dll
[2012/06/16 06:54:18 | 000,129,824 | ---- | C] (Logitech Inc.) -- D:\WINDOWS\System32\lvci1051.dll
[2012/06/16 06:54:18 | 000,041,504 | ---- | C] (Logitech Inc.) -- D:\WINDOWS\System32\drivers\LVUSBSta.sys
[2012/06/16 06:54:18 | 000,014,240 | ---- | C] (Logitech Inc.) -- D:\WINDOWS\System32\drivers\lv302af.sys
[2012/06/16 06:53:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2012/06/16 06:53:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Logishrd
[2012/06/16 06:53:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Logitech
[2012/06/16 06:52:55 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\LogiShrd
[2012/06/16 06:45:52 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2012/06/16 06:45:08 | 000,000,000 | ---D | C] -- D:\Program Files\Logitech
[2012/06/16 06:42:54 | 000,000,000 | ---D | C] -- D:\Movies
[2012/06/16 06:42:00 | 000,000,000 | ---D | C] -- D:\OneNote Notebooks
[2012/06/16 06:26:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\My Documents\Downloads
[2012/06/16 06:23:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Local Settings\Application Data\Mozilla
[2012/06/16 06:23:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Mozilla
[2012/06/16 06:18:18 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2012/06/16 06:12:37 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Maintenance Service
[2012/06/16 06:12:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Mozilla
[2012/06/16 06:12:32 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Firefox
[2012/06/15 23:25:18 | 016,574,016 | ---- | C] (Mozilla) -- D:\Documents and Settings\Mom Dave Tam\Desktop\Firefox Setup 13.0.exe
[2012/06/15 21:48:40 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Mom Dave Tam\UserData
[2012/06/15 21:46:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Macromedia
[2012/06/15 21:46:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Adobe
[2012/06/15 21:43:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2012/06/15 21:43:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Yahoo!
[2012/06/15 21:43:10 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/15 21:43:10 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/15 21:42:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2012/06/15 21:42:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Yahoo!
[2012/06/15 21:20:29 | 000,000,000 | ---D | C] -- D:\Program Files\Yahoo!
[2012/06/15 21:19:52 | 000,439,304 | ---- | C] (Yahoo! Inc.) -- D:\Documents and Settings\Mom Dave Tam\Desktop\msgr11ph.exe
[2012/06/15 21:18:52 | 000,000,000 | ---D | C] -- D:\Program Files\InstallShield Installation Information
[2012/06/15 21:16:54 | 000,207,488 | R--- | C] (VIA Technologies, Inc.) -- D:\WINDOWS\System32\drivers\vinyl97.sys
[2012/06/15 21:16:35 | 000,331,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\difxapi.dll
[2012/06/15 21:16:35 | 000,000,000 | ---D | C] -- D:\Program Files\VIA
[2012/06/15 21:16:26 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2012/06/15 21:16:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\My Documents\vinyl_v700b
[2012/06/15 21:12:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Skype
[2012/06/15 21:12:37 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Skype
[2012/06/15 21:12:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/06/15 21:12:36 | 000,000,000 | R--D | C] -- D:\Program Files\Skype
[2012/06/15 21:11:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Skype
[2012/06/15 20:56:33 | 000,946,352 | ---- | C] (Skype Technologies S.A.) -- D:\Documents and Settings\Mom Dave Tam\Desktop\SkypeSetup.exe
[2012/06/15 13:21:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ipsink.ax
[2012/06/15 13:20:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wshirda.dll
[2012/06/15 13:20:35 | 000,152,576 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\irftp.exe
[2012/06/15 13:20:21 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2012/06/15 13:19:36 | 000,090,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kswdmcap.ax
[2012/06/15 13:19:36 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\vfwwdm32.dll
[2012/06/15 13:19:36 | 000,043,008 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ksxbar.ax
[2012/06/15 13:19:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\vidcap.ax
[2012/06/15 13:19:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kstvtune.ax
[2012/06/15 13:19:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dshowext.ax
[2012/06/15 13:18:51 | 000,145,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\drivers\portcls.sys
[2012/06/15 13:18:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ksuser.dll
[2012/06/15 13:18:50 | 000,130,048 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ksproxy.ax
[2012/06/15 13:18:50 | 000,060,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\drivers\drmk.sys
[2012/06/15 13:18:12 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- D:\WINDOWS\System32\ati3duag.dll
[2012/06/15 13:18:12 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- D:\WINDOWS\System32\ati3d1ag.dll
[2012/06/15 13:18:12 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\drivers\ati2mtag.sys
[2012/06/15 13:18:12 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- D:\WINDOWS\System32\ativvaxx.dll
[2012/06/15 13:18:12 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\ati2cqag.dll
[2012/06/15 13:18:12 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\ati2dvag.dll
[2012/06/15 13:17:34 | 000,086,016 | ---- | C] (Conexant) -- D:\WINDOWS\System32\mdmxsdk.dll
[2012/06/15 13:17:34 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- D:\WINDOWS\System32\HSFCISP2.dll
[2012/06/15 13:17:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\usbui.dll
[2012/06/15 13:15:52 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer
[2012/06/15 13:15:51 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC
[2012/06/15 13:15:48 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines
[2012/06/15 13:15:47 | 000,000,000 | R--D | C] -- D:\Program Files
[2012/06/15 13:15:47 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared
[2012/06/15 13:15:47 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files
[2012/06/15 13:15:45 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdtuq.dll
[2012/06/15 13:15:45 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdtuf.dll
[2012/06/15 13:15:45 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdazel.dll
[2012/06/15 13:15:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdycc.dll
[2012/06/15 13:15:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbduzb.dll
[2012/06/15 13:15:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdur.dll
[2012/06/15 13:15:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdtat.dll
[2012/06/15 13:15:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdru1.dll
[2012/06/15 13:15:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdru.dll
[2012/06/15 13:15:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdmon.dll
[2012/06/15 13:15:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdkyr.dll
[2012/06/15 13:15:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdkaz.dll
[2012/06/15 13:15:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdaze.dll
[2012/06/15 13:15:43 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdbu.dll
[2012/06/15 13:15:43 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdblr.dll
[2012/06/15 13:15:42 | 000,008,192 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhept.dll
[2012/06/15 13:15:42 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhela3.dll
[2012/06/15 13:15:42 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhela2.dll
[2012/06/15 13:15:42 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdgkl.dll
[2012/06/15 13:15:42 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhe319.dll
[2012/06/15 13:15:42 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhe220.dll
[2012/06/15 13:15:42 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhe.dll
[2012/06/15 13:15:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlv1.dll
[2012/06/15 13:15:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlv.dll
[2012/06/15 13:15:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdest.dll
[2012/06/15 13:15:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlt1.dll
[2012/06/15 13:15:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdlt.dll
[2012/06/15 13:15:39 | 000,007,168 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcz.dll
[2012/06/15 13:15:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdycl.dll
[2012/06/15 13:15:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdsl1.dll
[2012/06/15 13:15:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdsl.dll
[2012/06/15 13:15:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdpl.dll
[2012/06/15 13:15:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhu.dll
[2012/06/15 13:15:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcz2.dll
[2012/06/15 13:15:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcz1.dll
[2012/06/15 13:15:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdcr.dll
[2012/06/15 13:15:39 | 000,006,656 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\KBDAL.DLL
[2012/06/15 13:15:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdro.dll
[2012/06/15 13:15:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdpl1.dll
[2012/06/15 13:15:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\kbdhu1.dll
[2012/06/15 13:15:34 | 000,176,157 | ---- | C] (Digi International, Inc.) -- D:\WINDOWS\System32\dgrpsetu.dll
[2012/06/15 13:15:34 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- D:\WINDOWS\System32\EqnClass.Dll
[2012/06/15 13:15:34 | 000,085,020 | ---- | C] (Digi International) -- D:\WINDOWS\System32\dgsetup.dll
[2012/06/15 13:15:34 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\spxcoins.dll
[2012/06/15 13:15:34 | 000,013,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\WFWNET.DRV
[2012/06/15 13:15:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\irclass.dll
[2012/06/15 13:15:34 | 000,002,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\VGA.DRV
[2012/06/15 13:15:33 | 000,126,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MSVIDEO.DLL
[2012/06/15 13:15:33 | 000,082,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\OLECLI.DLL
[2012/06/15 13:15:33 | 000,073,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MCIAVI.DRV
[2012/06/15 13:15:33 | 000,028,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MCIWAVE.DRV
[2012/06/15 13:15:33 | 000,025,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MCISEQ.DRV
[2012/06/15 13:15:33 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\OLESVR.DLL
[2012/06/15 13:15:33 | 000,019,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\TAPI.DLL
[2012/06/15 13:15:33 | 000,009,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\LZEXPAND.DLL
[2012/06/15 13:15:33 | 000,009,008 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\VER.DLL
[2012/06/15 13:15:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\SHELL.DLL
[2012/06/15 13:15:33 | 000,004,048 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\TIMER.DRV
[2012/06/15 13:15:33 | 000,003,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\SYSTEM.DRV
[2012/06/15 13:15:33 | 000,002,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MOUSE.DRV
[2012/06/15 13:15:33 | 000,002,000 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\KEYBOARD.DRV
[2012/06/15 13:15:33 | 000,001,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\SOUND.DRV
[2012/06/15 13:15:33 | 000,001,152 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MMTASK.TSK
[2012/06/15 13:15:32 | 000,146,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\WINSPOOL.DRV
[2012/06/15 13:15:32 | 000,109,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\AVIFILE.DLL
[2012/06/15 13:15:32 | 000,069,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\AVICAP.DLL
[2012/06/15 13:15:32 | 000,032,816 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\COMMDLG.DLL
[2012/06/15 13:15:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\TASKMAN.EXE
[2012/06/15 13:15:32 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\batt.dll
[2012/06/15 13:15:31 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\storprop.dll
[2012/06/15 13:15:31 | 000,068,768 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System\MMSYSTEM.DLL
[2012/06/15 13:15:21 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2012/06/15 13:15:21 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Start Menu
[2012/06/15 13:15:21 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents
[2012/06/15 13:15:21 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Templates
[2012/06/15 13:15:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Favorites
[2012/06/15 13:15:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Desktop
[2012/06/15 13:15:05 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2
[2012/06/15 13:15:05 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot
[2012/06/15 13:14:59 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users\Application Data\Microsoft
[2012/06/15 13:14:59 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users\Application Data
[2012/06/15 13:14:37 | 000,000,000 | -HSD | C] -- D:\System Volume Information
[2012/06/15 13:14:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings
[2012/06/15 13:09:42 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts
[2012/06/15 13:09:42 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web
[2012/06/15 13:09:42 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\Temp
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\system
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\security
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\nldrv
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\java
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\ehome
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028
[2012/06/15 13:09:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025
[2012/06/15 05:58:27 | 000,000,000 | R--D | C] -- D:\My Pictures
[2012/06/15 05:51:36 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Sun Broadband Wireless
[2012/06/15 05:50:53 | 000,016,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\spmsgXP_2k3.dll
[2012/06/15 05:50:50 | 000,026,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\spupdsvc.exe
[2012/06/15 05:50:42 | 001,461,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wdfcoinstaller01009.dll
[2012/06/15 05:50:42 | 001,461,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\drivers\WdfCoInstaller01009.dll
[2012/06/15 05:50:42 | 000,070,656 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ew_jubusenum.sys
[2012/06/15 05:50:42 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ew_jucdcacm.sys
[2012/06/15 05:50:42 | 000,051,584 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ew_jucdcecm.sys
[2012/06/15 05:50:42 | 000,026,880 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ew_juextctrl.sys
[2012/06/15 05:50:41 | 000,117,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewusbnet.sys
[2012/06/15 05:50:41 | 000,105,728 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewusbmdm.sys
[2012/06/15 05:50:41 | 000,101,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ew_hwusbdev.sys
[2012/06/15 05:50:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\drivers\usbccid.sys
[2012/06/15 05:50:41 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewdcsc.sys
[2012/06/15 05:50:41 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
[2012/06/15 05:50:26 | 000,000,000 | ---D | C] -- D:\Program Files\Sun Broadband Wireless
[2012/06/15 05:50:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\DatacardService
[2012/06/15 05:47:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Identities
[2012/06/15 05:47:36 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information
[2012/06/15 05:47:35 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Mom Dave Tam\My Documents\My Music
[2012/06/15 05:47:34 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Mom Dave Tam\My Documents\My Pictures
[2012/06/15 05:47:28 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data\Microsoft
[2012/06/15 05:47:28 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Mom Dave Tam\Cookies
[2012/06/15 05:47:28 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Mom Dave Tam\SendTo
[2012/06/15 05:47:28 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Mom Dave Tam\Application Data
[2012/06/15 05:47:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Mom Dave Tam\Start Menu\Programs\Startup
[2012/06/15 05:47:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Mom Dave Tam\Start Menu
[2012/06/15 05:47:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Mom Dave Tam\My Documents
[2012/06/15 05:47:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Mom Dave Tam\Favorites
[2012/06/15 05:47:28 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Mom Dave Tam\Start Menu\Programs\Accessories
[2012/06/15 05:47:28 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Mom Dave Tam\Templates
[2012/06/15 05:47:28 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Mom Dave Tam\PrintHood
[2012/06/15 05:47:28 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Mom Dave Tam\NetHood
[2012/06/15 05:47:28 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Mom Dave Tam\Local Settings
[2012/06/15 05:47:28 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Local Settings\Application Data\Microsoft
[2012/06/15 05:47:28 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Mom Dave Tam\Desktop
[2012/06/15 05:39:07 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution
[2012/06/15 05:39:05 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2012/06/15 05:39:04 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft
[2012/06/15 05:39:03 | 000,000,000 | --SD | C] -- D:\Documents and Settings\LocalService\Application Data\Microsoft
[2012/06/15 05:39:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2012/06/15 05:38:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2012/06/15 05:38:52 | 000,000,000 | --SD | C] -- D:\Documents and Settings\NetworkService\Application Data\Microsoft
[2012/06/15 05:29:41 | 000,014,048 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\spmsg.dll
[2012/06/15 05:29:41 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$hf_mig$
[2012/06/15 05:29:05 | 000,112,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mapi32.dll
[2012/06/15 05:28:16 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\DRM
[2012/06/15 05:28:03 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files
[2012/06/15 05:28:03 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages
[2012/06/15 05:27:50 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate
[2012/06/15 05:27:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX
[2012/06/15 05:27:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\atrace.dll
[2012/06/15 05:27:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\nmevtmsg.dll
[2012/06/15 05:27:05 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\acctres.dll
[2012/06/15 05:27:04 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services
[2012/06/15 05:27:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icfgnt5.dll
[2012/06/15 05:27:02 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks
[2012/06/15 05:27:01 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap
[2012/06/15 05:26:58 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst
[2012/06/15 05:26:58 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed
[2012/06/15 05:26:55 | 000,183,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuaueng1.dll
[2012/06/15 05:26:55 | 000,165,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuauclt1.exe
[2012/06/15 05:26:55 | 000,112,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wucltui.dll
[2012/06/15 05:26:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wups.dll
[2012/06/15 05:26:54 | 000,430,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuapi.dll
[2012/06/15 05:26:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qmgrprxy.dll
[2012/06/15 05:26:54 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\bitsprx2.dll
[2012/06/15 05:26:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\bitsprx3.dll
[2012/06/15 05:26:51 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker
[2012/06/15 05:26:47 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\safrslv.dll
[2012/06/15 05:26:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\safrcdlg.dll
[2012/06/15 05:26:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\racpldlg.dll
[2012/06/15 05:26:47 | 000,029,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\safrdm.dll
[2012/06/15 05:26:44 | 000,239,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\srrstr.dll
[2012/06/15 05:26:44 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\fltMc.exe
[2012/06/15 05:26:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore
[2012/06/15 05:26:43 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ils.dll
[2012/06/15 05:26:43 | 000,034,560 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mnmdd.dll
[2012/06/15 05:26:43 | 000,032,768 | ---- | C] (Intel Corporation) -- D:\WINDOWS\System32\isrdbg32.dll
[2012/06/15 05:26:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\nmmkcert.dll
[2012/06/15 05:26:42 | 000,069,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msconf.dll
[2012/06/15 05:26:40 | 000,252,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msoeacct.dll
[2012/06/15 05:26:40 | 000,105,984 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msoert2.dll
[2012/06/15 05:26:40 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting
[2012/06/15 05:26:39 | 000,048,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\inetres.dll
[2012/06/15 05:26:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mstinit.exe
[2012/06/15 05:26:38 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express
[2012/06/15 05:26:37 | 000,274,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\inetcfg.dll
[2012/06/15 05:26:37 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\isign32.dll
[2012/06/15 05:26:37 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icwdial.dll
[2012/06/15 05:26:37 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\icwphbk.dll
[2012/06/15 05:26:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System
[2012/06/15 05:26:31 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer
[2012/06/15 05:26:30 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents\My Pictures
[2012/06/15 05:26:05 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Games
[2012/06/15 05:25:52 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications
[2012/06/15 05:25:44 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2012/06/15 05:25:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration
[2012/06/15 05:25:35 | 000,000,000 | ---D | C] -- D:\Program Files\Online Services
[2012/06/15 05:25:34 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents\My Music
[2012/06/15 05:25:34 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player
[2012/06/15 05:25:28 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger
[2012/06/15 05:25:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\write.exe
[2012/06/15 05:25:25 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone
[2012/06/15 05:25:16 | 000,227,840 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\avtapi.dll
[2012/06/15 05:25:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\avwav.dll
[2012/06/15 05:25:16 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\hticons.dll
[2012/06/15 05:25:16 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\winchat.exe
[2012/06/15 05:25:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\avmeter.dll
[2012/06/15 05:25:10 | 000,605,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\getuname.dll
[2012/06/15 05:25:10 | 000,114,688 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\calc.exe
[2012/06/15 05:25:10 | 000,080,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\charmap.exe
[2012/06/15 05:25:10 | 000,056,832 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\sol.exe
[2012/06/15 05:25:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mshearts.exe
[2012/06/15 05:25:09 | 000,119,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\winmine.exe
[2012/06/15 05:25:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\freecell.exe
[2012/06/15 05:25:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tsshutdn.exe
[2012/06/15 05:25:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tskill.exe
[2012/06/15 05:25:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tsdiscon.exe
[2012/06/15 05:25:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\reset.exe
[2012/06/15 05:25:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\regini.exe
[2012/06/15 05:25:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qwinsta.exe
[2012/06/15 05:25:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msg.exe
[2012/06/15 05:25:08 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qappsrv.exe
[2012/06/15 05:25:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rwinsta.exe
[2012/06/15 05:25:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\cdmodem.dll
[2012/06/15 05:25:08 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\logoff.exe
[2012/06/15 05:25:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tscon.exe
[2012/06/15 05:25:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\shadow.exe
[2012/06/15 05:25:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpcfgex.dll
[2012/06/15 05:25:07 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comrepl.dll
[2012/06/15 05:25:07 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\stclient.dll
[2012/06/15 05:25:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comaddin.dll
[2012/06/15 05:25:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxlegih.dll
[2012/06/15 05:25:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxdm.dll
[2012/06/15 05:25:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dcomcnfg.exe
[2012/06/15 05:25:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mtxex.dll
[2012/06/15 05:25:06 | 000,147,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comsnap.dll
[2012/06/15 05:24:53 | 000,000,000 | ---D | C] -- D:\Program Files\MSN
[2012/06/15 05:24:52 | 000,183,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\accwiz.exe
[2012/06/15 05:24:52 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\access.cpl
[2012/06/15 05:24:51 | 000,347,136 | R--- | C] (Hilgraeve, Inc.) -- D:\WINDOWS\System32\hypertrm.dll
[2012/06/15 05:24:51 | 000,343,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mspaint.exe
[2012/06/15 05:24:51 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\sndrec32.exe
[2012/06/15 05:24:51 | 000,123,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mplay32.exe
[2012/06/15 05:24:51 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT
[2012/06/15 05:24:50 | 000,538,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\spider.exe
[2012/06/15 05:24:50 | 000,102,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\clipbrd.exe
[2012/06/15 05:24:50 | 000,093,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tscfgwmi.dll
[2012/06/15 05:24:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdchost.dll
[2012/06/15 05:24:49 | 000,087,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpwsx.dll
[2012/06/15 05:24:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdshost.exe
[2012/06/15 05:24:49 | 000,062,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpclip.exe
[2012/06/15 05:24:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\tscupgrd.exe
[2012/06/15 05:24:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qprocess.exe
[2012/06/15 05:24:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdpsnd.dll
[2012/06/15 05:24:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\rdsaddin.exe
[2012/06/15 05:24:48 | 000,949,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtctm.dll
[2012/06/15 05:24:48 | 000,425,472 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtcprx.dll
[2012/06/15 05:24:48 | 000,161,280 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtcuiu.dll
[2012/06/15 05:24:48 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\cfgbkend.dll
[2012/06/15 05:24:48 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc
[2012/06/15 05:24:47 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\msdtclog.dll
[2012/06/15 05:24:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\xolehlp.dll
[2012/06/15 05:24:47 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com
[2012/06/15 05:24:46 | 000,110,080 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\clbcatex.dll
[2012/06/15 05:24:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\catsrvps.dll
[2012/06/15 05:24:45 | 000,540,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\comuid.dll
[2012/06/15 05:24:40 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\cmprops.dll
[2012/06/15 05:24:40 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\licwmi.dll
[2012/06/15 05:24:40 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\servdeps.dll
[2012/06/15 05:24:40 | 000,017,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mmfutil.dll
[2012/06/15 05:24:36 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Documents\My Videos
[11 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/24 17:43:27 | 000,098,952 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\3A.exe
[2012/06/24 17:36:39 | 000,098,952 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\35.exe
[2012/06/24 17:30:26 | 000,098,952 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\2F.exe
[2012/06/24 17:24:13 | 000,098,952 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\2B.exe
[2012/06/24 17:18:28 | 000,596,992 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Mom Dave Tam\Desktop\OTL.com
[2012/06/24 17:17:30 | 000,098,952 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\24.exe
[2012/06/24 17:15:06 | 000,000,898 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/24 17:11:11 | 000,000,236 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\1E.exe
[2012/06/24 17:10:39 | 000,098,952 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\1D.exe
[2012/06/24 17:04:20 | 000,098,952 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\16.exe
[2012/06/24 16:57:29 | 000,098,952 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\12.exe
[2012/06/24 16:51:28 | 000,054,016 | ---- | M] () -- D:\WINDOWS\System32\drivers\sxbjubrc.sys
[2012/06/24 16:46:35 | 000,311,934 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2012/06/24 16:46:35 | 000,040,196 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2012/06/24 16:42:01 | 000,000,292 | ---- | M] () -- D:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1957994488-1647877149-682003330-1003.job
[2012/06/24 16:42:00 | 000,000,894 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/24 16:41:44 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012/06/24 16:41:42 | 1073,074,176 | -HS- | M] () -- D:\hiberfil.sys
[2012/06/24 10:37:47 | 000,001,519 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Notepad (2).lnk
[2012/06/24 10:37:04 | 000,001,519 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\Notepad (2).lnk
[2012/06/24 09:15:27 | 000,216,438 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\pro con list.jpeg
[2012/06/23 23:14:19 | 000,199,577 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\mrs-fields.franchise.1995.12.23.shtml
[2012/06/23 23:14:02 | 000,189,681 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\tgif.franchise.shtml
[2012/06/23 16:58:25 | 000,000,822 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Tumblebugs.lnk
[2012/06/23 16:58:25 | 000,000,137 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\More Games at GameHouse.com.url
[2012/06/23 15:49:36 | 000,004,096 | ---- | M] () -- D:\WINDOWS\d3dx.dat
[2012/06/23 15:36:14 | 000,000,300 | ---- | M] () -- D:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1957994488-1647877149-682003330-1003.job
[2012/06/23 15:35:29 | 010,303,536 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\TumblebugsInstall-0.exe
[2012/06/23 15:30:04 | 000,000,966 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Plants vs. Zombies.lnk
[2012/06/23 15:30:04 | 000,000,162 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Play More Great Games!.url
[2012/06/23 15:29:50 | 000,000,000 | ---- | M] () -- D:\WINDOWS\popcreg.dat
[2012/06/23 15:29:50 | 000,000,000 | ---- | M] () -- D:\WINDOWS\popcinfot.dat
[2012/06/23 12:19:22 | 000,067,088 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\rbxfranchs.jpg
[2012/06/22 22:11:08 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012/06/17 12:17:07 | 004,560,591 | R--- | M] (Swearware) -- D:\Documents and Settings\Mom Dave Tam\Desktop\ComboFix.exe
[2012/06/17 12:13:10 | 000,001,019 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\Dropbox.lnk
[2012/06/17 09:45:04 | 000,795,260 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\2012-06-16 20.29.28.jpg
[2012/06/16 14:38:31 | 000,000,929 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2012/06/16 14:38:13 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- D:\WINDOWS\System32\rmoc3260.dll
[2012/06/16 14:38:06 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- D:\WINDOWS\System32\pndx5016.dll
[2012/06/16 14:38:06 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- D:\WINDOWS\System32\pndx5032.dll
[2012/06/16 14:38:05 | 000,272,896 | ---- | M] (Progressive Networks) -- D:\WINDOWS\System32\pncrt.dll
[2012/06/16 14:19:48 | 000,005,468 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\cc_20120616_141945.reg
[2012/06/16 14:11:52 | 000,000,682 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/06/16 14:01:49 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/16 14:01:48 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/16 11:17:08 | 000,000,804 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\Windows Media Player.lnk
[2012/06/16 11:16:07 | 000,065,536 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\20120616111601421.avi
[2012/06/16 11:13:14 | 108,911,616 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\20120616111257031.avi
[2012/06/16 07:10:03 | 000,001,813 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/06/16 07:08:36 | 000,000,784 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/16 06:58:32 | 000,001,678 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/16 06:53:10 | 000,001,801 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Logitech QuickCam.lnk
[2012/06/16 06:12:38 | 000,000,742 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/06/16 06:12:12 | 016,574,016 | ---- | M] (Mozilla) -- D:\Documents and Settings\Mom Dave Tam\Desktop\Firefox Setup 13.0.exe
[2012/06/15 21:42:57 | 000,000,820 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/06/15 21:42:57 | 000,000,802 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2012/06/15 21:20:17 | 000,439,304 | ---- | M] (Yahoo! Inc.) -- D:\Documents and Settings\Mom Dave Tam\Desktop\msgr11ph.exe
[2012/06/15 21:16:58 | 000,000,853 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Vinyl Deck.lnk
[2012/06/15 21:13:21 | 007,288,855 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\vinyl_v700b.zip
[2012/06/15 21:12:37 | 000,001,878 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/06/15 20:57:04 | 000,946,352 | ---- | M] (Skype Technologies S.A.) -- D:\Documents and Settings\Mom Dave Tam\Desktop\SkypeSetup.exe
[2012/06/15 05:51:38 | 000,000,850 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Sun Broadband Wireless.lnk
[2012/06/15 05:51:06 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2012/06/15 05:51:05 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/06/15 05:47:43 | 000,000,079 | ---- | M] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/06/15 05:38:56 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD
[2012/06/15 05:38:39 | 000,090,296 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/15 05:30:51 | 000,000,560 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2012/06/15 05:29:29 | 000,002,577 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2012/06/15 05:29:19 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2012/06/15 05:29:19 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2012/06/15 05:29:19 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2012/06/15 05:29:05 | 000,004,161 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2012/06/15 05:26:04 | 000,021,640 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012/06/13 11:36:33 | 008,761,062 | ---- | M] () -- D:\Like_A_G6.mp3
[2012/06/06 09:03:02 | 019,991,836 | ---- | M] () -- D:\For transferring.rar
[2012/06/06 08:49:29 | 304,280,279 | ---- | M] () -- D:\My Pictures.rar
[2012/06/05 21:16:32 | 129,445,876 | ---- | M] () -- D:\Miscellaneousdocs.rar
[2012/06/05 15:02:43 | 014,768,895 | ---- | M] () -- D:\StoreQuimbertpic.rar
[2012/06/05 14:51:16 | 051,664,452 | ---- | M] () -- D:\Mari Music2011.rar
[2012/06/05 14:34:29 | 063,423,740 | ---- | M] () -- D:\Chrismay2012Pictures.rar
[11 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/24 17:43:27 | 000,098,952 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\3A.exe
[2012/06/24 17:36:39 | 000,098,952 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\35.exe
[2012/06/24 17:30:26 | 000,098,952 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\2F.exe
[2012/06/24 17:24:13 | 000,098,952 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\2B.exe
[2012/06/24 17:17:30 | 000,098,952 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\24.exe
[2012/06/24 17:11:11 | 000,000,236 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\1E.exe
[2012/06/24 17:10:39 | 000,098,952 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\1D.exe
[2012/06/24 17:04:20 | 000,098,952 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\16.exe
[2012/06/24 16:57:29 | 000,098,952 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\12.exe
[2012/06/24 16:51:28 | 000,054,016 | ---- | C] () -- D:\WINDOWS\System32\drivers\sxbjubrc.sys
[2012/06/24 10:37:47 | 000,001,519 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Notepad (2).lnk
[2012/06/24 10:37:04 | 000,001,519 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\Notepad (2).lnk
[2012/06/24 09:14:31 | 000,216,438 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\pro con list.jpeg
[2012/06/23 23:14:18 | 000,199,577 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\mrs-fields.franchise.1995.12.23.shtml
[2012/06/23 23:13:58 | 000,189,681 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\tgif.franchise.shtml
[2012/06/23 15:49:36 | 000,004,096 | ---- | C] () -- D:\WINDOWS\d3dx.dat
[2012/06/23 15:49:06 | 000,000,822 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Tumblebugs.lnk
[2012/06/23 15:49:06 | 000,000,137 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\More Games at GameHouse.com.url
[2012/06/23 15:33:24 | 010,303,536 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\TumblebugsInstall-0.exe
[2012/06/23 15:30:04 | 000,000,966 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Plants vs. Zombies.lnk
[2012/06/23 15:30:04 | 000,000,162 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Play More Great Games!.url
[2012/06/23 15:29:50 | 000,000,000 | ---- | C] () -- D:\WINDOWS\popcreg.dat
[2012/06/23 15:29:50 | 000,000,000 | ---- | C] () -- D:\WINDOWS\popcinfot.dat
[2012/06/23 12:19:20 | 000,067,088 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\rbxfranchs.jpg
[2012/06/17 13:53:44 | 1073,074,176 | -HS- | C] () -- D:\hiberfil.sys
[2012/06/17 12:23:13 | 000,256,000 | ---- | C] () -- D:\WINDOWS\PEV.exe
[2012/06/17 12:23:13 | 000,208,896 | ---- | C] () -- D:\WINDOWS\MBR.exe
[2012/06/17 12:23:13 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe
[2012/06/17 12:23:13 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe
[2012/06/17 12:23:13 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe
[2012/06/17 12:13:10 | 000,001,019 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\Dropbox.lnk
[2012/06/17 09:45:00 | 000,795,260 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\2012-06-16 20.29.28.jpg
[2012/06/16 14:39:34 | 000,000,292 | ---- | C] () -- D:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1957994488-1647877149-682003330-1003.job
[2012/06/16 14:39:30 | 000,000,300 | ---- | C] () -- D:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1957994488-1647877149-682003330-1003.job
[2012/06/16 14:38:31 | 000,000,929 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2012/06/16 14:19:47 | 000,005,468 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\cc_20120616_141945.reg
[2012/06/16 14:11:52 | 000,000,682 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/06/16 11:17:08 | 000,000,804 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\Windows Media Player.lnk
[2012/06/16 11:16:02 | 000,065,536 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\20120616111601421.avi
[2012/06/16 11:12:57 | 108,911,616 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Desktop\20120616111257031.avi
[2012/06/16 11:11:57 | 000,000,832 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Start Menu\Programs\AMCap.lnk
[2012/06/16 07:55:21 | 129,445,876 | ---- | C] () -- D:\Miscellaneousdocs.rar
[2012/06/16 07:55:16 | 008,761,062 | ---- | C] () -- D:\Like_A_G6.mp3
[2012/06/16 07:10:03 | 000,001,813 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/06/16 07:08:36 | 000,000,784 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/16 06:59:06 | 000,000,898 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/16 06:59:06 | 000,000,894 | ---- | C] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/16 06:58:32 | 000,001,678 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/16 06:54:18 | 000,050,127 | ---- | C] () -- D:\WINDOWS\System32\lvcoinst.ini
[2012/06/16 06:54:18 | 000,013,398 | ---- | C] () -- D:\WINDOWS\System32\Repository.reg
[2012/06/16 06:53:10 | 000,001,801 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Logitech QuickCam.lnk
[2012/06/16 06:12:38 | 000,000,742 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/06/16 06:12:38 | 000,000,730 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/15 21:42:57 | 000,000,820 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/06/15 21:42:57 | 000,000,802 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2012/06/15 21:16:58 | 000,000,859 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Vinyl Deck.lnk
[2012/06/15 21:16:58 | 000,000,853 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Vinyl Deck.lnk
[2012/06/15 21:13:21 | 007,288,855 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\My Documents\vinyl_v700b.zip
[2012/06/15 21:12:37 | 000,001,878 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/06/15 13:17:34 | 000,129,045 | ---- | C] () -- D:\WINDOWS\System32\drivers\cxthsfS2.cty
[2012/06/15 13:15:51 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2012/06/15 13:14:36 | 000,090,296 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/15 13:13:15 | 000,000,560 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf
[2012/06/15 05:58:11 | 001,486,337 | ---- | C] () -- D:\Attachments_2011_10_17.zip
[2012/06/15 05:58:10 | 016,097,939 | ---- | C] () -- D:\attachments_2010_08_26.zip
[2012/06/15 05:58:09 | 020,179,146 | ---- | C] () -- D:\attachments_2010_08_26(3).zip
[2012/06/15 05:57:48 | 304,280,279 | ---- | C] () -- D:\My Pictures.rar
[2012/06/15 05:57:42 | 051,664,452 | ---- | C] () -- D:\Mari Music2011.rar
[2012/06/15 05:57:41 | 009,593,455 | ---- | C] () -- D:\Jose_Monico_Tanseco_resume[1]_updated.rar
[2012/06/15 05:57:40 | 019,991,836 | ---- | C] () -- D:\For transferring.rar
[2012/06/15 05:57:36 | 063,423,740 | ---- | C] () -- D:\Chrismay2012Pictures.rar
[2012/06/15 05:57:35 | 014,768,895 | ---- | C] () -- D:\StoreQuimbertpic.rar
[2012/06/15 05:51:38 | 000,000,850 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Sun Broadband Wireless.lnk
[2012/06/15 05:51:06 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2012/06/15 05:51:05 | 000,000,000 | -H-- | C] () -- D:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/06/15 05:47:43 | 000,000,079 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/06/15 05:47:38 | 000,000,738 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Start Menu\Programs\Outlook Express.lnk
[2012/06/15 05:47:36 | 000,000,767 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Start Menu\Programs\Internet Explorer.lnk
[2012/06/15 05:47:28 | 000,001,599 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Start Menu\Programs\Remote Assistance.lnk
[2012/06/15 05:47:28 | 000,000,792 | ---- | C] () -- D:\Documents and Settings\Mom Dave Tam\Start Menu\Programs\Windows Media Player.lnk
[2012/06/15 05:38:56 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD
[2012/06/15 05:30:45 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2012/06/15 05:29:19 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb
[2012/06/15 05:29:19 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb
[2012/06/15 05:29:17 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx
[2012/06/15 05:27:49 | 000,000,786 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/06/15 05:27:11 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp
[2012/06/15 05:27:11 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp
[2012/06/15 05:26:05 | 000,000,609 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/06/15 05:26:04 | 000,021,640 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012/06/15 05:25:35 | 000,001,986 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/06/15 05:25:12 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Santa Fe Stucco.bmp
[2012/06/15 05:25:12 | 000,026,680 | ---- | C] () -- D:\WINDOWS\River Sumida.bmp
[2012/06/15 05:25:12 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rhododendron.bmp
[2012/06/15 05:25:12 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Zapotec.bmp
[2012/06/15 05:25:11 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Soap Bubbles.bmp
[2012/06/15 05:25:11 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Prairie Wind.bmp
[2012/06/15 05:25:11 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Greenstone.bmp
[2012/06/15 05:25:11 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Gone Fishing.bmp
[2012/06/15 05:25:11 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Coffee Bean.bmp
[2012/06/15 05:25:11 | 000,016,730 | ---- | C] () -- D:\WINDOWS\FeatherTexture.bmp
[2012/06/15 05:25:11 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Blue Lace 16.bmp
[2012/06/15 05:25:09 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h
[2012/06/15 05:25:09 | 000,001,161 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd
[2012/06/15 05:25:08 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h
[2012/06/15 05:25:02 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc

< End of report >


OTL Extras logfile created on: 6/24/2012 5:38:29 PM - Run 1
OTL by OldTimer - Version 3.2.50.0 Folder = D:\Documents and Settings\Mom Dave Tam\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.30 Mb Total Physical Memory | 404.68 Mb Available Physical Memory | 39.55% Memory free
2.40 Gb Paging File | 1.58 Gb Available in Paging File | 65.69% Paging File free
Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 37.30 Gb Total Space | 5.71 Gb Free Space | 15.30% Space Free | Partition Type: NTFS
Drive D: | 37.30 Gb Total Space | 28.90 Gb Free Space | 77.48% Space Free | Partition Type: NTFS
Drive F: | 19.02 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 1.86 Gb Total Space | 0.12 Gb Free Space | 6.36% Space Free | Partition Type: FAT

Computer Name: ALL-9894982D403 | User Name: Mom Dave Tam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"D:\Documents and Settings\Mom Dave Tam\Application Data\Dropbox\bin\Dropbox.exe" = D:\Documents and Settings\Mom Dave Tam\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"D:\Documents and Settings\Mom Dave Tam\My Documents\Downloads\cnet2_ComboFix_exe.exe" = D:\Documents and Settings\Mom Dave Tam\My Documents\Downloads\cnet2_ComboFix_exe.exe:*:Enabled:CNET Download.com Installer -- (CNET Download.com)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D2}" = WinZip 16.5
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AMCap" = AMCap
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Plants vs. Zombies" = Plants vs. Zombies
"QcDrv" = Logitech® Camera Driver
"RealPlayer 15.0" = RealPlayer
"Sun Broadband Wireless" = Sun Broadband Wireless
"Tumblebugs" = Tumblebugs
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ System Events ]
Error - 6/22/2012 10:24:45 PM | Computer Name = ALL-9894982D403 | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort3, did not respond within the timeout
period.

Error - 6/22/2012 10:24:56 PM | Computer Name = ALL-9894982D403 | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort3, did not respond within the timeout
period.

Error - 6/23/2012 12:29:04 AM | Computer Name = ALL-9894982D403 | Source = Dhcp | ID = 1002
Description = The IP address lease 10.164.17.133 for the Network Card with network
address 001E101F051B has been denied by the DHCP server 10.164.13.33 (The DHCP Server
sent a DHCPNACK message).

Error - 6/23/2012 12:29:04 AM | Computer Name = ALL-9894982D403 | Source = ipnathlp | ID = 32003
Description = The Network Address Translator (NAT) was unable to request an operation
of
the kernel-mode translation module. This may indicate misconfiguration, insufficient
resources, or an internal error. The data is the error code.

Error - 6/23/2012 4:58:52 AM | Computer Name = ALL-9894982D403 | Source = Dhcp | ID = 1002
Description = The IP address lease 10.164.13.39 for the Network Card with network
address 001E101FC8C1 has been denied by the DHCP server 10.164.20.81 (The DHCP Server
sent a DHCPNACK message).

Error - 6/23/2012 5:26:11 AM | Computer Name = ALL-9894982D403 | Source = Dhcp | ID = 1002
Description = The IP address lease 10.164.20.83 for the Network Card with network
address 001E101FC8C1 has been denied by the DHCP server 10.114.128.217 (The DHCP
Server sent a DHCPNACK message).

Error - 6/24/2012 12:12:58 AM | Computer Name = ALL-9894982D403 | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort3, did not respond within the timeout
period.

Error - 6/24/2012 12:13:10 AM | Computer Name = ALL-9894982D403 | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort3, did not respond within the timeout
period.

Error - 6/24/2012 12:13:21 AM | Computer Name = ALL-9894982D403 | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort3, did not respond within the timeout
period.

Error - 6/24/2012 12:53:30 AM | Computer Name = ALL-9894982D403 | Source = Dhcp | ID = 1002
Description = The IP address lease 10.164.2.36 for the Network Card with network
address 001E101FAB03 has been denied by the DHCP server 10.164.43.153 (The DHCP
Server sent a DHCPNACK message).


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP