Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer running slowly cant update anti virus [Closed]


  • This topic is locked This topic is locked

#1
Fatie32

Fatie32

    Member

  • Member
  • PipPipPip
  • 122 posts
OTL logfile created on: 1/1/2005 2:29:54 AM - Run 1
OTL by OldTimer - Version 3.2.45.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 281.63 Mb Available Physical Memory | 29.38% Memory free
3.78 Gb Paging File | 3.12 Gb Available in Paging File | 82.53% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 225.37 Gb Total Space | 194.78 Gb Free Space | 86.43% Space Free | Partition Type: NTFS
Drive D: | 7.50 Gb Total Space | 0.98 Gb Free Space | 13.04% Space Free | Partition Type: FAT32
Drive K: | 29.44 Gb Total Space | 20.39 Gb Free Space | 69.27% Space Free | Partition Type: FAT32

Computer Name: GENEVA | User Name: Compaq_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/13 10:17:10 | 001,282,920 | ---- | M] (LabTech Software) -- C:\WINDOWS\LTSvc\LTTray.exe
PRC - [2012/10/24 11:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/09/12 17:25:22 | 000,280,088 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/06/18 08:56:00 | 012,548,608 | ---- | M] (LabTech Software) -- C:\WINDOWS\LTSvc\LTSVC.exe
PRC - [2012/06/02 09:45:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
PRC - [2012/05/01 13:14:17 | 000,096,768 | ---- | M] (LabTech Software) -- C:\WINDOWS\LTSvc\LTSvcMon.exe
PRC - [2010/12/08 07:57:59 | 000,390,528 | -H-- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008/11/25 17:25:36 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2008/06/11 13:36:16 | 000,462,848 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/21 13:46:20 | 000,032,768 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe
PRC - [2007/04/17 13:03:50 | 000,063,048 | -H-- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2005/03/25 01:04:08 | 000,137,136 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2005/03/25 01:03:40 | 000,374,704 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2004/10/07 08:42:57 | 000,167,936 | ---- | M] () -- C:\WINDOWS\CDProxyServ.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/24 11:50:39 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/06/27 18:53:30 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/06/27 18:53:17 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012/06/27 18:53:04 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll
MOD - [2012/06/27 18:49:04 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/06/27 18:45:24 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/06/27 18:45:16 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/06/27 18:41:03 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/05/29 20:55:26 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/05/29 20:53:33 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/29 20:25:43 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/29 20:25:09 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll
MOD - [2012/05/29 20:24:11 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/29 20:24:03 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2011/11/03 09:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2009/01/09 00:10:52 | 000,139,264 | ---- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/06/11 13:37:14 | 001,388,544 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\Characters\RCSPSkSPVista.dll
MOD - [2008/06/11 13:30:30 | 000,192,512 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCMH.dll
MOD - [2008/06/11 13:30:24 | 000,507,904 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\Config.dll
MOD - [2008/06/11 13:30:12 | 000,897,024 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCTH.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/04/19 17:32:34 | 000,126,976 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\NetFixDll.dll
MOD - [2004/10/07 08:42:57 | 000,167,936 | ---- | M] () -- C:\WINDOWS\CDProxyServ.exe
MOD - [2004/08/10 13:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2001/10/11 17:34:50 | 000,077,824 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/10/24 11:50:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/06/18 08:56:00 | 012,548,608 | ---- | M] (LabTech Software) [Auto | Running] -- C:\WINDOWS\LTSvc\LTSVC.exe -- (LTService)
SRV - [2012/05/01 13:14:17 | 000,096,768 | ---- | M] (LabTech Software) [Auto | Running] -- C:\WINDOWS\LTSvc\LTSvcMon.exe -- (LTSvcMon)
SRV - [2010/12/08 07:57:59 | 000,390,528 | -H-- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2008/07/29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/04/13 18:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 18:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 18:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 18:11:59 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 18:11:57 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 18:11:49 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2005/03/25 01:04:08 | 000,137,136 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2005/03/25 01:03:40 | 000,374,704 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2004/10/07 08:42:57 | 000,167,936 | ---- | M] () [Auto | Running] -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2011/03/30 01:57:24 | 000,071,424 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb) Brother Serial Interface Driver(WDM)
DRV - [2011/03/30 01:57:24 | 000,011,520 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb) Brother Serial USB Driver(WDM)
DRV - [2008/10/17 19:29:25 | 000,047,640 | -H-- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/04/13 12:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 12:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 12:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 12:31:32 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/02/28 14:31:50 | 000,012,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/02/25 11:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/07/04 06:52:50 | 000,018,432 | ---- | M] (First 4 Internet) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\$sys$cor.sys -- ($sys$cor)
DRV - [2005/07/04 04:51:37 | 000,011,904 | ---- | M] (First 4 Internet) [Kernel | System | Running] -- C:\WINDOWS\system32\$sys$filesystem\crater.sys -- ($sys$crater)
DRV - [2005/06/07 23:44:36 | 001,235,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/04/20 12:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/14 22:12:12 | 000,175,616 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)
DRV - [2005/03/25 01:03:44 | 000,083,912 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2005/03/09 15:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/01/01 01:29:58 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A2F1D317-1D58-4E9B-847D-07298DBEE467}\MpKsl466737fa.sys -- (MpKsl466737fa)
DRV - [2004/12/15 16:18:32 | 000,220,928 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/12/15 16:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/15 16:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/08/10 13:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/10 13:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/10 13:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/04 06:41:36 | 000,606,684 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004/08/04 06:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 16:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)
DRV - [2002/07/29 16:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...arm1=seconduser
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.h...arm1=seconduser
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...arm1=seconduser
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...arm1=seconduser
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...arm1=seconduser
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...arm1=seconduser
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.247brigh...r.com/login.asp
IE - HKCU\..\SearchScopes,DefaultScope = {20FEC453-1557-4C47-8FA5-F438ED3F68DB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{20FEC453-1557-4C47-8FA5-F438ED3F68DB}: "URL" = http://www.google.co...1I7HPIC_enUS349
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2061: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2122: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1059: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/13 10:21:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/11/13 10:50:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions
[2012/11/13 10:21:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/24 11:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/24 11:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/24 11:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2004/08/10 20:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKCU..\Run: [RCHotKey] C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe (RingCentral, Inc.)
O4 - HKCU..\Run: [RCUI] C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe (RingCentral, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Network Monitoring Tray.lnk = C:\WINDOWS\LTSvc\LTTray.exe (LabTech Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKLM\..Trusted Domains: rit911.com ([upport] * in Trusted sites)
O15 - HKLM\..Trusted Domains: rit911.com|support.ritcompany.com ([support] * in Trusted sites)
O16 - DPF: {15772FF0-B907-4D98-B770-0000B63DB314} https://cas2.questdi...s/VBPrinter.CAB (VBPrinter.VBPrinterCtrl)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.247brigh...ctiveX/smsx.cab (MeadCo ScriptX)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {62E57FC5-1CCD-11D7-8344-00C1261173F0} https://www.247brigh...an/csximage.cab (csXImage Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1342635135000 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1342635103328 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://l.yimg.com/jh...aploader_v6.cab (PopCapLoader Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://brightstarca...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/11/17 05:32:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 05:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 21:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/13 10:50:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Mozilla
[2012/11/13 10:50:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla
[2012/11/13 10:21:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/11/13 10:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/11/13 10:21:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/11/13 10:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/11/13 10:12:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\IT
[2012/07/18 12:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
[2012/07/18 12:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/07/18 11:46:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Administrator\Recent
[2012/07/18 11:27:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012/07/18 11:27:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\JAM Software
[2012/07/11 14:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Windows Search
[2012/07/09 08:45:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Data Recovery
[2012/05/30 10:17:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\PrivacIE
[2012/05/30 10:15:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\IETldCache
[2012/05/26 22:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2012/05/26 22:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/05/26 22:55:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/05/26 22:51:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/05/26 22:34:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2012/05/26 22:34:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2012/05/26 22:34:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2012/05/25 18:12:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2012/05/25 15:14:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/05/25 15:09:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Administrative Tools
[2012/05/24 22:32:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2012/05/24 22:32:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012/05/24 22:32:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2012/05/24 22:32:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012/05/24 22:20:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012/05/24 09:59:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\TightVNC
[2012/05/07 10:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2012/05/07 10:10:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2012/05/07 10:10:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2012/05/05 08:09:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Windows Desktop Search
[2012/05/03 14:28:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\20120503-Clinical_Quality WebEx Meeting_Conference Call 2pm Central.9(576749202)
[2012/05/03 14:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2012/05/03 14:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Identities
[2012/05/03 14:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2012/05/03 14:13:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012/05/03 14:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2012/03/30 09:37:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\TightVNC
[2011/03/30 01:57:24 | 000,071,424 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrSerIb.sys
[2011/03/30 01:57:24 | 000,011,520 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrUsbSib.sys
[2010/11/16 09:13:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Tech
[2010/11/16 08:45:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\A.R
[2010/10/18 08:29:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/10/18 08:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Google
[2010/07/20 15:11:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Brother
[2010/04/08 08:22:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/04/08 08:20:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/04/08 08:12:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\SCANS
[2010/04/08 08:03:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother
[2010/04/08 08:02:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\BrFaxRx
[2010/04/08 08:02:01 | 000,103,736 | ---- | C] (Brother Industries Ltd) -- C:\WINDOWS\System32\BRRBTOOL.EXE
[2010/04/08 08:02:01 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BRLMW03A.DLL
[2010/04/08 08:02:01 | 000,025,299 | ---- | C] (Brother Industries, Ltd) -- C:\WINDOWS\System32\BRLM03A.DLL
[2010/04/08 08:01:54 | 001,530,880 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia08b.dll
[2010/04/08 08:01:54 | 000,051,712 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUsi08b.dll
[2010/04/08 08:01:53 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\WINDOWS\System32\BRCrypt.dll
[2010/04/08 08:01:43 | 000,126,976 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrfxD05b.dll
[2010/04/08 08:01:43 | 000,118,784 | ---- | C] (Brother Industries,LTD.) -- C:\WINDOWS\System32\BrMfNt.dll
[2010/04/08 08:01:24 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BROSNMP.DLL
[2010/04/08 08:01:24 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2.dll
[2010/04/08 08:01:24 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2L.dll
[2010/04/08 08:01:24 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2S.dll
[2010/04/08 08:01:17 | 000,167,936 | ---- | C] (brother) -- C:\WINDOWS\System32\NSSearch.dll
[2010/04/08 08:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\InstallShield
[2010/04/08 08:00:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010/04/08 07:41:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/03/30 16:02:58 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2010/03/01 11:03:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Temp
[2010/01/29 15:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/10/12 07:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ICS
[2009/10/08 16:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009/08/18 09:40:06 | 001,535,488 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia09c.dll
[2009/08/18 09:36:28 | 000,055,808 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUsi09c.dll
[2009/08/13 17:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/07/24 11:38:04 | 000,085,344 | ---- | C] (Mead & Co Limited) -- C:\WINDOWS\System32\MCBroker.exe
[2009/07/24 11:38:04 | 000,085,328 | ---- | C] (Mead & Co Limited) -- C:\WINDOWS\System32\MCSXUser.exe
[2009/07/24 11:38:04 | 000,085,328 | ---- | C] (Mead & Co Limited) -- C:\WINDOWS\System32\MCSXHost.exe
[2009/06/18 10:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\newsletter
[2009/04/20 13:19:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Saved Games
[2009/04/20 13:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\iWin
[2009/04/10 09:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Compentencies
[2009/03/09 13:22:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Joyful Hearts
[2009/02/17 17:33:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Printer Info Cache
[2009/01/08 14:23:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/01/08 14:23:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/01/08 14:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/01/08 14:22:14 | 000,000,000 | ---D | C] -- C:\b77575d0281d5ef5ca22115c190fe13d
[2009/01/08 11:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft Help
[2009/01/08 11:34:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/01/08 10:57:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\GetRightToGo
[2009/01/08 10:57:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Desktop\Downloads
[2008/12/18 16:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\WebEx
[2008/12/08 08:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2008/11/17 09:00:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\On Call Schedule
[2008/11/06 18:15:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Staff Meeting
[2008/10/30 08:08:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Applicants
[2008/10/14 07:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Plum Landing
[2008/10/06 11:24:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Clients
[2008/09/29 19:04:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Chicago_OakBrook
[2008/09/23 13:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Tom
[2008/09/20 02:01:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2008/09/19 14:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Blackberry Desktop
[2008/09/19 14:47:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Research In Motion
[2008/09/19 14:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Media Manager 9
[2008/09/19 14:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2008/09/19 14:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2008/09/19 14:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2008/09/19 13:59:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2008/09/19 13:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BlackBerry
[2008/09/19 13:55:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2008/09/19 13:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2008/09/06 14:03:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\TMPX
[2008/09/06 14:03:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\$sys$filesystem
[2008/08/30 17:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Jennifer
[2008/08/08 08:21:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2008/08/08 08:20:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2008/07/24 14:17:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2008/07/24 14:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My eBooks
[2008/07/22 14:25:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Mead & Company
[2008/07/17 15:28:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2008/07/17 13:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Download Manager
[2008/07/17 06:08:11 | 000,143,360 | ---- | C] (Inner Media, Inc.) -- C:\WINDOWS\System32\dunzip32.dll
[2008/07/17 06:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2008/07/17 02:00:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2008/07/16 11:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{FBB5C4A9-4848-46A0-8863-C359F08D7728}
[2008/07/16 09:17:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2008/07/16 09:03:34 | 000,083,912 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2008/07/16 09:03:34 | 000,083,392 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll.000.bak
[2008/07/16 09:03:34 | 000,047,640 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2008/07/16 09:03:34 | 000,031,144 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2008/07/16 09:03:24 | 000,092,072 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2008/07/16 09:03:24 | 000,087,456 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll.000.bak
[2008/07/15 23:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2008/07/15 23:02:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft
[2008/07/15 23:02:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Favorites
[2008/07/15 23:02:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data
[2008/07/15 23:02:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\Cookies
[2008/07/15 23:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Symantec
[2008/07/15 23:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\SampleView
[2008/07/15 23:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Real
[2008/07/15 23:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Intuit
[2008/07/15 23:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Identities
[2008/07/15 23:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Desktop
[2008/07/15 23:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Apple Computer
[2008/07/15 23:02:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup
[2008/07/15 23:02:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu
[2008/07/15 23:02:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\SendTo
[2008/07/15 23:02:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Videos
[2008/07/15 23:02:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Pictures
[2008/07/15 23:02:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Music
[2008/07/15 23:02:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents
[2008/07/15 23:02:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Accessories
[2008/07/15 23:02:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings
[2008/07/15 23:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\WINDOWS
[2008/07/15 23:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Templates
[2008/07/15 23:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\PrintHood
[2008/07/15 23:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\NetHood
[2008/07/15 23:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft
[2008/07/15 23:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google
[2008/07/15 23:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ApplicationHistory
[2008/07/15 23:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Apple Computer
[2008/07/15 23:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}
[2008/07/15 22:59:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2008/07/15 22:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
[2008/07/15 22:44:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HP
[2008/07/15 22:39:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2008/07/15 22:36:52 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2008/07/15 21:57:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2008/07/14 11:33:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HP
[2008/06/20 07:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\LogMeIn
[2008/06/20 07:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2008/06/10 09:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\UltraVNC
[2008/06/10 09:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\UltraVNC
[2008/05/15 07:39:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/05/14 10:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2008/05/12 14:32:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Kane Deposits
[2008/05/12 07:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2008/05/12 07:54:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Apple
[2008/05/12 07:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2008/05/12 07:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/04/09 12:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/04/08 14:10:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Business Applications
[2008/03/24 13:28:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Statements
[2008/03/24 09:10:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Employees
[2008/03/11 16:43:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Invoicing
[2008/03/06 13:04:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RingCentral
[2008/03/06 13:04:01 | 000,000,000 | ---D | C] -- C:\Program Files\RingCentral
[2008/03/06 13:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RingCentral
[2008/02/29 08:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Adobe
[2008/02/28 16:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\BroadJump
[2008/02/28 16:13:18 | 000,266,240 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\SBCDSL.exe
[2008/02/27 07:54:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Vonnell
[2008/02/27 07:54:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Prospects
[2008/02/27 07:54:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Job Advertisement
[2008/02/27 07:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Interviewing
[2008/02/27 07:54:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Correspondance Letters
[2008/02/26 15:36:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\00Kane Server
[2008/01/14 16:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Desktop\Documents
[2008/01/08 11:40:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\InterTrust
[2008/01/03 08:48:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Stamps.com Internet Postage
[2008/01/03 08:48:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{B0AFCE64-DF3F-4824-8985-B21DB0EEE07B}
[2008/01/03 08:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{EF257B1A-26EA-4A90-9BCC-54CA818488E8}
[2008/01/03 08:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Stamps.com
[2008/01/03 08:35:38 | 000,000,000 | ---D | C] -- C:\Program Files\Stamps.com Internet Postage
[2008/01/03 08:34:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Seven Zip
[2007/12/11 23:35:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Documents Front desk backup
[2007/12/11 23:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Schaumburg Frontdesk backup 12112007
[2007/07/12 02:00:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2007/07/11 11:57:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2007/07/11 11:55:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2007/07/11 11:55:27 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2007/07/11 11:55:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2007/07/11 11:53:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2007/07/06 06:50:34 | 000,025,248 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\lmimirr.dll
[2007/07/06 06:50:34 | 000,011,552 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\lmimirr2.dll
[2007/06/01 11:05:12 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2007/04/23 12:48:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Image Zone Express
[2007/04/20 11:05:42 | 000,027,728 | ---- | C] (Mead & Co Limited) -- C:\WINDOWS\System32\MCPXUser.exe
[2007/04/20 11:05:42 | 000,027,728 | ---- | C] (Mead & Co Limited) -- C:\WINDOWS\System32\MCPXHost.exe
[2007/04/20 11:05:40 | 000,812,368 | ---- | C] (Mead & Co Limited) -- C:\WINDOWS\System32\MCPrintX.dll
[2007/04/20 11:05:40 | 000,317,264 | ---- | C] (Mead & Co Limited) -- C:\WINDOWS\System32\MCMaxiPT.dll
[2007/04/20 11:05:36 | 000,249,168 | ---- | C] (Mead & Co Limited) -- C:\WINDOWS\System32\MCScripX.dll
[2007/04/20 11:05:34 | 000,264,552 | ---- | C] (Mead & Co Limited) -- C:\WINDOWS\System32\MCSecMgr.dll
[2007/04/12 13:07:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\carrier
[2007/04/12 06:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2007/04/12 06:37:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2007/03/20 18:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2007/01/04 08:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\MSNInstaller
[2007/01/01 12:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother HL-2070N
[2007/01/01 12:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\Brownie
[2007/01/01 12:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2006/11/17 03:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2006/11/17 03:00:53 | 000,000,000 | ---D | C] -- C:\db15eb4ad570c79587b5779e
[2006/11/03 09:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2006/11/03 09:53:31 | 000,000,000 | ---D | C] -- C:\Temp
[2006/11/02 13:49:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\U3
[2006/09/18 07:54:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2006/09/14 14:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\HPQ
[2006/07/03 20:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Sonic
[2006/03/21 12:49:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Administrator\UserData
[2006/03/09 16:43:02 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2006/03/07 11:05:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\My Albums
[2006/03/07 11:05:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Arcsoft
[2006/03/02 17:58:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\LabTech
[2006/03/02 17:57:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\LTSvc
[2006/03/02 12:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Leadertech
[2006/02/28 09:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2006/02/28 09:13:45 | 000,053,248 | ---- | C] (PalmSource, Inc) -- C:\WINDOWS\PalmDevC.dll
[2006/02/28 09:13:16 | 000,000,000 | ---D | C] -- C:\Program Files\palmOne
[2006/02/28 09:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\HotSync
[2006/02/21 14:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Identities
[2006/02/16 09:06:13 | 000,000,000 | ---D | C] -- C:\Program Files\SymNetDrv
[2006/02/15 11:11:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Google
[2006/02/10 13:02:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2006/02/10 13:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Sun
[2006/02/08 14:24:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Template
[2006/02/08 14:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\AdobeUM
[2006/02/08 14:17:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Adobe
[2006/02/08 14:17:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Adobe
[2006/02/08 13:12:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\HP
[2006/02/08 13:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IsolatedStorage
[2006/02/08 13:11:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\HP
[2006/02/08 13:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2006/02/08 12:57:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP
[2006/02/08 12:54:53 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2006/02/07 19:24:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Macromedia
[2006/02/07 17:37:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2006/02/07 17:34:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2006/02/04 05:19:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2006/02/03 17:20:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2006/01/26 14:06:52 | 000,139,264 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\hpzjrd01.dll
[2006/01/16 16:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2006/01/16 16:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2006/01/16 16:42:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2006/01/06 14:23:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Catalina Marketing Corp
[2006/01/06 14:23:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Catalina Marketing Corp
[2005/12/23 12:12:22 | 000,155,648 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\HPTcpMon.dll
[2005/12/23 12:11:02 | 000,102,400 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\HPTcpMib.dll
[2005/12/23 09:40:36 | 000,286,720 | ---- | C] (none) -- C:\WINDOWS\System32\DGXUtil.ocx
[2005/12/21 08:24:08 | 000,024,576 | ---- | C] (adultpdf.com) -- C:\WINDOWS\System32\pdfspmeCOM.dll
[2005/12/19 14:23:20 | 000,524,288 | ---- | C] (Quest Diagnostics) -- C:\WINDOWS\System32\DGXPDF.ocx
[2005/08/14 17:20:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2005/08/14 17:12:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2005/08/14 17:11:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2005/08/14 17:11:57 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2005/08/14 17:09:22 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2005/08/14 17:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Internet signup
[2005/08/14 17:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\PC-Doctor for DOS
[2005/08/14 17:01:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\HPCPCUninstall-5577497
[2005/08/14 17:00:56 | 000,000,000 | ---D | C] -- C:\Program Files\Compaq Connections
[2005/08/14 17:00:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pcintro
[2005/08/14 16:57:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Palo Alto Software
[2005/08/14 16:57:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2005/08/14 16:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\Quicken
[2005/08/14 16:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2005/08/14 16:56:07 | 000,122,880 | ---- | C] (XSS) -- C:\WINDOWS\System32\ShellvRTF.dll
[2005/08/14 16:56:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\CREATOR
[2005/08/14 16:55:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2005/08/14 16:55:24 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2005/08/14 16:55:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2005/08/14 16:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2005/08/14 16:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2005/08/14 16:55:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2005/08/14 16:55:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2005/08/14 16:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\L&H
[2005/08/14 16:54:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2005/08/14 16:54:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2005/08/14 16:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2005/08/14 16:53:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2005/08/14 16:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2005/08/14 16:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Works
[2005/08/14 16:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2005/08/14 16:52:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2005/08/14 16:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2005/08/14 16:51:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2005/08/14 16:51:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Plus! Dancer LE
[2005/08/14 16:51:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Money 2005
[2005/08/14 16:51:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2005/08/14 16:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2005/08/14 16:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2005/08/14 16:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intervideo WinDVD
[2005/08/14 16:50:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo
[2005/08/14 16:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo
[2005/08/14 16:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2005/08/14 16:49:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2005/08/14 16:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TiVo Shared
[2005/08/14 16:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\GemMaster
[2005/08/14 16:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\EnglishOtto
[2005/08/14 16:44:32 | 000,000,000 | ---D | C] -- C:\Program Files\WildTangent
[2005/08/14 16:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2005/08/14 16:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2005/08/14 16:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sonic
[2005/08/14 16:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sonic
[2005/08/14 16:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2005/08/14 16:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2005/08/14 16:42:53 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2005/08/14 16:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2005/08/14 16:42:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2005/08/14 16:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Encarta Standard
[2005/08/14 16:40:09 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2005/08/14 16:40:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2005/08/14 16:39:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\FxsTmp
[2005/08/14 16:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2005/08/14 16:35:54 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2005/08/14 16:35:54 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2005/08/14 16:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2005/08/14 16:30:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2005/08/14 16:26:47 | 000,786,944 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\RDBios32.dll
[2005/08/14 16:26:47 | 000,532,480 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\cPC_DMIRD.dll
[2005/08/14 16:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2005/08/14 16:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2005/08/14 16:24:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2005/08/14 16:22:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Help & Tools
[2005/08/14 16:20:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2005/08/14 16:18:55 | 000,000,000 | ---D | C] -- C:\Python22
[2005/08/14 16:18:53 | 000,480,768 | ---- | C] (Wilson WindowWare, Inc.) -- C:\WINDOWS\System32\WBDBT32I.DLL
[2005/08/14 16:18:53 | 000,272,491 | ---- | C] (Wilson WindowWare, Inc.) -- C:\WINDOWS\System32\WBDBV32I.DLL
[2005/08/14 16:18:53 | 000,000,000 | -H-D | C] -- C:\system.sav
[2005/08/14 16:17:19 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2005/08/14 16:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2005/08/14 16:17:18 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2005/08/14 16:17:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2005/08/14 11:21:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\I386
[2005/08/14 11:15:37 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2005/08/14 11:15:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2005/08/14 11:15:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2005/08/14 11:15:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2005/08/14 11:15:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2005/08/14 11:15:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2005/08/14 11:15:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2005/08/14 11:15:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2005/08/14 11:15:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2005/08/14 11:15:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Application Data
[2005/08/14 11:14:07 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2005/08/14 11:14:06 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2005/08/08 10:23:32 | 000,139,264 | ---- | C] (Anex Technologies Inc.) -- C:\WINDOWS\System32\Anx417.ocx
[2005/08/08 10:21:36 | 000,557,056 | ---- | C] (PDFlib GmbH) -- C:\WINDOWS\System32\pdflib.dll
[2005/07/09 08:42:15 | 000,000,000 | ---D | C] -- C:\Google
[2005/06/10 11:43:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2005/06/10 11:43:38 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2005/06/10 11:43:26 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2005/06/10 11:43:22 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2005/06/10 11:43:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2005/06/10 11:43:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2005/06/10 11:43:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2005/06/10 11:42:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2005/06/10 11:42:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2005/06/10 11:41:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2005/06/10 11:41:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2005/06/10 11:41:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2005/06/10 11:41:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2005/06/10 11:41:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2005/06/10 11:40:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2005/06/10 11:40:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2005/06/10 11:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2005/06/10 11:39:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2005/06/10 11:39:00 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2005/06/10 11:38:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2005/06/10 11:38:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2005/06/10 11:38:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2005/06/10 11:38:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2005/06/10 11:37:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2005/06/10 11:37:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2005/06/10 11:30:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2005/06/10 11:30:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2005/06/10 11:29:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2005/06/10 11:29:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2005/06/10 11:29:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2005/06/10 11:29:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2005/06/10 11:29:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2005/06/10 11:29:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2005/06/10 11:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2005/06/10 11:29:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SMINST
[2005/06/10 11:29:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2005/06/10 11:29:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2005/06/10 11:29:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2005/06/10 11:28:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2005/06/10 11:28:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2005/06/10 11:28:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2005/06/10 11:28:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2005/06/10 11:26:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2005/06/10 11:26:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2005/06/10 11:26:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2005/06/10 11:25:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2005/06/10 11:25:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2005/06/10 11:25:06 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2005/06/10 11:25:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2005/06/10 11:25:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2005/06/10 11:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2005/06/10 11:10:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2005/06/10 11:09:04 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2005/06/10 11:08:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2005/06/10 11:07:18 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2005/06/10 11:07:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2005/06/10 11:07:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2005/06/10 11:07:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2005/06/10 11:05:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2005/06/10 11:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2005/06/10 11:05:06 | 000,000,000 | ---D | C] -- C:\Program Files
[2005/06/10 11:05:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Plus
[2005/06/10 11:04:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2005/06/10 11:04:36 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2005/06/10 11:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2005/06/10 11:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2005/06/10 11:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2005/06/10 11:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2005/06/10 11:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2005/06/10 11:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2005/06/10 11:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2005/06/10 11:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2005/06/10 11:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2005/06/10 11:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2005/06/10 11:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2005/06/10 11:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2005/06/10 11:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2005/06/10 11:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2005/06/10 11:03:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2005/06/10 11:03:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2005/06/10 11:03:36 | 000,000,000 | -H-D | C] -- C:\hp
[2005/06/10 11:03:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2005/06/10 11:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2005/06/10 11:02:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Recorded TV
[2005/06/10 11:02:46 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2005/06/10 11:01:58 | 000,000,000 | ---D | C] -- C:\CMPNENTS
[2005/06/08 11:13:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2005/06/08 11:13:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2005/06/08 11:13:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2005/06/08 11:11:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2005/06/08 11:11:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2005/06/08 11:11:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2005/06/08 11:07:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2005/06/08 11:06:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2005/06/08 11:06:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2005/06/08 11:06:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2005/06/08 11:06:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2005/06/08 11:06:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2005/06/08 11:06:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2005/06/08 11:06:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2005/06/08 11:06:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2005/06/08 11:06:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2005/06/08 11:06:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2005/06/08 11:00:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2005/06/08 11:00:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2005/06/08 11:00:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2005/06/08 11:00:06 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2005/06/08 10:59:58 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2005/06/08 10:59:48 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2005/06/08 10:59:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2005/06/08 10:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Templates
[2005/06/08 10:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2005/06/08 10:59:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2005/05/11 08:13:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2005/03/07 17:30:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\webex
[2005/01/14 23:07:10 | 000,343,216 | ---- | C] (KeyWorks Software) -- C:\WINDOWS\System32\keyhelp.ocx
[2005/01/14 23:07:06 | 001,699,913 | ---- | C] (Intuit Inc.) -- C:\WINDOWS\System32\inetclnt.dll
[2005/01/01 02:29:45 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2005/01/01 02:29:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2005/01/01 02:23:17 | 000,000,000 | --SD | C] -- C:\ComboFix
[2005/01/01 01:38:58 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2005/01/01 01:34:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2005/01/01 01:34:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2005/01/01 01:34:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2005/01/01 01:34:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2005/01/01 01:33:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2005/01/01 01:32:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2005/01/01 01:32:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\My Documents\Downloads
[2005/01/01 00:09:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2005/01/01 00:09:06 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2005/01/01 00:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2005/01/01 00:05:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Desktop\RK_Quarantine
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/13 10:22:12 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/11/13 10:21:48 | 000,000,750 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/11/13 10:21:48 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Internet.lnk
[2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/08/02 20:33:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/08/01 09:43:56 | 000,507,094 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/08/01 09:43:56 | 000,088,322 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/18 12:58:52 | 000,243,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/18 12:51:24 | 000,000,129 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012/07/18 12:48:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/07/18 11:29:05 | 000,000,279 | ---- | M] () -- C:\Boot.bak
[2012/07/18 11:24:14 | 000,083,392 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll.000.bak
[2012/07/18 11:24:11 | 000,087,456 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll.000.bak
[2012/07/18 11:22:21 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2012/07/09 08:53:19 | 000,001,515 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Network Monitoring Tray.lnk
[2012/07/09 08:52:16 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\-g2JeRL2J7jxAvY
[2012/07/09 08:52:11 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/07/09 08:52:01 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\g2JeRL2J7jxAvY
[2012/07/03 14:47:25 | 000,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/07/02 09:07:24 | 000,029,583 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Millionaire Dates - Online Dating - Fix the problems___.htm
[2012/06/02 09:45:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe
[2012/05/30 10:15:07 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/25 15:31:36 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/05/24 22:26:53 | 000,250,048 | ---- | M] () -- C:\ntldr
[2012/05/24 09:12:51 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/05/24 09:12:51 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/05/07 10:10:04 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2012/05/07 10:06:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/05/05 08:08:41 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2012/05/03 10:55:20 | 000,015,333 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\2740107403_2740107403_0.pdf
[2012/04/26 09:35:16 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Microsoft Office Word 2003.lnk
[2012/04/17 09:45:36 | 000,230,972 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\wine invitedelnor.pdf
[2012/01/11 13:06:47 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/11 13:06:47 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2011/11/03 09:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2011/11/03 09:28:36 | 000,386,048 | ---- | M] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2011/10/14 16:38:00 | 000,456,192 | ---- | M] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2011/06/26 00:45:56 | 000,256,000 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2011/03/30 01:57:24 | 000,071,424 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrSerIb.sys
[2011/03/30 01:57:24 | 000,011,520 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrUsbSib.sys
[2011/03/11 08:10:59 | 000,225,262 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2010/11/23 12:20:24 | 000,683,333 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\BankTrustOfficers2005.pdf
[2010/11/07 11:20:24 | 000,208,896 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010/10/24 16:28:51 | 000,001,457 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to CCE10242010_00000.lnk
[2010/10/24 16:27:48 | 000,326,997 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\CCE10242010_00000.jpg
[2010/08/10 09:31:05 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to BrightStar Logo C cdb small.lnk
[2010/07/22 15:37:58 | 000,042,651 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\sellers.htm
[2010/07/12 08:21:50 | 000,536,861 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\The TOP 20 Selling Strategy Reference Guide.pdf
[2010/07/05 14:40:04 | 000,057,667 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[2010/06/21 13:25:51 | 000,061,090 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\mda
[2010/05/10 07:45:58 | 000,103,736 | ---- | M] (Brother Industries Ltd) -- C:\WINDOWS\System32\BRRBTOOL.EXE
[2010/04/23 10:39:38 | 000,007,901 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\ESPN.htm
[2010/04/21 14:24:18 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Bstar-KaneAnderson.lnk
[2010/04/08 10:37:56 | 000,000,406 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to SCANS.lnk
[2010/04/08 08:03:29 | 000,001,780 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Click to SCAN - then click FILE.lnk
[2010/04/08 08:03:19 | 000,000,244 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2010/04/08 08:03:19 | 000,000,093 | ---- | M] () -- C:\WINDOWS\brpcfx.ini
[2010/04/08 08:02:03 | 000,000,086 | ---- | M] () -- C:\WINDOWS\Brfaxrx.ini
[2010/04/08 08:02:03 | 000,000,050 | ---- | M] () -- C:\WINDOWS\System32\BD9120CN.DAT
[2010/04/05 12:13:05 | 000,469,504 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\09OctSSA.pub
[2010/04/02 04:33:34 | 000,025,299 | ---- | M] (Brother Industries, Ltd) -- C:\WINDOWS\System32\BRLM03A.DLL
[2010/03/11 15:47:37 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to LawElderLaw.lnk
[2010/03/11 15:33:51 | 035,259,334 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\LawElderLaw.bmp
[2010/02/05 13:27:28 | 000,044,766 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\english_marypat_gif.mht
[2010/01/11 16:11:34 | 006,759,344 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\m_english[1]_jpg.mht
[2010/01/11 14:16:26 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\New TIFF Image.tif
[2009/11/29 11:28:54 | 000,000,036 | -H-- | M] () -- C:\WINDOWS\System32\f9t.dat
[2009/10/09 14:02:21 | 000,011,552 | -H-- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\lmimirr2.dll
[2009/10/09 14:02:20 | 000,025,248 | -H-- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\lmimirr.dll
[2009/08/18 09:40:06 | 001,535,488 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia09c.dll
[2009/08/18 09:36:28 | 000,055,808 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUsi09c.dll
[2009/07/31 22:27:38 | 000,201,184 | ---- | M] () -- C:\WINDOWS\System32\winrm.vbs
[2009/07/24 11:38:04 | 000,085,344 | ---- | M] (Mead & Co Limited) -- C:\WINDOWS\System32\MCBroker.exe
[2009/07/24 11:38:04 | 000,085,328 | ---- | M] (Mead & Co Limited) -- C:\WINDOWS\System32\MCSXUser.exe
[2009/07/24 11:38:04 | 000,085,328 | ---- | M] (Mead & Co Limited) -- C:\WINDOWS\System32\MCSXHost.exe
[2009/07/24 11:38:02 | 000,317,264 | ---- | M] (Mead & Co Limited) -- C:\WINDOWS\System32\MCMaxiPT.dll
[2009/07/24 11:38:00 | 000,812,368 | ---- | M] (Mead & Co Limited) -- C:\WINDOWS\System32\MCPrintX.dll
[2009/07/24 11:37:58 | 000,264,552 | ---- | M] (Mead & Co Limited) -- C:\WINDOWS\System32\MCSecMgr.dll
[2009/07/24 11:37:58 | 000,249,168 | ---- | M] (Mead & Co Limited) -- C:\WINDOWS\System32\MCScripX.dll
[2009/07/16 09:30:06 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System32\winrmprov.mof
[2009/07/16 09:30:04 | 000,002,426 | ---- | M] () -- C:\WINDOWS\System32\WsmTxt.xsl
[2009/07/16 09:30:04 | 000,001,559 | ---- | M] () -- C:\WINDOWS\System32\WsmPty.xsl
[2009/07/16 09:30:04 | 000,000,035 | ---- | M] () -- C:\WINDOWS\System32\winrm.cmd
[2009/05/19 00:39:22 | 000,003,072 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2S.dll
[2009/04/20 09:52:29 | 000,074,015 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Incident_Occurrence_Report_Draft[1].pdf
[2009/04/19 22:56:28 | 000,060,416 | ---- | M] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/02/23 09:39:05 | 000,030,119 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\insurancechecklist.pdf
[2009/02/12 21:20:42 | 000,005,630 | ---- | M] () -- C:\WINDOWS\System32\IE8Eula.rtf
[2009/02/06 10:51:45 | 000,070,605 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\CNA_-_HHA_Weekly_Notes_-_1_page.pdf
[2009/01/29 14:38:30 | 000,089,055 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Latonia Barnes - AIT (12282008).pdf
[2009/01/21 16:07:38 | 004,057,719 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Universal Credentialling Packet 2009.pdf
[2009/01/21 13:56:34 | 000,108,378 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\AAH CNA Note Sheet0001.pdf
[2009/01/21 12:12:43 | 000,118,298 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Office Depot Ad0001.pdf
[2009/01/08 16:08:31 | 000,064,879 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Mayer - January Schedule.pdf
[2009/01/08 14:33:58 | 000,139,966 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Dow, Vicki - notes Zytko 12-28-08.pdf
[2009/01/07 17:20:20 | 000,008,798 | ---- | M] () -- C:\WINDOWS\System32\icrav03.rat
[2009/01/06 12:32:36 | 000,285,721 | ---- | M] () -- C:\WINDOWS\System32\WebEx Document Loader Port
[2008/12/31 16:19:21 | 000,287,018 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Bailey, Andrew - all shifts 12-28-2008.pdf
[2008/12/31 15:48:30 | 000,026,343 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Micheal B - Service Agreement.rtf
[2008/11/14 18:10:23 | 000,001,802 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2008/10/17 19:29:25 | 000,047,640 | -H-- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2008/10/17 03:02:56 | 000,126,976 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrfxD05b.dll
[2008/10/09 12:06:40 | 000,007,029 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Employee list for mail merge.csv
[2008/09/30 07:23:36 | 000,083,695 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Covenant price list -09-30-080001.pdf
[2008/09/15 00:02:06 | 001,530,880 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia08b.dll
[2008/08/27 01:50:16 | 000,051,712 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUsi08b.dll
[2008/08/23 02:17:36 | 000,118,784 | ---- | M] (Brother Industries,LTD.) -- C:\WINDOWS\System32\BrMfNt.dll
[2008/08/01 00:01:35 | 000,001,494 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Calculator.lnk
[2008/07/28 16:06:08 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\E-mail.lnk
[2008/07/25 18:56:18 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2008/07/17 15:29:28 | 000,054,551 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\test.pdf
[2008/07/16 11:24:10 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Stamps.com.lnk
[2008/07/16 09:03:22 | 000,001,024 | ---- | M] () -- C:\.rnd
[2008/07/15 23:23:41 | 000,001,781 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RingCentral Call Controller.lnk
[2008/07/15 23:04:26 | 000,001,880 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_ED884AA-ABA SR1675CL NA580_YC_0Pres_QCNH543_E54NAsyRED1_48_IAmberine M_SASUSTek Computer INC._V1.03_B3.08_T050913_WXP2_L409_M959_J250_7AMD_8Athlon 64_92.19_#060116_N10EC8139_Z14F12F20_G10025954.MRK
[2008/07/15 23:00:55 | 000,001,063 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008/07/15 22:43:42 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2008/07/15 09:53:12 | 000,142,050 | ---- | M] () -- C:\WINDOWS\hpwins05.dat.temp
[2008/07/14 11:46:42 | 000,009,216 | ---- | M] () -- C:\imageTable.cdx
[2008/07/14 11:46:42 | 000,007,680 | ---- | M] () -- C:\albumImagesTable.cdx
[2008/07/14 11:46:42 | 000,006,144 | ---- | M] () -- C:\ROFImagesTable.cdx
[2008/07/14 11:46:42 | 000,006,144 | ---- | M] () -- C:\keywordImagesTable.cdx
[2008/07/14 11:46:42 | 000,004,608 | ---- | M] () -- C:\pathnameTable.cdx
[2008/07/14 11:46:42 | 000,004,608 | ---- | M] () -- C:\keywordTable.cdx
[2008/07/14 11:46:42 | 000,004,608 | ---- | M] () -- C:\albumTable.cdx
[2008/07/14 11:46:42 | 000,003,072 | ---- | M] () -- C:\ROFTable.cdx
[2008/07/14 11:46:42 | 000,003,072 | ---- | M] () -- C:\EXIFTable.cdx
[2008/07/14 11:46:42 | 000,000,937 | ---- | M] () -- C:\imageTable.dbf
[2008/07/14 11:46:42 | 000,000,937 | ---- | M] () -- C:\imageTable.bak
[2008/07/14 11:46:42 | 000,000,585 | ---- | M] () -- C:\albumTable.dbf
[2008/07/14 11:46:42 | 000,000,585 | ---- | M] () -- C:\albumTable.bak
[2008/07/14 11:46:42 | 000,000,512 | ---- | M] () -- C:\imageTable.fpt
[2008/07/14 11:46:42 | 000,000,512 | ---- | M] () -- C:\imageTable.fpk
[2008/07/14 11:46:42 | 000,000,489 | ---- | M] () -- C:\EXIFTable.dbf
[2008/07/14 11:46:42 | 000,000,489 | ---- | M] () -- C:\EXIFTable.bak
[2008/07/14 11:46:42 | 000,000,457 | ---- | M] () -- C:\keywordTable.dbf
[2008/07/14 11:46:42 | 000,000,457 | ---- | M] () -- C:\keywordTable.bak
[2008/07/14 11:46:42 | 000,000,425 | ---- | M] () -- C:\pathnameTable.dbf
[2008/07/14 11:46:42 | 000,000,425 | ---- | M] () -- C:\pathnameTable.bak
[2008/07/14 11:46:42 | 000,000,425 | ---- | M] () -- C:\albumImagesTable.dbf
[2008/07/14 11:46:42 | 000,000,425 | ---- | M] () -- C:\albumImagesTable.bak
[2008/07/14 11:46:42 | 000,000,393 | ---- | M] () -- C:\ROFTable.dbf
[2008/07/14 11:46:42 | 000,000,393 | ---- | M] () -- C:\ROFTable.bak
[2008/07/14 11:46:42 | 000,000,361 | ---- | M] () -- C:\ROFImagesTable.dbf
[2008/07/14 11:46:42 | 000,000,361 | ---- | M] () -- C:\ROFImagesTable.bak
[2008/07/14 11:46:42 | 000,000,361 | ---- | M] () -- C:\managedFolderTable.dbf
[2008/07/14 11:46:42 | 000,000,361 | ---- | M] () -- C:\managedFolderTable.bak
[2008/07/14 11:46:42 | 000,000,361 | ---- | M] () -- C:\keywordImagesTable.dbf
[2008/07/14 11:46:42 | 000,000,361 | ---- | M] () -- C:\keywordImagesTable.bak
[2008/07/14 11:38:33 | 000,000,786 | ---- | M] () -- C:\administrativeInfo.dbf
[2008/07/14 11:38:33 | 000,000,786 | ---- | M] () -- C:\administrativeInfo.bak
[2008/06/21 13:53:16 | 019,153,264 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\aaw2008.exe
[2008/06/16 22:33:14 | 000,167,936 | ---- | M] (brother) -- C:\WINDOWS\System32\NSSearch.dll
[2008/06/04 11:30:41 | 000,000,453 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\kane list for letter.csv
[2008/05/26 20:59:42 | 000,018,904 | ---- | M] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | M] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/13 18:25:26 | 000,001,804 | ---- | M] () -- C:\WINDOWS\System32\dcache.bin
[2008/04/13 18:11:52 | 000,498,742 | ---- | M] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2008/04/13 18:10:08 | 000,844,314 | ---- | M] () -- C:\WINDOWS\System32\msdxm.ocx
[2008/04/13 18:10:08 | 000,844,314 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2008/04/13 18:10:08 | 000,004,126 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2008/04/13 11:26:09 | 000,004,310 | ---- | M] () -- C:\WINDOWS\System32\odbcconf.rsp
[2008/03/24 22:50:40 | 000,355,112 | ---- | M] () -- C:\WINDOWS\System32\dllcache\msjetol1.dll
[2008/02/29 10:29:08 | 000,000,525 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\00Kane Server.lnk
[2008/02/21 15:26:55 | 000,101,220 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Brightstart Healthcare logo.eps
[2007/12/31 14:53:22 | 000,003,683 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\virtual hair.jpg
[2007/12/13 05:16:24 | 000,073,728 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2.dll
[2007/12/13 05:16:20 | 000,005,120 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2L.dll
[2007/11/02 11:13:10 | 000,001,094 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
[2007/09/27 09:51:02 | 000,020,698 | ---- | M] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:51:02 | 000,004,640 | ---- | M] () -- C:\WINDOWS\System32\idxcntrs.h
[2007/09/27 09:48:48 | 000,030,628 | ---- | M] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:48 | 000,002,590 | ---- | M] () -- C:\WINDOWS\System32\gsrvctr.h
[2007/09/27 09:48:28 | 000,031,698 | ---- | M] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/27 09:48:28 | 000,003,100 | ---- | M] () -- C:\WINDOWS\System32\gthrctr.h
[2007/09/14 10:12:17 | 000,016,059 | ---- | M] () -- C:\WINDOWS\hpwscr05.dat
[2007/06/20 23:52:36 | 000,000,974 | ---- | M] () -- C:\WINDOWS\System32\pid.inf
[2007/04/23 13:48:11 | 000,000,004 | -H-- | M] () -- C:\WINDOWS\uccspecb.sys
[2007/04/20 11:05:42 | 000,027,728 | ---- | M] (Mead & Co Limited) -- C:\WINDOWS\System32\MCPXUser.exe
[2007/04/20 11:05:42 | 000,027,728 | ---- | M] (Mead & Co Limited) -- C:\WINDOWS\System32\MCPXHost.exe
[2007/03/20 18:36:11 | 000,000,649 | ---- | M] () -- C:\WINDOWS\hpntwksetup.ini
[2007/03/20 13:59:24 | 000,000,227 | ---- | M] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/03/20 13:48:40 | 000,000,234 | ---- | M] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2007/03/20 13:48:23 | 000,000,214 | ---- | M] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2007/03/20 13:34:12 | 000,000,217 | ---- | M] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2007/03/20 13:33:04 | 000,000,221 | ---- | M] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007/01/31 09:58:39 | 000,266,240 | ---- | M] (TODO: <Company name>) -- C:\WINDOWS\SBCDSL.exe
[2007/01/26 12:49:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\hpqEmlSz.INI
[2007/01/01 12:14:02 | 000,008,975 | ---- | M] () -- C:\WINDOWS\HL-2070N.INI
[2007/01/01 12:14:02 | 000,000,146 | ---- | M] () -- C:\WINDOWS\BRVIDEO.INI
[2007/01/01 12:14:02 | 000,000,040 | ---- | M] () -- C:\WINDOWS\BRDIAG.INI
[2007/01/01 12:14:02 | 000,000,023 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2006/12/21 01:23:46 | 000,176,128 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BROSNMP.DLL
[2006/11/03 09:55:11 | 000,069,417 | ---- | M] () -- C:\WINDOWS\hpoins05.dat.temp
[2006/10/09 15:12:30 | 000,224,256 | ---- | M] () -- C:\WINDOWS\System32\psisrndr.ax
[2006/10/09 15:12:30 | 000,224,256 | ---- | M] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2006/10/09 15:12:14 | 000,235,008 | ---- | M] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/10/09 15:12:14 | 000,235,008 | ---- | M] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2006/09/23 12:12:38 | 000,074,715 | ---- | M] () -- C:\WINDOWS\System32\IE7Eula.rtf
[2006/09/07 13:41:04 | 000,003,953 | ---- | M] () -- C:\WINDOWS\hpwmdl05.dat.temp
[2006/09/01 07:44:04 | 000,001,988 | ---- | M] () -- C:\WINDOWS\System32\ticrf.rat
[2006/07/06 19:40:24 | 000,073,728 | ---- | M] (Brother Industories Ltd. P&S Company) -- C:\WINDOWS\System32\BRCrypt.dll
[2006/03/07 11:11:07 | 000,000,000 | ---- | M] () -- C:\WINDOWS\QuickInstall.INI
[2006/03/03 07:07:02 | 000,143,360 | ---- | M] (Inner Media, Inc.) -- C:\WINDOWS\System32\dunzip32.dll
[2006/02/28 09:12:36 | 000,053,248 | ---- | M] (PalmSource, Inc) -- C:\WINDOWS\PalmDevC.dll
[2006/02/08 13:11:14 | 000,000,143 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2006/01/31 10:14:50 | 000,454,656 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Preparing for Change When the Unexpeced Happens.pub
[2006/01/26 14:06:52 | 000,139,264 | ---- | M] (Hewlett Packard) -- C:\WINDOWS\System32\hpzjrd01.dll
[2006/01/17 12:47:33 | 003,146,755 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\d641194swedberg.pdf
[2005/12/23 12:12:22 | 000,155,648 | ---- | M] (Hewlett Packard) -- C:\WINDOWS\System32\HPTcpMon.dll
[2005/12/23 12:11:02 | 000,102,400 | ---- | M] (Hewlett Packard) -- C:\WINDOWS\System32\HPTcpMib.dll
[2005/12/23 09:40:36 | 000,286,720 | ---- | M] (none) -- C:\WINDOWS\System32\DGXUtil.ocx
[2005/12/21 08:24:36 | 000,001,760 | ---- | M] () -- C:\WINDOWS\System32\objsafe.tlb
[2005/12/21 08:24:08 | 000,393,728 | ---- | M] () -- C:\WINDOWS\System32\pdfspme.dll
[2005/12/21 08:24:08 | 000,024,576 | ---- | M] (adultpdf.com) -- C:\WINDOWS\System32\pdfspmeCOM.dll
[2005/12/19 14:23:20 | 000,524,288 | ---- | M] (Quest Diagnostics) -- C:\WINDOWS\System32\DGXPDF.ocx
[2005/12/08 14:56:01 | 000,056,030 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\nursing notes form nancy.pdf
[2005/12/08 14:49:59 | 000,056,030 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\nursing notes form nancy.pdf
[2005/10/05 13:28:40 | 000,280,916 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Provena Mercy Medical Center Catering - Aurora, IL.mht
[2005/08/14 17:24:53 | 000,000,061 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2005/08/14 17:24:49 | 000,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf
[2005/08/14 17:00:57 | 000,118,842 | R--- | M] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-5577497.exe
[2005/08/14 17:00:43 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2005/08/14 17:00:25 | 000,001,715 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Compaq Organize.lnk
[2005/08/14 16:59:58 | 000,012,961 | ---- | M] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/08/14 16:57:37 | 000,000,180 | ---- | M] () -- C:\WINDOWS\Quicken.ini
[2005/08/14 16:55:29 | 000,001,640 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2005/08/14 16:54:44 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2005/08/14 16:44:00 | 000,000,059 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2005/08/14 16:42:59 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk
[2005/08/14 16:42:53 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2005/08/14 16:39:37 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2005/08/14 16:24:49 | 000,218,245 | ---- | M] () -- C:\WINDOWS\orun32.isu
[2005/08/14 16:24:48 | 000,000,791 | ---- | M] () -- C:\WINDOWS\orun32.ini
[2005/08/08 11:20:14 | 000,000,979 | ---- | M] () -- C:\WINDOWS\System32\objsafe.odl
[2005/08/08 10:23:32 | 000,139,264 | ---- | M] (Anex Technologies Inc.) -- C:\WINDOWS\System32\Anx417.ocx
[2005/08/08 10:23:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\Anx417.dll
[2005/08/08 10:23:32 | 000,024,576 | ---- | M] () -- C:\WINDOWS\System32\Anx417.oca
[2005/08/08 10:23:32 | 000,000,426 | ---- | M] () -- C:\WINDOWS\System32\Anx417.lic
[2005/08/08 10:23:06 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\PaintX.dll
[2005/08/08 10:21:36 | 000,557,056 | ---- | M] (PDFlib GmbH) -- C:\WINDOWS\System32\pdflib.dll
[2005/08/05 13:01:54 | 000,240,640 | ---- | M] () -- C:\WINDOWS\System32\dllcache\wstrendr.ax
[2005/08/05 13:01:54 | 000,240,640 | ---- | M] () -- C:\WINDOWS\System32\wstrenderer.ax
[2005/08/05 13:01:54 | 000,167,936 | ---- | M] () -- C:\WINDOWS\System32\wstpager.ax
[2005/08/05 13:01:54 | 000,167,936 | ---- | M] () -- C:\WINDOWS\System32\dllcache\wstpager.ax
[2005/08/05 13:01:54 | 000,159,744 | ---- | M] () -- C:\WINDOWS\System32\VBICodec.ax
[2005/08/05 13:01:54 | 000,062,976 | ---- | M] () -- C:\WINDOWS\System32\dllcache\Mpg2data.ax
[2005/08/05 13:01:54 | 000,062,976 | ---- | M] () -- C:\WINDOWS\System32\mpeg2data.ax
[2005/08/05 13:01:54 | 000,058,368 | ---- | M] () -- C:\WINDOWS\System32\Msdvbnp.ax
[2005/08/05 13:01:54 | 000,058,368 | ---- | M] () -- C:\WINDOWS\System32\dllcache\Msdvbnp.ax
[2005/08/05 12:06:50 | 000,165,376 | ---- | M] () -- C:\WINDOWS\System32\mpg2splt.ax
[2005/08/05 12:06:50 | 000,165,376 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2005/08/05 12:05:32 | 000,064,512 | ---- | M] () -- C:\WINDOWS\System32\msnp.ax
[2005/07/28 19:11:23 | 000,019,696 | ---- | M] () -- C:\WINDOWS\hpomdl05.dat.temp
[2005/07/27 09:06:43 | 000,655,178 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Lori RothschadlmResume 072611_00000.pdf
[2005/07/07 14:07:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\px.ini
[2005/07/04 06:52:50 | 000,018,432 | ---- | M] (First 4 Internet) -- C:\WINDOWS\System32\drivers\$sys$cor.sys
[2005/06/30 10:07:55 | 000,472,281 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\July Vacation Schedule.pdf
[2005/06/27 11:45:23 | 000,563,129 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\About BrightStar_T Koenig_KaneCountynew.pdf
[2005/06/16 10:29:32 | 001,283,747 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Live-in Timesheet_00000.pdf
[2005/06/09 14:22:38 | 001,803,987 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Service Agreement Home ServiesmostrecentArdenCourt.pdf
[2005/06/08 08:26:58 | 000,021,360 | ---- | M] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2005/06/02 08:42:18 | 001,194,110 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Steven J Newell LLC in Elgin, IL 304 Spruce S, Elgin, IL.mht
[2005/06/02 08:13:10 | 001,803,987 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Service Agreement Home Serviesmostrecent.pdf
[2005/06/02 08:11:52 | 001,803,133 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Service Agreement Home Nursingmostrecent.pdf
[2005/05/16 19:43:08 | 000,094,574 | ---- | M] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/05/09 21:47:30 | 000,005,396 | ---- | M] () -- C:\WINDOWS\System32\atifglpf.xml
[2005/05/04 08:38:26 | 000,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2005/04/26 10:00:00 | 000,019,736 | ---- | M] () -- C:\WINDOWS\System32\oemlogo.bmp
[2005/04/26 10:00:00 | 000,000,592 | ---- | M] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/04/19 11:42:34 | 000,904,141 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Emergency contact numbers.xml
[2005/04/07 12:20:56 | 000,524,850 | ---- | M] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2005/04/07 12:20:56 | 000,000,900 | ---- | M] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2005/03/25 01:03:44 | 000,083,912 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2005/03/25 01:03:41 | 000,031,144 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2005/03/25 01:03:40 | 000,092,072 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2005/03/24 13:59:22 | 000,062,078 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Senior Safety Academy .pdf
[2005/03/14 09:36:21 | 000,000,869 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Live-in Client Consent.lnk
[2005/03/14 09:13:51 | 000,031,892 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Flushotmp.pdf
[2005/03/14 09:12:25 | 000,025,086 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\TBtestmp.pdf
[2005/03/10 13:09:49 | 000,342,056 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Live-in Employee Consent Form.pdf
[2005/03/10 11:52:42 | 000,058,521 | ---- | M] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2005/03/09 09:14:33 | 000,393,798 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Live-in Client Consent.pdf
[2005/03/03 16:33:24 | 000,413,378 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\CCF03032005_00000.jpg
[2005/02/07 09:55:56 | 001,187,840 | ---- | M] (First4Internet) -- C:\WINDOWS\System32\ECDPlayerControl.ocx
[2005/01/31 06:19:34 | 000,446,464 | ---- | M] (First4Internet) -- C:\WINDOWS\System32\AXPSupport.dll
[2005/01/24 03:06:23 | 000,266,240 | ---- | M] (First 4 Internet Ltd) -- C:\WINDOWS\System32\InstallContinue.exe
[2005/01/17 06:10:16 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2005/01/14 23:07:10 | 000,343,216 | ---- | M] (KeyWorks Software) -- C:\WINDOWS\System32\keyhelp.ocx
[2005/01/14 23:07:06 | 001,699,913 | ---- | M] (Intuit Inc.) -- C:\WINDOWS\System32\inetclnt.dll
[2005/01/01 02:27:23 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2005/01/01 02:27:23 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2005/01/01 02:27:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2005/01/01 02:27:19 | 1005,113,344 | -HS- | M] () -- C:\hiberfil.sys
[2005/01/01 01:39:02 | 000,000,325 | RH-- | M] () -- C:\boot.ini
[2005/01/01 00:09:18 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2005/01/01 00:01:05 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2004/12/31 23:02:45 | 000,000,271 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Microsoft Update.url
[2004/12/15 15:52:40 | 000,129,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\HSFProf.cty
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/13 10:31:59 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/11/13 10:31:58 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/11/13 10:22:12 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/11/13 10:22:01 | 000,001,706 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/11/13 10:21:48 | 000,000,750 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/11/13 10:21:48 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Internet.lnk
[2012/11/13 10:21:46 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/07/18 12:51:24 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/07/18 12:47:34 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/07/09 08:53:19 | 000,001,515 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Network Monitoring Tray.lnk
[2012/07/09 08:52:10 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/07/09 08:45:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\-g2JeRL2J7jxAvY
[2012/07/09 08:44:58 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\g2JeRL2J7jxAvY
[2012/07/02 09:07:24 | 000,029,583 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Millionaire Dates - Online Dating - Fix the problems___.htm
[2012/05/26 22:31:38 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2012/05/25 19:36:57 | 000,000,271 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Microsoft Update.url
[2012/05/25 15:58:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/05/25 15:58:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/05/25 15:30:24 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2012/05/25 15:30:24 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/05/25 15:19:36 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Outlook Express.lnk
[2012/05/07 10:23:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2012/05/07 10:23:55 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2012/05/07 10:23:44 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2012/05/07 10:23:44 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2012/05/07 10:23:44 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2012/05/07 10:23:35 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2012/05/07 10:23:06 | 000,250,048 | ---- | C] () -- C:\ntldr
[2012/05/07 10:10:04 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2012/05/05 08:08:39 | 000,001,486 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2012/05/03 14:21:17 | 000,001,474 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Media Center.lnk
[2012/05/03 14:13:37 | 000,001,811 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
[2012/05/03 10:55:20 | 000,015,333 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\2740107403_2740107403_0.pdf
[2012/04/17 09:45:36 | 000,230,972 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\wine invitedelnor.pdf
[2012/03/09 12:28:45 | 000,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2012/03/09 12:17:48 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012/03/09 12:17:46 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012/03/09 12:17:46 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/11/03 09:28:36 | 000,386,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2010/11/23 12:20:21 | 000,683,333 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\BankTrustOfficers2005.pdf
[2010/10/24 16:28:51 | 000,001,457 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to CCE10242010_00000.lnk
[2010/10/24 16:28:10 | 000,326,997 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\CCE10242010_00000.jpg
[2010/08/10 09:31:05 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to BrightStar Logo C cdb small.lnk
[2010/07/22 15:37:56 | 000,042,651 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\sellers.htm
[2010/07/12 08:40:18 | 000,536,861 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\The TOP 20 Selling Strategy Reference Guide.pdf
[2010/06/21 13:26:42 | 000,061,090 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\mda
[2010/04/23 10:39:36 | 000,007,901 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\ESPN.htm
[2010/04/21 14:24:18 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Bstar-KaneAnderson.lnk
[2010/04/08 10:37:56 | 000,000,406 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to SCANS.lnk
[2010/04/08 08:03:29 | 000,001,780 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Click to SCAN - then click FILE.lnk
[2010/04/08 08:03:19 | 000,000,244 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2010/04/08 08:03:19 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2010/04/08 08:02:03 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BD9120CN.DAT
[2010/04/08 08:02:01 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2010/04/08 08:02:01 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2010/04/08 08:02:01 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRADC08A.DAT
[2010/04/08 08:01:43 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/04/08 08:01:43 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2010/04/08 08:01:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2010/04/05 12:13:01 | 000,469,504 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\09OctSSA.pub
[2010/03/11 15:54:46 | 035,259,334 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\LawElderLaw.bmp
[2010/03/11 15:47:37 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to LawElderLaw.lnk
[2010/02/05 13:27:27 | 000,044,766 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\english_marypat_gif.mht
[2010/01/11 16:11:33 | 006,759,344 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\m_english[1]_jpg.mht
[2010/01/11 14:16:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\New TIFF Image.tif
[2009/11/27 11:11:44 | 001,292,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2009/07/31 22:27:38 | 000,201,184 | ---- | C] () -- C:\WINDOWS\System32\winrm.vbs
[2009/07/16 09:30:06 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\winrmprov.mof
[2009/07/16 09:30:04 | 000,002,426 | ---- | C] () -- C:\WINDOWS\System32\WsmTxt.xsl
[2009/07/16 09:30:04 | 000,001,559 | ---- | C] () -- C:\WINDOWS\System32\WsmPty.xsl
[2009/07/16 09:30:04 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\winrm.cmd
[2009/04/20 09:52:19 | 000,074,015 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Incident_Occurrence_Report_Draft[1].pdf
[2009/02/23 09:39:03 | 000,030,119 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\insurancechecklist.pdf
[2009/02/12 21:20:42 | 000,005,630 | ---- | C] () -- C:\WINDOWS\System32\IE8Eula.rtf
[2009/02/06 10:51:44 | 000,070,605 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\CNA_-_HHA_Weekly_Notes_-_1_page.pdf
[2009/01/29 14:38:28 | 000,089,055 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Latonia Barnes - AIT (12282008).pdf
[2009/01/21 16:07:37 | 004,057,719 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Universal Credentialling Packet 2009.pdf
[2009/01/21 13:56:32 | 000,108,378 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\AAH CNA Note Sheet0001.pdf
[2009/01/21 12:12:37 | 000,118,298 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Office Depot Ad0001.pdf
[2009/01/08 16:08:30 | 000,064,879 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Mayer - January Schedule.pdf
[2009/01/08 14:33:44 | 000,139,966 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Dow, Vicki - notes Zytko 12-28-08.pdf
[2009/01/06 12:32:20 | 000,285,721 | ---- | C] () -- C:\WINDOWS\System32\WebEx Document Loader Port
[2008/12/31 16:18:58 | 000,287,018 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Bailey, Andrew - all shifts 12-28-2008.pdf
[2008/12/31 15:48:30 | 000,026,343 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Micheal B - Service Agreement.rtf
[2008/11/14 18:10:23 | 000,001,802 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2008/11/14 18:08:25 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2008/10/09 12:06:40 | 000,007,029 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Employee list for mail merge.csv
[2008/09/30 07:23:31 | 000,083,695 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Covenant price list -09-30-080001.pdf
[2008/09/19 14:47:05 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008/07/28 16:06:08 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\E-mail.lnk
[2008/07/24 14:18:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2008/07/17 15:29:28 | 000,054,551 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\test.pdf
[2008/07/16 11:24:10 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Stamps.com.lnk
[2008/07/16 11:23:32 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\f9t.dat
[2008/07/15 23:04:24 | 000,001,880 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_ED884AA-ABA SR1675CL NA580_YC_0Pres_QCNH543_E54NAsyRED1_48_IAmberine M_SASUSTek Computer INC._V1.03_B3.08_T050913_WXP2_L409_M959_J250_7AMD_8Athlon 64_92.19_#060116_N10EC8139_Z14F12F20_G10025954.MRK
[2008/07/15 23:04:17 | 1005,113,344 | -HS- | C] () -- C:\hiberfil.sys
[2008/07/15 23:02:40 | 000,001,640 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2008/07/15 23:02:40 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk
[2008/07/15 23:02:40 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2008/07/15 23:02:40 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2008/07/15 23:02:39 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat
[2008/07/15 23:02:36 | 000,001,607 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Remote Assistance.lnk
[2008/07/15 23:02:36 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Internet Explorer.lnk
[2008/07/15 23:02:36 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Windows Media Player.lnk
[2008/07/14 11:38:33 | 000,009,216 | ---- | C] () -- C:\imageTable.cdx
[2008/07/14 11:38:33 | 000,007,680 | ---- | C] () -- C:\albumImagesTable.cdx
[2008/07/14 11:38:33 | 000,006,144 | ---- | C] () -- C:\ROFImagesTable.cdx
[2008/07/14 11:38:33 | 000,006,144 | ---- | C] () -- C:\keywordImagesTable.cdx
[2008/07/14 11:38:33 | 000,004,608 | ---- | C] () -- C:\pathnameTable.cdx
[2008/07/14 11:38:33 | 000,004,608 | ---- | C] () -- C:\keywordTable.cdx
[2008/07/14 11:38:33 | 000,004,608 | ---- | C] () -- C:\albumTable.cdx
[2008/07/14 11:38:33 | 000,003,072 | ---- | C] () -- C:\ROFTable.cdx
[2008/07/14 11:38:33 | 000,003,072 | ---- | C] () -- C:\EXIFTable.cdx
[2008/07/14 11:38:33 | 000,000,937 | ---- | C] () -- C:\imageTable.dbf
[2008/07/14 11:38:33 | 000,000,937 | ---- | C] () -- C:\imageTable.bak
[2008/07/14 11:38:33 | 000,000,786 | ---- | C] () -- C:\administrativeInfo.dbf
[2008/07/14 11:38:33 | 000,000,786 | ---- | C] () -- C:\administrativeInfo.bak
[2008/07/14 11:38:33 | 000,000,585 | ---- | C] () -- C:\albumTable.dbf
[2008/07/14 11:38:33 | 000,000,585 | ---- | C] () -- C:\albumTable.bak
[2008/07/14 11:38:33 | 000,000,512 | ---- | C] () -- C:\imageTable.fpt
[2008/07/14 11:38:33 | 000,000,512 | ---- | C] () -- C:\imageTable.fpk
[2008/07/14 11:38:33 | 000,000,489 | ---- | C] () -- C:\EXIFTable.dbf
[2008/07/14 11:38:33 | 000,000,489 | ---- | C] () -- C:\EXIFTable.bak
[2008/07/14 11:38:33 | 000,000,457 | ---- | C] () -- C:\keywordTable.dbf
[2008/07/14 11:38:33 | 000,000,457 | ---- | C] () -- C:\keywordTable.bak
[2008/07/14 11:38:33 | 000,000,425 | ---- | C] () -- C:\pathnameTable.dbf
[2008/07/14 11:38:33 | 000,000,425 | ---- | C] () -- C:\pathnameTable.bak
[2008/07/14 11:38:33 | 000,000,425 | ---- | C] () -- C:\albumImagesTable.dbf
[2008/07/14 11:38:33 | 000,000,425 | ---- | C] () -- C:\albumImagesTable.bak
[2008/07/14 11:38:33 | 000,000,393 | ---- | C] () -- C:\ROFTable.dbf
[2008/07/14 11:38:33 | 000,000,393 | ---- | C] () -- C:\ROFTable.bak
[2008/07/14 11:38:33 | 000,000,361 | ---- | C] () -- C:\ROFImagesTable.dbf
[2008/07/14 11:38:33 | 000,000,361 | ---- | C] () -- C:\ROFImagesTable.bak
[2008/07/14 11:38:33 | 000,000,361 | ---- | C] () -- C:\managedFolderTable.dbf
[2008/07/14 11:38:33 | 000,000,361 | ---- | C] () -- C:\managedFolderTable.bak
[2008/07/14 11:38:33 | 000,000,361 | ---- | C] () -- C:\keywordImagesTable.dbf
[2008/07/14 11:38:33 | 000,000,361 | ---- | C] () -- C:\keywordImagesTable.bak
[2008/07/14 11:15:23 | 000,142,050 | ---- | C] () -- C:\WINDOWS\hpwins05.dat.temp
[2008/07/14 11:15:23 | 000,003,953 | ---- | C] () -- C:\WINDOWS\hpwmdl05.dat.temp
[2008/07/14 11:15:03 | 000,016,059 | ---- | C] () -- C:\WINDOWS\hpwscr05.dat
[2008/06/21 13:53:15 | 019,153,264 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\aaw2008.exe
[2008/06/21 13:48:32 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2008/06/04 11:30:27 | 000,000,453 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\kane list for letter.csv
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/05/12 07:54:42 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/03/11 13:35:32 | 000,101,220 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Brightstart Healthcare logo.eps
[2008/03/10 12:30:31 | 000,001,494 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Calculator.lnk
[2008/03/06 13:04:05 | 000,001,781 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RingCentral Call Controller.lnk
[2008/03/05 08:36:56 | 000,002,497 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Microsoft Office Word 2003.lnk
[2008/02/29 10:29:08 | 000,000,525 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\00Kane Server.lnk
[2008/02/28 16:15:23 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:51:02 | 000,004,640 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.h
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:48 | 000,002,590 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.h
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/27 09:48:28 | 000,003,100 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.h
[2007/04/23 13:48:11 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\uccspecb.sys
[2007/03/20 18:27:01 | 000,001,024 | ---- | C] () -- C:\.rnd
[2007/03/20 18:26:55 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn.lnk
[2007/03/20 13:59:24 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/03/20 13:48:40 | 000,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2007/03/20 13:48:23 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2007/03/20 13:34:12 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2007/03/20 13:33:04 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007/01/26 12:49:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2007/01/01 12:14:02 | 000,000,146 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2007/01/01 12:14:02 | 000,000,040 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2007/01/01 12:14:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2007/01/01 12:13:53 | 000,008,975 | ---- | C] () -- C:\WINDOWS\HL-2070N.INI
[2007/01/01 12:13:33 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006/11/03 16:57:49 | 000,000,649 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2006/11/03 16:44:44 | 000,069,417 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2006/11/03 16:44:44 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat.temp
[2006/09/23 12:12:38 | 000,074,715 | ---- | C] () -- C:\WINDOWS\System32\IE7Eula.rtf
[2006/09/01 07:44:04 | 000,008,798 | ---- | C] () -- C:\WINDOWS\System32\icrav03.rat
[2006/09/01 07:44:04 | 000,001,988 | ---- | C] () -- C:\WINDOWS\System32\ticrf.rat
[2006/08/30 10:11:59 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2006/03/07 11:11:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/02/08 14:23:50 | 000,001,094 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
[2006/02/03 17:20:43 | 000,000,279 | ---- | C] () -- C:\Boot.bak
[2006/02/03 17:20:40 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2006/01/31 10:01:15 | 000,454,656 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Preparing for Change When the Unexpeced Happens.pub
[2006/01/17 12:47:33 | 003,146,755 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\d641194swedberg.pdf
[2006/01/16 16:58:44 | 000,001,715 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Compaq Organize.lnk
[2006/01/16 16:47:36 | 000,000,247 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.dat
[2005/12/21 08:24:36 | 000,001,760 | ---- | C] () -- C:\WINDOWS\System32\objsafe.tlb
[2005/12/21 08:24:08 | 000,393,728 | ---- | C] () -- C:\WINDOWS\System32\pdfspme.dll
[2005/12/08 14:56:01 | 000,056,030 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\nursing notes form nancy.pdf
[2005/12/08 14:49:47 | 000,056,030 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\nursing notes form nancy.pdf
[2005/10/05 13:08:55 | 000,280,916 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Provena Mercy Medical Center Catering - Aurora, IL.mht
[2005/08/14 17:24:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/14 17:24:49 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\$ncsp$.inf
[2005/08/14 17:23:03 | 000,001,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2005/08/14 17:00:58 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-5577497.exe
[2005/08/14 17:00:42 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2005/08/14 16:59:58 | 000,012,961 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/08/14 16:59:57 | 000,019,736 | ---- | C] () -- C:\WINDOWS\System32\oemlogo.bmp
[2005/08/14 16:59:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/08/14 16:57:37 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/08/14 16:54:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/14 16:52:59 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2003.lnk
[2005/08/14 16:50:24 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/08/14 16:50:24 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/08/14 16:50:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/08/14 16:50:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/08/14 16:50:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/08/14 16:50:24 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/08/14 16:44:00 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/08/14 16:39:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/14 16:39:31 | 000,001,361 | ---- | C] () -- C:\WINDOWS\System32\fxscount.h
[2005/08/14 16:39:31 | 000,000,535 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2005/08/14 16:37:06 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\HSFProf.cty
[2005/08/14 16:35:48 | 000,524,850 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2005/08/14 16:35:48 | 000,094,574 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/08/14 16:35:48 | 000,058,521 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2005/08/14 16:35:48 | 000,021,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2005/08/14 16:35:48 | 000,005,396 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2005/08/14 16:35:48 | 000,000,900 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2005/08/14 16:22:48 | 000,218,245 | ---- | C] () -- C:\WINDOWS\orun32.isu
[2005/08/14 16:22:48 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/08/14 16:18:53 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\bcbsmp50.bpl
[2005/08/14 16:18:53 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/08/08 11:20:14 | 000,000,979 | ---- | C] () -- C:\WINDOWS\System32\objsafe.odl
[2005/08/08 10:23:32 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Anx417.dll
[2005/08/08 10:23:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\Anx417.oca
[2005/08/08 10:23:32 | 000,000,426 | ---- | C] () -- C:\WINDOWS\System32\Anx417.lic
[2005/08/08 10:23:06 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2005/08/05 13:02:00 | 000,224,256 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2005/08/05 13:02:00 | 000,224,256 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2005/08/05 13:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/05 13:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2005/08/05 13:01:54 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\Msdvbnp.ax
[2005/08/05 13:01:54 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\dllcache\Msdvbnp.ax
[2005/08/05 12:05:32 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\msnp.ax
[2005/07/27 09:06:38 | 000,655,178 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Lori RothschadlmResume 072611_00000.pdf
[2005/07/07 14:07:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/06/30 10:07:55 | 000,472,281 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\July Vacation Schedule.pdf
[2005/06/09 14:22:38 | 001,803,987 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Service Agreement Home ServiesmostrecentArdenCourt.pdf
[2005/06/08 10:54:38 | 000,000,325 | RH-- | C] () -- C:\boot.ini
[2005/06/07 16:48:54 | 000,243,920 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/06/07 00:57:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/06/07 00:55:32 | 000,507,094 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/06/07 00:55:32 | 000,088,322 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/06/07 00:53:54 | 000,001,158 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2005/06/02 08:42:10 | 001,194,110 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Steven J Newell LLC in Elgin, IL 304 Spruce S, Elgin, IL.mht
[2005/06/02 08:12:26 | 001,803,987 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Service Agreement Home Serviesmostrecent.pdf
[2005/06/02 08:11:52 | 001,803,133 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Service Agreement Home Nursingmostrecent.pdf
[2005/04/19 11:42:34 | 000,904,141 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\Emergency contact numbers.xml
[2005/03/24 13:59:21 | 000,062,078 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Senior Safety Academy .pdf
[2005/03/22 09:34:21 | 000,563,129 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\About BrightStar_T Koenig_KaneCountynew.pdf
[2005/03/14 09:44:49 | 001,283,747 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Live-in Timesheet_00000.pdf
[2005/03/14 09:36:21 | 000,000,869 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Shortcut to Live-in Client Consent.lnk
[2005/03/14 09:13:51 | 000,031,892 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Flushotmp.pdf
[2005/03/14 09:12:24 | 000,025,086 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\TBtestmp.pdf
[2005/03/10 13:09:49 | 000,342,056 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Live-in Employee Consent Form.pdf
[2005/03/09 09:14:31 | 000,393,798 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Live-in Client Consent.pdf
[2005/03/03 16:35:18 | 000,413,378 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\CCF03032005_00000.jpg
[2005/03/03 16:34:56 | 000,003,683 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\My Documents\virtual hair.jpg
[2005/01/01 01:34:12 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2005/01/01 01:34:12 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2005/01/01 01:34:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2005/01/01 01:34:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2005/01/01 01:34:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2005/01/01 00:09:18 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2004/11/17 05:32:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/11/17 05:27:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 20:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/26 23:51:38 | 000,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/06/22 02:42:36 | 000,167,936 | ---- | C] () -- C:\WINDOWS\CDProxyServ.exe
[2004/06/22 02:34:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\$sys$upgtool.exe
[2003/01/07 23:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2006/02/28 09:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2005/01/01 00:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2008/08/08 08:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2008/04/09 12:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2012/04/13 15:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RingCentral
[2008/01/03 08:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{B0AFCE64-DF3F-4824-8985-B21DB0EEE07B}
[2008/01/03 08:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{EF257B1A-26EA-4A90-9BCC-54CA818488E8}
[2008/07/16 11:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{FBB5C4A9-4848-46A0-8863-C359F08D7728}
[2008/09/19 14:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Blackberry Desktop
[2006/01/06 14:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Catalina Marketing Corp
[2009/01/08 11:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\GetRightToGo
[2006/02/28 09:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\HotSync
[2009/02/17 17:33:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Image Zone Express
[2008/01/08 11:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\InterTrust
[2009/04/20 13:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\iWin
[2012/07/18 11:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\JAM Software
[2006/03/02 12:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Leadertech
[2007/01/04 08:19:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\MSNInstaller
[2009/02/17 17:33:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Printer Info Cache
[2008/09/19 14:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Research In Motion
[2005/08/14 16:59:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\SampleView
[2009/07/08 10:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Stamps.com Internet Postage
[2006/02/08 14:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Template
[2012/05/24 09:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\TightVNC
[2012/05/03 13:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\webex
[2012/05/05 08:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Windows Desktop Search
[2012/07/11 14:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Windows Search
[2005/01/01 02:27:23 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
Fatie32

Fatie32

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
security check:
Results of screen317's Security Check version 0.99.54
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Please wait while WMIC is being installed.d
i
s
p
l
a
y
N
a
m
e
ECHO is off.
M
i
c
r
o
s
o
f
t
ECHO is off.
S
e
c
u
r
i
t
y
ECHO is off.
E
s
e
n
t
i
a
l
s
ECHO is off.
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 7
Java version out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (16.0.2)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````


rebooting now for second log.
  • 0

#4
Fatie32

Fatie32

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
# AdwCleaner v2.008 - Logfile created 11/19/2012 at 14:00:00
# Updated 17/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Compaq_Administrator - GENEVA
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Compaq_Administrator\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\Compaq_Administrator\Application Data\iWin

***** [Registry] *****

Key Deleted : HKCU\Software\FunWebProducts
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\java9mj0.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1324 octets] - [19/11/2012 14:00:00]

########## EOF - C:\AdwCleaner[S1].txt - [1384 octets] ##########
  • 0

#5
Fatie32

Fatie32

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
RogueKiller V8.3.0 [Nov 19 2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Compaq_Administrator [Admin rights]
Mode : Remove -- Date : 11/19/2012 14:08:08

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] CDProxyServ.exe -- C:\WINDOWS\CDProxyServ.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500JS-60MHB1 +++++
--- User ---
[MBR] a22268bc9904a56f42256965f33d728a
[BSP] 8a7884da59e414827f91c43dcf324e78 : Toshiba tatooed MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 7695 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 15759765 | Size: 230777 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 488392065 | Size: 2 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[4]_D_11192012_02d1408.txt >>
RKreport[1]_S_01012005_02d0008.txt ; RKreport[2]_D_01012005_02d0008.txt ; RKreport[3]_S_11192012_02d1407.txt ; RKreport[4]_D_11192012_02d1408.txt
  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#7
Fatie32

Fatie32

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
combo fix froze the computer.
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
  • 0

#9
Fatie32

Fatie32

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
19:51:57.0968 1244 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:51:58.0359 1244 ============================================================
19:51:58.0359 1244 Current date / time: 2012/11/19 19:51:58.0359
19:51:58.0359 1244 SystemInfo:
19:51:58.0359 1244
19:51:58.0359 1244 OS Version: 5.1.2600 ServicePack: 3.0
19:51:58.0359 1244 Product type: Workstation
19:51:58.0359 1244 ComputerName: GENEVA
19:51:58.0359 1244 UserName: Compaq_Administrator
19:51:58.0359 1244 Windows directory: C:\WINDOWS
19:51:58.0359 1244 System windows directory: C:\WINDOWS
19:51:58.0359 1244 Processor architecture: Intel x86
19:51:58.0359 1244 Number of processors: 1
19:51:58.0359 1244 Page size: 0x1000
19:51:58.0359 1244 Boot type: Normal boot
19:51:58.0359 1244 ============================================================
19:52:00.0875 1244 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:52:00.0984 1244 ============================================================
19:52:00.0984 1244 \Device\Harddisk0\DR0:
19:52:00.0984 1244 MBR partitions:
19:52:00.0984 1244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xF07956
19:52:00.0984 1244 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF07995, BlocksNum 0x1C2BCBEC
19:52:00.0984 1244 ============================================================
19:52:01.0031 1244 C: <-> \Device\Harddisk0\DR0\Partition2
19:52:01.0031 1244 D: <-> \Device\Harddisk0\DR0\Partition1
19:52:01.0046 1244 ============================================================
19:52:01.0046 1244 Initialize success
19:52:01.0046 1244 ============================================================
19:52:30.0890 2452 ============================================================
19:52:30.0890 2452 Scan started
19:52:30.0890 2452 Mode: Manual;
19:52:30.0890 2452 ============================================================
19:52:31.0859 2452 ================ Scan system memory ========================
19:52:31.0875 2452 System memory - ok
19:52:31.0875 2452 ================ Scan services =============================
19:52:32.0062 2452 [ 53B049DA317117645068F41FF6A6A80C ] $sys$cor C:\WINDOWS\system32\Drivers\$sys$cor.sys
19:52:32.0062 2452 $sys$cor - ok
19:52:32.0093 2452 [ 1A5E7C6CBAED64159C6B39BE64F4C2FF ] $sys$crater C:\WINDOWS\system32\$sys$filesystem\crater.sys
19:52:32.0093 2452 $sys$crater - ok
19:52:32.0218 2452 Abiosdsk - ok
19:52:32.0234 2452 abp480n5 - ok
19:52:32.0312 2452 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:52:32.0312 2452 ACPI - ok
19:52:32.0359 2452 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:52:32.0359 2452 ACPIEC - ok
19:52:32.0390 2452 adpu160m - ok
19:52:32.0437 2452 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:52:32.0437 2452 aec - ok
19:52:32.0515 2452 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:52:32.0531 2452 AFD - ok
19:52:32.0546 2452 Aha154x - ok
19:52:32.0578 2452 aic78u2 - ok
19:52:32.0593 2452 aic78xx - ok
19:52:32.0703 2452 [ 781C5EC517C53F5214B61253B20C13C4 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:52:32.0781 2452 ALCXWDM - ok
19:52:32.0875 2452 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:52:32.0875 2452 Alerter - ok
19:52:32.0906 2452 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
19:52:32.0906 2452 ALG - ok
19:52:32.0937 2452 AliIde - ok
19:52:32.0968 2452 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
19:52:32.0968 2452 AmdK8 - ok
19:52:33.0015 2452 amsint - ok
19:52:33.0171 2452 [ B8E865D24F2753A35CC2A9A6A3CE1AD4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
19:52:33.0171 2452 Apple Mobile Device - ok
19:52:33.0234 2452 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:52:33.0250 2452 AppMgmt - ok
19:52:33.0281 2452 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:52:33.0281 2452 Arp1394 - ok
19:52:33.0296 2452 asc - ok
19:52:33.0312 2452 asc3350p - ok
19:52:33.0328 2452 asc3550 - ok
19:52:33.0468 2452 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:52:33.0468 2452 aspnet_state - ok
19:52:33.0500 2452 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:52:33.0500 2452 AsyncMac - ok
19:52:33.0531 2452 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:52:33.0531 2452 atapi - ok
19:52:33.0546 2452 Atdisk - ok
19:52:33.0609 2452 [ D33427F6C2B7814100B5BD315E23C12C ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
19:52:33.0640 2452 Ati HotKey Poller - ok
19:52:33.0750 2452 [ B33A281DCDF455B069816790275050A7 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:52:33.0796 2452 ati2mtag - ok
19:52:33.0875 2452 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:52:33.0890 2452 Atmarpc - ok
19:52:33.0953 2452 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:52:33.0953 2452 AudioSrv - ok
19:52:33.0984 2452 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:52:33.0984 2452 audstub - ok
19:52:34.0015 2452 [ 7270D070173B20AC9487EA16BB08B45F ] bb-run C:\WINDOWS\system32\DRIVERS\bb-run.sys
19:52:34.0015 2452 bb-run - ok
19:52:34.0062 2452 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:52:34.0062 2452 Beep - ok
19:52:34.0140 2452 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:52:34.0234 2452 BITS - ok
19:52:34.0296 2452 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:52:34.0312 2452 Bonjour Service - ok
19:52:34.0343 2452 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
19:52:34.0343 2452 Browser - ok
19:52:34.0421 2452 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
19:52:34.0421 2452 BrScnUsb - ok
19:52:34.0484 2452 [ 9F80879913DC2712FD0C4D734E3F519B ] BrSerIb C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
19:52:34.0484 2452 BrSerIb - ok
19:52:34.0515 2452 [ 3A9D55D28F61749A4564AFD1D660C050 ] BrSerIf C:\WINDOWS\system32\DRIVERS\BrSerIf.sys
19:52:34.0515 2452 BrSerIf - ok
19:52:34.0546 2452 [ A24C7B39602218F8DBDB2B6704325FC7 ] BrUsbSer C:\WINDOWS\system32\DRIVERS\BrUsbSer.sys
19:52:34.0546 2452 BrUsbSer - ok
19:52:34.0578 2452 [ B67512DA42C0C90BF236D5485226C1C7 ] BrUsbSIb C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
19:52:34.0578 2452 BrUsbSIb - ok
19:52:34.0703 2452 catchme - ok
19:52:34.0734 2452 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:52:34.0750 2452 cbidf2k - ok
19:52:34.0765 2452 cd20xrnt - ok
19:52:34.0781 2452 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:52:34.0781 2452 Cdaudio - ok
19:52:34.0812 2452 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:52:34.0812 2452 Cdfs - ok
19:52:34.0859 2452 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:52:34.0875 2452 Cdrom - ok
19:52:34.0906 2452 [ F67FF14AE3505BD29CC17BD0EFD97DCC ] CD_Proxy C:\WINDOWS\CDProxyServ.exe
19:52:35.0312 2452 CD_Proxy - ok
19:52:35.0343 2452 Changer - ok
19:52:35.0390 2452 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:52:35.0406 2452 CiSvc - ok
19:52:35.0453 2452 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:52:35.0453 2452 ClipSrv - ok
19:52:35.0484 2452 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:35.0500 2452 clr_optimization_v2.0.50727_32 - ok
19:52:35.0656 2452 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:52:35.0656 2452 clr_optimization_v4.0.30319_32 - ok
19:52:35.0671 2452 CmdIde - ok
19:52:35.0703 2452 COMSysApp - ok
19:52:35.0734 2452 Cpqarray - ok
19:52:35.0796 2452 cpuz135 - ok
19:52:35.0859 2452 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:52:35.0859 2452 CryptSvc - ok
19:52:35.0890 2452 dac2w2k - ok
19:52:35.0906 2452 dac960nt - ok
19:52:35.0984 2452 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:52:36.0015 2452 DcomLaunch - ok
19:52:36.0093 2452 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:52:36.0109 2452 Dhcp - ok
19:52:36.0187 2452 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:52:36.0187 2452 Disk - ok
19:52:36.0203 2452 dmadmin - ok
19:52:36.0296 2452 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:52:36.0328 2452 dmboot - ok
19:52:36.0375 2452 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:52:36.0390 2452 dmio - ok
19:52:36.0421 2452 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:52:36.0421 2452 dmload - ok
19:52:36.0468 2452 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:52:36.0484 2452 dmserver - ok
19:52:36.0500 2452 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:52:36.0500 2452 DMusic - ok
19:52:36.0578 2452 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:52:36.0578 2452 Dnscache - ok
19:52:36.0640 2452 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:52:36.0640 2452 Dot3svc - ok
19:52:36.0656 2452 dpti2o - ok
19:52:36.0734 2452 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:52:36.0734 2452 drmkaud - ok
19:52:36.0781 2452 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:52:36.0781 2452 EapHost - ok
19:52:36.0937 2452 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
19:52:36.0953 2452 ehRecvr - ok
19:52:37.0015 2452 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
19:52:37.0031 2452 ehSched - ok
19:52:37.0046 2452 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:52:37.0046 2452 ERSvc - ok
19:52:37.0140 2452 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
19:52:37.0140 2452 Eventlog - ok
19:52:37.0203 2452 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
19:52:37.0218 2452 EventSystem - ok
19:52:37.0250 2452 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:52:37.0250 2452 Fastfat - ok
19:52:37.0328 2452 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:52:37.0343 2452 FastUserSwitchingCompatibility - ok
19:52:37.0390 2452 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
19:52:37.0406 2452 Fax - ok
19:52:37.0453 2452 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:52:37.0453 2452 Fdc - ok
19:52:37.0500 2452 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:52:37.0500 2452 Fips - ok
19:52:37.0546 2452 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:52:37.0546 2452 Flpydisk - ok
19:52:37.0578 2452 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:52:37.0593 2452 FltMgr - ok
19:52:37.0625 2452 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:52:37.0625 2452 FontCache3.0.0.0 - ok
19:52:37.0671 2452 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:52:37.0703 2452 Fs_Rec - ok
19:52:37.0750 2452 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:52:37.0750 2452 Ftdisk - ok
19:52:37.0765 2452 [ 92E8443C7BF5C0137671CDE080655DFC ] ftsata2 C:\WINDOWS\system32\DRIVERS\ftsata2.sys
19:52:37.0781 2452 ftsata2 - ok
19:52:37.0843 2452 [ 6F55305289A0765BD8AE8E8D32F17117 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:52:37.0843 2452 GEARAspiWDM - ok
19:52:37.0921 2452 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:52:37.0921 2452 Gpc - ok
19:52:38.0062 2452 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:52:38.0062 2452 helpsvc - ok
19:52:38.0125 2452 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:52:38.0125 2452 HidServ - ok
19:52:38.0156 2452 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:52:38.0156 2452 HidUsb - ok
19:52:38.0203 2452 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:52:38.0203 2452 hkmsvc - ok
19:52:38.0218 2452 hpn - ok
19:52:38.0375 2452 [ AF81F7BA6A09119006FE041A2F2F3ECE ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:52:38.0390 2452 hpqcxs08 - ok
19:52:38.0453 2452 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:52:38.0453 2452 HPZid412 - ok
19:52:38.0484 2452 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:52:38.0500 2452 HPZipr12 - ok
19:52:38.0515 2452 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:52:38.0515 2452 HPZius12 - ok
19:52:38.0578 2452 [ 5DF616ADDB75C1AD36C1F9E4DE0F7654 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:52:38.0593 2452 HSFHWBS2 - ok
19:52:38.0640 2452 [ DFA8F86C0DBCA7DB948043AA3BE6793B ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
19:52:38.0687 2452 HSF_DP - ok
19:52:38.0765 2452 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:52:38.0765 2452 HTTP - ok
19:52:38.0843 2452 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:52:38.0843 2452 HTTPFilter - ok
19:52:38.0859 2452 i2omgmt - ok
19:52:38.0875 2452 i2omp - ok
19:52:38.0921 2452 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:52:38.0921 2452 i8042prt - ok
19:52:39.0015 2452 [ 79AE2A97C120F282845D854D0F070EA9 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
19:52:39.0046 2452 iaStor - ok
19:52:39.0140 2452 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:52:39.0140 2452 IDriverT - ok
19:52:39.0234 2452 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:52:39.0296 2452 idsvc - ok
19:52:39.0343 2452 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:52:39.0343 2452 Imapi - ok
19:52:39.0421 2452 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:52:39.0421 2452 ImapiService - ok
19:52:39.0453 2452 ini910u - ok
19:52:39.0484 2452 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
19:52:39.0484 2452 IntelIde - ok
19:52:39.0546 2452 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:52:39.0546 2452 intelppm - ok
19:52:39.0562 2452 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:52:39.0562 2452 Ip6Fw - ok
19:52:39.0593 2452 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:52:39.0593 2452 IpFilterDriver - ok
19:52:39.0625 2452 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:52:39.0640 2452 IpInIp - ok
19:52:39.0687 2452 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:52:39.0687 2452 IpNat - ok
19:52:39.0750 2452 [ 50F2E042C33ED8D11264BE5C4D533C7F ] iPodService C:\Program Files\iPod\bin\iPodService.exe
19:52:39.0765 2452 iPodService - ok
19:52:39.0796 2452 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:52:39.0812 2452 IPSec - ok
19:52:39.0843 2452 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:52:39.0843 2452 IRENUM - ok
19:52:39.0875 2452 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:52:39.0875 2452 isapnp - ok
19:52:39.0890 2452 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:52:39.0890 2452 Kbdclass - ok
19:52:39.0984 2452 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:52:39.0984 2452 kbdhid - ok
19:52:40.0015 2452 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:52:40.0031 2452 kmixer - ok
19:52:40.0062 2452 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:52:40.0062 2452 KSecDD - ok
19:52:40.0156 2452 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:52:40.0171 2452 lanmanserver - ok
19:52:40.0250 2452 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:52:40.0265 2452 lanmanworkstation - ok
19:52:40.0281 2452 lbrtfdc - ok
19:52:40.0375 2452 [ 00944D59948596721D17510C94CD3E4F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:52:40.0375 2452 LightScribeService - ok
19:52:40.0453 2452 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:52:40.0453 2452 LmHosts - ok
19:52:40.0593 2452 [ 3D67740573A70C6C9B1614982CFAC4C5 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
19:52:40.0609 2452 LMIGuardianSvc - ok
19:52:40.0687 2452 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
19:52:40.0703 2452 LMIInfo - ok
19:52:40.0750 2452 [ D95F3217C9DFA24ECA582ED8E435E221 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
19:52:40.0750 2452 LMIMaint - ok
19:52:40.0812 2452 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
19:52:40.0828 2452 lmimirr - ok
19:52:40.0843 2452 LMIRfsClientNP - ok
19:52:40.0890 2452 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
19:52:40.0890 2452 LMIRfsDriver - ok
19:52:40.0984 2452 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
19:52:41.0000 2452 LogMeIn - ok
19:52:41.0078 2452 [ 9EE18A5A45552673A67532EA37370377 ] ltmodem5 C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
19:52:41.0109 2452 ltmodem5 - ok
19:52:41.0687 2452 [ 1EF84AB6C8043835CB914080A4D06869 ] LTService C:\WINDOWS\LTSvc\LTSVC.exe
19:52:42.0125 2452 LTService - ok
19:52:42.0218 2452 [ 9389293726DB631F40E80C241678F594 ] LTSvcMon C:\WINDOWS\LTsvc\LTSvcMon.exe
19:52:42.0218 2452 LTSvcMon - ok
19:52:42.0296 2452 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
19:52:42.0296 2452 McrdSvc - ok
19:52:42.0375 2452 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
19:52:42.0406 2452 MDM - ok
19:52:42.0437 2452 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:52:42.0437 2452 mdmxsdk - ok
19:52:42.0500 2452 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:52:42.0500 2452 Messenger - ok
19:52:42.0796 2452 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
19:52:42.0796 2452 MHN - ok
19:52:42.0828 2452 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
19:52:42.0828 2452 MHNDRV - ok
19:52:42.0875 2452 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:52:42.0875 2452 mnmdd - ok
19:52:42.0921 2452 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:52:42.0921 2452 mnmsrvc - ok
19:52:42.0984 2452 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:52:42.0984 2452 Modem - ok
19:52:43.0000 2452 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:52:43.0000 2452 Mouclass - ok
19:52:43.0062 2452 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:52:43.0062 2452 mouhid - ok
19:52:43.0109 2452 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:52:43.0109 2452 MountMgr - ok
19:52:43.0171 2452 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:52:43.0187 2452 MozillaMaintenance - ok
19:52:43.0250 2452 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
19:52:43.0250 2452 MpFilter - ok
19:52:43.0265 2452 mraid35x - ok
19:52:43.0281 2452 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:52:43.0281 2452 MRxDAV - ok
19:52:43.0359 2452 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:52:43.0359 2452 MRxSmb - ok
19:52:43.0421 2452 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:52:43.0421 2452 MSDTC - ok
19:52:43.0531 2452 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:52:43.0531 2452 Msfs - ok
19:52:43.0546 2452 MSIServer - ok
19:52:43.0578 2452 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:52:43.0578 2452 MSKSSRV - ok
19:52:43.0625 2452 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:52:43.0625 2452 MsMpSvc - ok
19:52:43.0671 2452 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:52:43.0671 2452 MSPCLOCK - ok
19:52:43.0703 2452 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:52:43.0703 2452 MSPQM - ok
19:52:43.0765 2452 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:52:43.0765 2452 mssmbios - ok
19:52:43.0843 2452 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:52:43.0843 2452 Mup - ok
19:52:43.0921 2452 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:52:43.0937 2452 napagent - ok
19:52:43.0953 2452 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:52:43.0968 2452 NDIS - ok
19:52:44.0031 2452 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:52:44.0031 2452 NdisTapi - ok
19:52:44.0062 2452 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:52:44.0062 2452 Ndisuio - ok
19:52:44.0093 2452 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:52:44.0093 2452 NdisWan - ok
19:52:44.0140 2452 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:52:44.0140 2452 NDProxy - ok
19:52:44.0250 2452 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
19:52:44.0250 2452 Net Driver HPZ12 - ok
19:52:44.0265 2452 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:52:44.0281 2452 NetBIOS - ok
19:52:44.0359 2452 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:52:44.0359 2452 NetBT - ok
19:52:44.0406 2452 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:52:44.0421 2452 NetDDE - ok
19:52:44.0437 2452 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:52:44.0437 2452 NetDDEdsdm - ok
19:52:44.0500 2452 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:52:44.0500 2452 Netlogon - ok
19:52:44.0578 2452 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:52:44.0578 2452 Netman - ok
19:52:44.0640 2452 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:52:44.0640 2452 NetTcpPortSharing - ok
19:52:44.0687 2452 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:52:44.0687 2452 NIC1394 - ok
19:52:44.0718 2452 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:52:44.0734 2452 Nla - ok
19:52:44.0750 2452 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:52:44.0750 2452 Npfs - ok
19:52:44.0828 2452 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:52:44.0843 2452 Ntfs - ok
19:52:44.0875 2452 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:52:44.0875 2452 NtLmSsp - ok
19:52:44.0968 2452 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:52:44.0968 2452 NtmsSvc - ok
19:52:45.0015 2452 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:52:45.0015 2452 Null - ok
19:52:45.0046 2452 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:52:45.0062 2452 NwlnkFlt - ok
19:52:45.0078 2452 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:52:45.0078 2452 NwlnkFwd - ok
19:52:45.0093 2452 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:52:45.0093 2452 ohci1394 - ok
19:52:45.0156 2452 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:45.0156 2452 ose - ok
19:52:45.0218 2452 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:52:45.0234 2452 Parport - ok
19:52:45.0250 2452 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:52:45.0250 2452 PartMgr - ok
19:52:45.0296 2452 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:52:45.0296 2452 ParVdm - ok
19:52:45.0312 2452 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:52:45.0328 2452 PCI - ok
19:52:45.0343 2452 PCIDump - ok
19:52:45.0359 2452 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:52:45.0359 2452 PCIIde - ok
19:52:45.0406 2452 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:52:45.0406 2452 Pcmcia - ok
19:52:45.0421 2452 PDCOMP - ok
19:52:45.0437 2452 PDFRAME - ok
19:52:45.0453 2452 PDRELI - ok
19:52:45.0468 2452 PDRFRAME - ok
19:52:45.0484 2452 perc2 - ok
19:52:45.0500 2452 perc2hib - ok
19:52:45.0562 2452 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
19:52:45.0578 2452 PlugPlay - ok
19:52:45.0671 2452 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
19:52:45.0671 2452 Pml Driver HPZ12 - ok
19:52:45.0703 2452 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:52:45.0703 2452 PolicyAgent - ok
19:52:45.0718 2452 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:52:45.0718 2452 PptpMiniport - ok
19:52:45.0734 2452 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:52:45.0734 2452 Processor - ok
19:52:45.0750 2452 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:52:45.0750 2452 ProtectedStorage - ok
19:52:45.0796 2452 [ 9B793A1FFD480155FE9EE5261153F21B ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
19:52:45.0796 2452 Ps2 - ok
19:52:45.0796 2452 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:52:45.0796 2452 PSched - ok
19:52:45.0812 2452 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:52:45.0812 2452 Ptilink - ok
19:52:45.0828 2452 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:52:45.0828 2452 PxHelp20 - ok
19:52:45.0843 2452 ql1080 - ok
19:52:45.0859 2452 Ql10wnt - ok
19:52:45.0859 2452 ql12160 - ok
19:52:45.0875 2452 ql1240 - ok
19:52:45.0890 2452 ql1280 - ok
19:52:45.0937 2452 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:52:45.0937 2452 RasAcd - ok
19:52:45.0984 2452 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:52:45.0984 2452 RasAuto - ok
19:52:46.0015 2452 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:52:46.0015 2452 Rasl2tp - ok
19:52:46.0093 2452 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:52:46.0093 2452 RasMan - ok
19:52:46.0125 2452 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:52:46.0125 2452 RasPppoe - ok
19:52:46.0140 2452 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:52:46.0140 2452 Raspti - ok
19:52:46.0187 2452 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:52:46.0187 2452 Rdbss - ok
19:52:46.0218 2452 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:52:46.0218 2452 RDPCDD - ok
19:52:46.0234 2452 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:52:46.0250 2452 rdpdr - ok
19:52:46.0296 2452 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:52:46.0296 2452 RDPWD - ok
19:52:46.0343 2452 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:52:46.0343 2452 RDSessMgr - ok
19:52:46.0390 2452 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:52:46.0390 2452 redbook - ok
19:52:46.0437 2452 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:52:46.0437 2452 RemoteAccess - ok
19:52:46.0531 2452 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:52:46.0531 2452 RemoteRegistry - ok
19:52:46.0578 2452 [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
19:52:46.0578 2452 RimUsb - ok
19:52:46.0609 2452 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
19:52:46.0609 2452 RimVSerPort - ok
19:52:46.0625 2452 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
19:52:46.0625 2452 ROOTMODEM - ok
19:52:46.0718 2452 [ F3395D205DEC030DCE54D4575774CFBA ] Roxio UPnP Renderer 9 C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
19:52:46.0718 2452 Roxio UPnP Renderer 9 - ok
19:52:46.0750 2452 [ 95519CBEF94773AF7CD2B26029DCEEA7 ] Roxio Upnp Server 9 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
19:52:46.0765 2452 Roxio Upnp Server 9 - ok
19:52:46.0859 2452 [ B9EA6E59E526B10A2A09F5B9D729797D ] RoxLiveShare9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
19:52:46.0875 2452 RoxLiveShare9 - ok
19:52:46.0984 2452 [ 3DAF385624ABF3C3BBFB05CFF2ACA7D6 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
19:52:47.0046 2452 RoxMediaDB9 - ok
19:52:47.0109 2452 [ 8F366D03A7FDA7527F76F01F695B0205 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
19:52:47.0109 2452 RoxWatch9 - ok
19:52:47.0171 2452 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
19:52:47.0171 2452 RpcLocator - ok
19:52:47.0234 2452 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:52:47.0250 2452 RpcSs - ok
19:52:47.0296 2452 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:52:47.0312 2452 RSVP - ok
19:52:47.0375 2452 [ 3529828EC571FB2F64F6B142F9109993 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
19:52:47.0375 2452 RTL8023xp - ok
19:52:47.0437 2452 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:52:47.0453 2452 rtl8139 - ok
19:52:47.0484 2452 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:52:47.0484 2452 SamSs - ok
19:52:47.0546 2452 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:52:47.0593 2452 SCardSvr - ok
19:52:47.0640 2452 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:52:47.0687 2452 Schedule - ok
19:52:47.0796 2452 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:52:47.0875 2452 Secdrv - ok
19:52:47.0953 2452 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:52:47.0968 2452 seclogon - ok
19:52:48.0296 2452 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
19:52:48.0312 2452 SENS - ok
19:52:48.0421 2452 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:52:48.0421 2452 Serenum - ok
19:52:48.0468 2452 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:52:48.0484 2452 Serial - ok
19:52:48.0656 2452 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:52:48.0656 2452 Sfloppy - ok
19:52:48.0734 2452 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:52:48.0765 2452 SharedAccess - ok
19:52:48.0781 2452 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:52:48.0796 2452 ShellHWDetection - ok
19:52:48.0812 2452 Simbad - ok
19:52:48.0843 2452 Sparrow - ok
19:52:48.0859 2452 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:52:48.0875 2452 splitter - ok
19:52:48.0937 2452 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:52:48.0937 2452 Spooler - ok
19:52:48.0953 2452 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:52:48.0968 2452 sr - ok
19:52:49.0031 2452 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
19:52:49.0031 2452 srservice - ok
19:52:49.0109 2452 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:52:49.0109 2452 Srv - ok
19:52:49.0156 2452 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:52:49.0171 2452 SSDPSRV - ok
19:52:49.0234 2452 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:52:49.0250 2452 stisvc - ok
19:52:49.0296 2452 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:52:49.0296 2452 swenum - ok
19:52:49.0359 2452 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:52:49.0359 2452 swmidi - ok
19:52:49.0375 2452 SwPrv - ok
19:52:49.0390 2452 symc810 - ok
19:52:49.0406 2452 symc8xx - ok
19:52:49.0421 2452 sym_hi - ok
19:52:49.0437 2452 sym_u3 - ok
19:52:49.0468 2452 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:52:49.0484 2452 sysaudio - ok
19:52:49.0515 2452 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:52:49.0515 2452 SysmonLog - ok
19:52:49.0578 2452 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:52:49.0593 2452 TapiSrv - ok
19:52:49.0625 2452 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:52:49.0640 2452 Tcpip - ok
19:52:49.0687 2452 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:52:49.0687 2452 TDPIPE - ok
19:52:49.0718 2452 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:52:49.0718 2452 TDTCP - ok
19:52:49.0750 2452 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:52:49.0765 2452 TermDD - ok
19:52:49.0781 2452 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
19:52:49.0781 2452 TermService - ok
19:52:49.0796 2452 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
19:52:49.0812 2452 Themes - ok
19:52:49.0859 2452 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:52:49.0859 2452 TlntSvr - ok
19:52:49.0875 2452 TosIde - ok
19:52:49.0921 2452 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:52:49.0921 2452 TrkWks - ok
19:52:49.0968 2452 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:52:49.0984 2452 Udfs - ok
19:52:50.0015 2452 ultra - ok
19:52:50.0109 2452 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:52:50.0125 2452 Update - ok
19:52:50.0156 2452 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:52:50.0171 2452 upnphost - ok
19:52:50.0187 2452 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
19:52:50.0187 2452 UPS - ok
19:52:50.0218 2452 [ C1CA131F4E3ED63D6BC89A35FFAD4CDA ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
19:52:50.0234 2452 USBAAPL - ok
19:52:50.0265 2452 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:52:50.0265 2452 usbccgp - ok
19:52:50.0328 2452 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:52:50.0328 2452 usbehci - ok
19:52:50.0343 2452 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:52:50.0343 2452 usbhub - ok
19:52:50.0390 2452 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:52:50.0390 2452 usbohci - ok
19:52:50.0390 2452 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:52:50.0390 2452 usbprint - ok
19:52:50.0421 2452 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:52:50.0421 2452 usbscan - ok
19:52:50.0468 2452 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:52:50.0468 2452 USBSTOR - ok
19:52:50.0515 2452 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:52:50.0515 2452 usbuhci - ok
19:52:50.0531 2452 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:52:50.0531 2452 VgaSave - ok
19:52:50.0562 2452 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
19:52:50.0593 2452 ViaIde - ok
19:52:50.0625 2452 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:52:50.0625 2452 VolSnap - ok
19:52:50.0687 2452 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
19:52:50.0703 2452 VSS - ok
19:52:50.0765 2452 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
19:52:50.0781 2452 W32Time - ok
19:52:50.0812 2452 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:52:50.0812 2452 Wanarp - ok
19:52:50.0828 2452 WDICA - ok
19:52:50.0906 2452 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:52:50.0906 2452 wdmaud - ok
19:52:50.0968 2452 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:52:50.0984 2452 WebClient - ok
19:52:51.0078 2452 [ 473EE64C368CE2EED110376C11960259 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:52:51.0109 2452 winachsf - ok
19:52:51.0250 2452 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:52:51.0250 2452 winmgmt - ok
19:52:51.0343 2452 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:52:51.0406 2452 WinRM - ok
19:52:51.0484 2452 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
19:52:51.0484 2452 WmdmPmSN - ok
19:52:51.0562 2452 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:52:51.0593 2452 Wmi - ok
19:52:51.0656 2452 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:52:51.0656 2452 WmiApSrv - ok
19:52:51.0828 2452 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:52:51.0859 2452 WMPNetworkSvc - ok
19:52:51.0984 2452 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:52:52.0015 2452 WPFFontCache_v0400 - ok
19:52:52.0078 2452 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:52:52.0093 2452 WS2IFSL - ok
19:52:52.0171 2452 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:52:52.0171 2452 wscsvc - ok
19:52:52.0187 2452 WSearch - ok
19:52:52.0265 2452 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:52:52.0265 2452 wuauserv - ok
19:52:52.0375 2452 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:52:52.0375 2452 WudfPf - ok
19:52:52.0437 2452 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:52:52.0437 2452 WudfRd - ok
19:52:52.0531 2452 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:52:52.0546 2452 WudfSvc - ok
19:52:52.0656 2452 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:52:52.0734 2452 WZCSVC - ok
19:52:52.0781 2452 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:52:52.0796 2452 xmlprov - ok
19:52:52.0828 2452 ================ Scan global ===============================
19:52:52.0875 2452 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:52:52.0953 2452 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:52:52.0984 2452 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:52:53.0015 2452 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:52:53.0015 2452 [Global] - ok
19:52:53.0031 2452 ================ Scan MBR ==================================
19:52:53.0062 2452 [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
19:52:53.0437 2452 \Device\Harddisk0\DR0 - ok
19:52:53.0453 2452 ================ Scan VBR ==================================
19:52:53.0468 2452 [ CA99D511F709A3B551C160FA05C7B4E4 ] \Device\Harddisk0\DR0\Partition1
19:52:53.0468 2452 \Device\Harddisk0\DR0\Partition1 - ok
19:52:53.0484 2452 [ 890F032307A389E3D0AA577CA1CE53D4 ] \Device\Harddisk0\DR0\Partition2
19:52:53.0484 2452 \Device\Harddisk0\DR0\Partition2 - ok
19:52:53.0500 2452 ============================================================
19:52:53.0500 2452 Scan finished
19:52:53.0500 2452 ============================================================
19:52:53.0531 2752 Detected object count: 0
19:52:53.0531 2752 Actual detected object count: 0
  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
did you run the aswMBR program/


gringo
  • 0

#11
Fatie32

Fatie32

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-19 19:57:24
-----------------------------
19:57:24.750 OS Version: Windows 5.1.2600 Service Pack 3
19:57:24.750 Number of processors: 1 586 0x2F02
19:57:24.750 ComputerName: GENEVA UserName:
19:57:25.468 Initialize success
19:57:45.500 AVAST engine defs: 12111900
19:58:05.625 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:58:05.640 Disk 0 Vendor: WDC_WD2500JS-60MHB1 10.02E02 Size: 238475MB BusType: 3
19:58:05.671 Disk 0 MBR read successfully
19:58:05.671 Disk 0 MBR scan
19:58:05.718 Disk 0 unknown MBR code
19:58:05.718 Disk 0 Partition 1 00 0C FAT32 LBA RECOVERY 7695 MB offset 63
19:58:05.734 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 230777 MB offset 15759765
19:58:05.765 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 2 MB offset 488392065
19:58:05.781 Disk 0 Partition 3 **INFECTED** MBR:Alureon-K [Rtk]
19:58:05.781 Disk 0 MBR [SST] **ROOTKIT**
19:58:05.781 Disk 0 trace - called modules:
19:58:05.781 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
19:58:05.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86378ab8]
19:58:06.140 3 CLASSPNP.SYS[f7610fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8637fd98]
19:58:06.718 AVAST engine scan C:\WINDOWS
19:58:09.203 File: C:\WINDOWS\CDProxyServ.exe **INFECTED** Win32:Rootkit-gen [Rtk]
19:58:15.203 AVAST engine scan C:\WINDOWS\system32
19:58:15.453 File: C:\WINDOWS\system32\$sys$caj.dll **INFECTED** Win32:Rootkit-gen [Rtk]
19:58:15.515 File: C:\WINDOWS\system32\$sys$upgtool.exe **INFECTED** Win32:Rootkit-gen [Rtk]
20:02:04.109 AVAST engine scan C:\WINDOWS\system32\drivers
20:02:26.296 AVAST engine scan C:\Documents and Settings\Compaq_Administrator
20:09:07.687 AVAST engine scan C:\Documents and Settings\All Users
20:12:32.687 Scan finished successfully
20:46:19.171 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Compaq_Administrator\Desktop\MBR.dat"
20:46:19.171 The log file has been saved successfully to "C:\Documents and Settings\Compaq_Administrator\Desktop\aswMBR.txt"
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

Ok lets try this, I want you to run combofix in safe mode but it is very important that when combofix reboots the computer for you to direct it back into safe mode so it can finish the scan.

Boot into Safe Mode

Reboot your computer in Safe Mode.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.

after combofix has finished its scan please post the report back here.

Gringo
  • 0

#13
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0

#15
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP