Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Installed Fake SP3 Upgrade, Performance Effected, Dont know how to rem


  • Please log in to reply

#1
Loe

Loe

    New Member

  • Member
  • Pip
  • 1 posts
Title explains a lot of it. i installed a fake service pack 3 for windows xp because i was being careless. after the installation there were marked performance issues. i tried to do a windows system restore back to before the installation, but it does not seem to have worked. or at least not that i noticed. can anyone help me clean out the fake stuff? the fake sp3 was installed monday the 13th if that helps. attached are the various scans run this morning from software from this site. thanks for any and all help



OTL logfile created on: 1/14/2014 9:52:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Nate\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.48 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 68.23% Memory free
5.32 Gb Paging File | 4.19 Gb Available in Paging File | 78.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 76.41 Gb Free Space | 68.35% Space Free | Partition Type: NTFS

Computer Name: NATE-S-CUSTOM | User Name: Nate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/14 09:52:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nate\My Documents\Downloads\OTL.exe
PRC - [2014/01/07 16:00:20 | 001,815,464 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2014/01/05 20:44:38 | 000,159,640 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2014/01/05 20:44:37 | 000,167,344 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2013/12/05 14:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/09/06 12:30:16 | 000,273,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
PRC - [2012/08/21 16:06:00 | 000,345,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2012/08/21 16:06:00 | 000,333,416 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2012/08/21 16:06:00 | 000,132,712 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2012/08/21 16:06:00 | 000,075,368 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe
PRC - [2012/08/14 20:08:00 | 000,210,056 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2012/08/14 20:08:00 | 000,033,944 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2004/08/03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/11 11:17:40 | 016,242,056 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2014/01/07 16:00:22 | 001,138,088 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2013/12/12 17:19:40 | 000,142,848 | ---- | M] () -- C:\Program Files\Steam\libavresample-1.dll
MOD - [2013/12/12 17:04:18 | 020,625,832 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2013/12/12 17:04:14 | 000,716,800 | ---- | M] () -- C:\Program Files\Steam\SDL2.dll
MOD - [2013/12/05 14:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/11/04 20:12:06 | 000,890,592 | ---- | M] () -- C:\Program Files\Steam\libavutil-52.dll
MOD - [2013/06/14 18:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 18:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll
MOD - [2013/06/14 18:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll
MOD - [2007/04/18 20:30:46 | 000,471,040 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\ccme_base.dll
MOD - [2007/04/18 20:30:46 | 000,393,216 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\cryptocme2.dll
MOD - [2004/08/03 23:56:46 | 001,287,680 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll


========== Services (SafeList) ==========

SRV - [2014/01/05 20:44:38 | 000,159,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2014/01/05 20:44:37 | 000,167,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2013/12/05 14:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/06 12:29:38 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/08/21 16:06:00 | 000,132,712 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2012/08/14 20:08:00 | 000,210,056 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014/01/05 20:44:38 | 000,090,368 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2014/01/05 20:44:38 | 000,087,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2014/01/05 20:44:37 | 000,477,584 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2014/01/05 20:44:37 | 000,215,024 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2014/01/05 20:44:37 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2014/01/05 20:44:37 | 000,059,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/07/27 23:05:12 | 006,646,784 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2012/07/24 17:47:38 | 006,159,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011/08/24 20:39:38 | 000,323,816 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: treestyletab%40piro.sakura.ne.jp:0.14.2013112901
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2014/01/14 01:09:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/01/05 21:05:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nate\Application Data\Mozilla\Extensions
[2014/01/14 01:06:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nate\Application Data\Mozilla\Firefox\Profiles\yle545yq.default\extensions
[2014/01/14 01:06:57 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Documents and Settings\Nate\Application Data\Mozilla\Firefox\Profiles\yle545yq.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}(2)
[2014/01/05 21:17:09 | 000,494,053 | ---- | M] () (No name found) -- C:\Documents and Settings\Nate\Application Data\Mozilla\Firefox\Profiles\yle545yq.default\extensions\[email protected]
[2014/01/05 21:06:50 | 001,263,703 | ---- | M] () (No name found) -- C:\Documents and Settings\Nate\Application Data\Mozilla\Firefox\Profiles\yle545yq.default\extensions\[email protected]
[2014/01/13 18:33:12 | 000,002,421 | ---- | M] () -- C:\Documents and Settings\Nate\Application Data\Mozilla\Firefox\Profiles\yle545yq.default\searchplugins\Mysearchdial.xml
[2014/01/05 21:03:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/01/05 21:03:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2001/08/23 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20140105204446.dll (McAfee, Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 136.167.2.9 136.167.2.176
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{653F12C8-5D56-40A3-B53A-EED1C239AEC9}: DhcpNameServer = 136.167.2.9 136.167.2.176
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/01/05 20:18:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/14 09:41:28 | 000,000,000 | ---D | C] -- C:\FRST
[2014/01/14 01:06:57 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2014/01/13 18:38:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nate\My Documents\Dropbox
[2014/01/13 18:38:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Application Data\DropboxMaster
[2014/01/13 18:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Start Menu\Programs\Dropbox
[2014/01/13 18:37:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Application Data\Dropbox
[2014/01/13 18:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Local Settings\Application Data\Google
[2014/01/13 18:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Application Data\Skype
[2014/01/13 18:18:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/01/13 18:13:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2014/01/13 18:13:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2014/01/13 18:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2014/01/13 18:12:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2014/01/13 18:10:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2014/01/13 17:37:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2014/01/13 17:35:31 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/01/13 17:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/01/13 17:29:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2014/01/13 17:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Desktop\Adobe CS6
[2014/01/12 15:29:14 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2014/01/12 15:29:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/01/12 15:29:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2014/01/12 15:19:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2014/01/12 12:36:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2014/01/11 12:11:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2014/01/11 12:08:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Local Settings\Application Data\Temp
[2014/01/11 12:08:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Local Settings\Application Data\SplitMediaLabs
[2014/01/11 11:21:04 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2014/01/11 11:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\XSplit
[2014/01/11 11:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\SplitMediaLabs
[2014/01/11 11:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs
[2014/01/11 11:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2014/01/11 11:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/01/10 17:22:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2014/01/10 17:22:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2014/01/10 17:22:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2014/01/10 17:22:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2014/01/10 17:22:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2014/01/10 17:21:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Application Data\SplitMediaLabs
[2014/01/10 17:21:27 | 000,000,000 | ---D | C] -- C:\b3613003cd9dfa6de69d4c8f
[2014/01/10 17:19:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2014/01/10 17:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/01/10 17:19:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2014/01/10 17:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/01/10 17:19:32 | 000,000,000 | ---D | C] -- C:\492d245fbe89f6a2ece6
[2014/01/10 17:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2014/01/07 14:22:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014/01/06 03:18:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\My Documents\My Games
[2014/01/05 23:59:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2014/01/05 23:37:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2014/01/05 23:37:09 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2014/01/05 23:37:07 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2014/01/05 23:37:06 | 002,815,592 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2014/01/05 23:37:06 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2014/01/05 23:37:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2014/01/05 23:29:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Application Data\Macromedia
[2014/01/05 23:29:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Application Data\Adobe
[2014/01/05 23:18:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2014/01/05 23:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Local Settings\Application Data\Adobe
[2014/01/05 23:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2014/01/05 21:07:28 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2014/01/05 21:07:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Steam
[2014/01/05 21:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\My Documents\Downloads
[2014/01/05 21:03:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Local Settings\Application Data\Mozilla
[2014/01/05 21:03:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Application Data\Mozilla
[2014/01/05 21:03:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/01/05 21:03:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2014/01/05 21:03:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/01/05 20:44:46 | 000,087,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2014/01/05 20:44:46 | 000,075,656 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\MfeOtlkAddin.dll
[2014/01/05 20:44:46 | 000,059,616 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2014/01/05 20:44:46 | 000,023,112 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\MFEOtlk.dll
[2014/01/05 20:44:46 | 000,009,648 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2014/01/05 20:44:45 | 000,477,584 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2014/01/05 20:44:45 | 000,215,024 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2014/01/05 20:44:45 | 000,121,544 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys
[2014/01/05 20:44:45 | 000,090,368 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2014/01/05 20:44:44 | 000,159,640 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe
[2014/01/05 20:44:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2014/01/05 20:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2014/01/05 20:44:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2014/01/05 20:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Application Data\McAfee
[2014/01/05 20:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2014/01/05 20:40:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2014/01/05 20:37:05 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014/01/05 20:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/01/05 20:34:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2014/01/05 20:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Application Data\U3
[2014/01/05 20:33:53 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2014/01/05 20:33:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2014/01/05 20:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014/01/05 20:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014/01/05 20:21:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Application Data\Identities
[2014/01/05 20:21:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nate\My Documents\My Pictures
[2014/01/05 20:21:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nate\My Documents\My Music
[2014/01/05 20:21:03 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2014/01/05 20:21:02 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Nate\Application Data\Microsoft
[2014/01/05 20:21:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nate\SendTo
[2014/01/05 20:21:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nate\Recent
[2014/01/05 20:21:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nate\Application Data
[2014/01/05 20:21:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nate\Start Menu\Programs\Startup
[2014/01/05 20:21:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nate\Start Menu
[2014/01/05 20:21:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nate\My Documents
[2014/01/05 20:21:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nate\Favorites
[2014/01/05 20:21:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Nate\Start Menu\Programs\Accessories
[2014/01/05 20:21:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Nate\Cookies
[2014/01/05 20:21:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nate\Templates
[2014/01/05 20:21:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nate\PrintHood
[2014/01/05 20:21:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nate\NetHood
[2014/01/05 20:21:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Nate\Local Settings
[2014/01/05 20:21:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Local Settings\Application Data\Microsoft
[2014/01/05 20:21:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate\Desktop
[2014/01/05 20:20:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2014/01/05 20:20:22 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2014/01/05 20:20:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2014/01/05 20:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2014/01/05 20:20:08 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2014/01/05 20:20:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2014/01/05 20:19:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2014/01/05 20:19:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2014/01/05 20:19:34 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2014/01/05 20:19:04 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2014/01/05 20:18:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2014/01/05 20:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2014/01/05 20:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2014/01/05 20:18:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2014/01/05 20:18:22 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2014/01/05 20:18:22 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2014/01/05 20:18:18 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2014/01/05 20:18:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2014/01/05 20:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2014/01/05 20:17:44 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2014/01/05 20:17:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2014/01/05 20:17:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2014/01/05 20:17:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2014/01/05 20:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2014/01/05 20:17:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2014/01/05 20:17:24 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2014/01/05 20:17:22 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2014/01/05 20:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2014/01/05 20:17:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2014/01/05 20:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2014/01/05 20:17:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2014/01/05 20:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2014/01/05 20:17:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2014/01/05 20:17:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2014/01/05 20:16:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2014/01/05 20:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2014/01/05 20:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2014/01/05 20:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2014/01/05 20:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2014/01/05 20:16:28 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2014/01/05 20:16:27 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2014/01/05 20:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2014/01/05 20:16:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2014/01/05 20:16:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2014/01/05 20:16:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2014/01/05 20:16:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2014/01/05 15:11:54 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2014/01/05 15:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2014/01/05 15:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2014/01/05 15:11:51 | 000,000,000 | R--D | C] -- C:\Program Files
[2014/01/05 15:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2014/01/05 15:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2014/01/05 15:11:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2014/01/05 15:11:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2014/01/05 15:11:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2014/01/05 15:11:37 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2014/01/05 15:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2014/01/05 15:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2014/01/05 15:11:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2014/01/05 15:11:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2014/01/05 15:11:25 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2014/01/05 15:11:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2014/01/05 15:11:12 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/01/05 15:11:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2014/01/05 15:07:26 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2014/01/05 15:07:26 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2014/01/05 15:07:26 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2014/01/05 15:07:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2014/01/05 15:07:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/14 02:00:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-NATE-S-CUSTOM-Nate.job
[2014/01/14 01:09:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/01/14 01:09:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/14 01:09:22 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/01/13 23:00:19 | 000,232,177 | ---- | M] () -- C:\Documents and Settings\Nate\My Documents\Untitled.png
[2014/01/13 19:13:04 | 038,764,325 | ---- | M] () -- C:\Documents and Settings\Nate\Desktop\S.psd
[2014/01/13 18:20:05 | 000,432,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/01/13 18:20:05 | 000,067,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/01/13 18:12:10 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2014/01/12 15:29:14 | 000,002,415 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2014/01/11 12:11:51 | 000,001,775 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2014/01/11 12:11:51 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/01/11 11:21:02 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\Nate\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014/01/11 10:49:03 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Nate\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/10 17:23:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/01/05 23:59:43 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2014/01/05 23:59:43 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2014/01/05 21:03:25 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Nate\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/01/05 20:44:38 | 000,159,640 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe
[2014/01/05 20:44:38 | 000,090,368 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2014/01/05 20:44:38 | 000,087,816 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2014/01/05 20:44:38 | 000,075,656 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\MfeOtlkAddin.dll
[2014/01/05 20:44:38 | 000,023,112 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\MFEOtlk.dll
[2014/01/05 20:44:37 | 000,477,584 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2014/01/05 20:44:37 | 000,215,024 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2014/01/05 20:44:37 | 000,121,544 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys
[2014/01/05 20:44:37 | 000,059,616 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2014/01/05 20:44:37 | 000,009,648 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2014/01/05 20:34:45 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2014/01/05 20:21:06 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Nate\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2014/01/05 20:20:10 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2014/01/05 20:19:48 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2014/01/05 20:18:46 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2014/01/05 20:18:46 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2014/01/05 20:18:46 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2014/01/05 20:18:46 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2014/01/05 20:18:46 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2014/01/05 20:18:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2014/01/05 20:18:45 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2014/01/05 20:18:45 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2014/01/05 20:18:42 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2014/01/05 20:17:08 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2014/01/05 20:15:59 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/13 23:00:16 | 000,232,177 | ---- | C] () -- C:\Documents and Settings\Nate\My Documents\Untitled.png
[2014/01/13 19:12:57 | 038,764,325 | ---- | C] () -- C:\Documents and Settings\Nate\Desktop\S.psd
[2014/01/13 18:32:00 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-NATE-S-CUSTOM-Nate.job
[2014/01/13 18:14:03 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2014/01/13 18:14:03 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2014/01/13 18:14:03 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2014/01/13 18:14:03 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2014/01/13 18:14:03 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2014/01/13 18:14:02 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2014/01/13 18:14:02 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2014/01/13 18:14:02 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2014/01/13 18:14:02 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2014/01/13 18:14:02 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2014/01/13 18:14:02 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2014/01/13 18:14:02 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2014/01/13 18:14:02 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2014/01/13 18:14:02 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2014/01/13 18:14:02 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2014/01/13 18:14:02 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2014/01/13 18:14:02 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2014/01/13 18:14:02 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2014/01/13 18:14:02 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2014/01/13 18:14:02 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2014/01/13 18:14:02 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2014/01/13 18:14:02 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2014/01/13 18:14:02 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2014/01/13 18:14:02 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2014/01/13 18:14:02 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2014/01/13 18:14:02 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2014/01/13 18:14:01 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2014/01/13 18:14:01 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2014/01/13 18:14:01 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2014/01/13 18:14:01 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2014/01/13 18:14:01 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2014/01/13 18:14:01 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2014/01/13 18:14:01 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2014/01/13 18:14:01 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2014/01/13 18:14:01 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2014/01/13 18:14:01 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2014/01/13 18:14:01 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2014/01/13 18:14:01 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2014/01/13 18:14:01 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2014/01/13 18:14:01 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2014/01/13 18:14:01 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2014/01/13 18:14:01 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2014/01/13 18:14:01 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2014/01/13 18:14:01 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2014/01/13 18:14:01 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2014/01/13 18:14:01 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2014/01/13 18:14:01 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2014/01/13 18:14:01 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2014/01/13 18:14:01 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2014/01/13 18:14:01 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2014/01/13 18:14:01 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2014/01/13 18:14:01 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2014/01/13 18:14:01 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2014/01/13 18:14:01 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2014/01/13 18:14:01 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2014/01/13 18:14:01 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2014/01/13 18:14:01 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2014/01/13 18:14:01 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2014/01/13 18:14:01 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2014/01/13 18:14:01 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2014/01/13 18:14:00 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2014/01/13 18:14:00 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2014/01/13 18:14:00 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2014/01/13 18:14:00 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2014/01/13 18:14:00 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2014/01/13 18:14:00 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2014/01/13 18:14:00 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2014/01/13 18:14:00 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2014/01/13 18:14:00 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2014/01/13 18:14:00 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2014/01/13 18:14:00 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2014/01/13 18:12:16 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2014/01/13 18:12:15 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2014/01/12 15:29:14 | 000,002,415 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2014/01/11 11:21:02 | 000,000,852 | ---- | C] () -- C:\Documents and Settings\Nate\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014/01/11 11:17:41 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2014/01/11 11:17:41 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/01/10 17:20:15 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2014/01/05 23:59:43 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2014/01/05 23:59:43 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2014/01/05 23:37:07 | 000,025,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2014/01/05 21:03:25 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Nate\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/01/05 21:03:18 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2014/01/05 20:37:09 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2014/01/05 20:34:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2014/01/05 20:34:42 | 000,038,557 | R--- | C] () -- C:\WINDOWS\atiogl.xml
[2014/01/05 20:34:41 | 000,637,743 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2014/01/05 20:34:41 | 000,268,680 | R--- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2014/01/05 20:34:38 | 003,187,136 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap
[2014/01/05 20:21:06 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Nate\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2014/01/05 20:21:04 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Nate\Start Menu\Programs\Internet Explorer.lnk
[2014/01/05 20:21:04 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Nate\Start Menu\Programs\Outlook Express.lnk
[2014/01/05 20:21:03 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Nate\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/05 20:21:02 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Nate\Start Menu\Programs\Remote Assistance.lnk
[2014/01/05 20:21:02 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Nate\Start Menu\Programs\Windows Media Player.lnk
[2014/01/05 20:20:10 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2014/01/05 20:19:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014/01/05 20:19:32 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2014/01/05 20:19:25 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2014/01/05 20:19:23 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2014/01/05 20:19:22 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2014/01/05 20:19:21 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2014/01/05 20:19:15 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2014/01/05 20:19:12 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2014/01/05 20:19:10 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2014/01/05 20:19:05 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2014/01/05 20:18:46 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2014/01/05 20:18:46 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2014/01/05 20:18:46 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2014/01/05 20:18:46 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2014/01/05 20:18:46 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2014/01/05 20:18:45 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2014/01/05 20:18:45 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2014/01/05 20:18:45 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2014/01/05 20:18:18 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2014/01/05 20:18:13 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2014/01/05 20:17:53 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2014/01/05 20:17:53 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2014/01/05 20:17:48 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2014/01/05 20:17:38 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2014/01/05 20:17:29 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2014/01/05 20:17:10 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2014/01/05 20:17:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2014/01/05 20:16:59 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2014/01/05 20:16:45 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2014/01/05 20:16:45 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2014/01/05 20:16:45 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2014/01/05 20:16:44 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2014/01/05 20:16:44 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2014/01/05 20:16:44 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2014/01/05 20:16:44 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2014/01/05 20:16:44 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2014/01/05 20:16:44 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2014/01/05 20:16:44 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2014/01/05 20:16:44 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2014/01/05 20:16:42 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2014/01/05 20:16:42 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2014/01/05 20:16:41 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2014/01/05 20:16:36 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2014/01/05 15:11:55 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2014/01/05 15:11:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014/01/05 15:11:53 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2014/01/05 15:11:53 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2014/01/05 15:11:52 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2014/01/05 15:11:52 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2014/01/05 15:11:41 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2014/01/05 15:11:37 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2014/01/05 15:11:37 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2014/01/05 15:11:37 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2014/01/05 15:11:37 | 000,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2014/01/05 15:11:37 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2014/01/05 15:11:37 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2014/01/05 15:11:37 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2014/01/05 15:11:37 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2014/01/05 15:11:37 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2014/01/05 15:11:37 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2014/01/05 15:11:37 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2014/01/05 15:11:37 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2014/01/05 15:11:37 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2014/01/05 15:11:37 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2014/01/05 15:11:37 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2014/01/05 15:11:37 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2014/01/05 15:11:37 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2014/01/05 15:11:37 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2014/01/05 15:11:37 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2014/01/05 15:11:12 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/01/05 15:10:39 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2014/01/05 15:10:38 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

========== ZeroAccess Check ==========

[2014/01/05 20:33:53 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2006/09/23 13:12:50 | 001,497,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004/08/03 23:56:44 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/03 23:56:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/01/13 17:37:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2014/01/11 11:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs
[2014/01/14 01:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nate\Application Data\Dropbox
[2014/01/13 18:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nate\Application Data\DropboxMaster
[2014/01/10 17:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nate\Application Data\SplitMediaLabs

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 1/14/2014 9:52:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Nate\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.48 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 68.23% Memory free
5.32 Gb Paging File | 4.19 Gb Available in Paging File | 78.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 76.41 Gb Free Space | 68.35% Space Free | Partition Type: NTFS

Computer Name: NATE-S-CUSTOM | User Name: Nate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe" = C:\Program Files\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe:*:Enabled:Path of Exile -- ()
"C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe" = C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2 -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1995804A-B1A2-4826-99DD-CEA1352D090B}" = McAfee Agent
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{641A9A78-643E-437E-9EA9-18AC8842B622}" = XSplit Broadcaster
"{94B5EB58-4409-4CD2-BEA4-A8E8B1708A50}" = AMD Catalyst Install Manager
"{98295A26-683A-D06A-336B-E481F4417209}" = Catalyst Control Center InstallProxy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}" = McAfee VirusScan Enterprise
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E94EFAB6-653F-4837-9E8A-F6377CA1EC0D}" = Adobe Flash Player 11 ActiveX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Steam" = Steam
"Steam App 238960" = Path of Exile
"Steam App 570" = Dota 2
"WIC" = Windows Imaging Component

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/9/2014 1:57:28 AM | Computer Name = NATE-S-CUSTOM | Source = Application Error | ID = 1000
Description = Faulting application pathofexilesteam.exe, version 0.0.0.0, faulting
module pathofexilesteam.exe, version 0.0.0.0, fault address 0x0019d0ce.

Error - 1/11/2014 1:11:30 PM | Computer Name = NATE-S-CUSTOM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 1/13/2014 7:34:27 PM | Computer Name = NATE-S-CUSTOM | Source = Application Hang | ID = 1002
Description = Hanging application ICReinstall_InstallDropbox.exe, version 0.0.0.0,
hang module hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 1/5/2014 11:43:22 PM | Computer Name = NATE-S-CUSTOM | Source = PlugPlayManager | ID = 12
Description = The device 'HL-DT-ST CDRW/DVD GCCH10N' (IDE\CdRomHL-DT-ST_CDRW/DVD_GCCH10N_______________C101____\5&38467f34&0&0.0.0)
disappeared from the system without first being prepared for removal.

Error - 1/13/2014 7:35:16 PM | Computer Name = NATE-S-CUSTOM | Source = Service Control Manager | ID = 7031
Description = The Update Jump Flip service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.

Error - 1/14/2014 1:37:56 AM | Computer Name = NATE-S-CUSTOM | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
hlnfd


< End of report >

Attached Files


Edited by Loe, 14 January 2014 - 09:56 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP