OTViewIt logfile created on: 26/08/2008 13:39:03 - Run 1
OTViewIt by OldTimer - Version 1.0.0.12     Folder = C:\Documents and Settings\Julie\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
511.23 Mb Total Physical Memory | 217.04 Mb Available Physical Memory | 42.45% Memory free
1.22 Gb Paging File | 0.85 Gb Available in Paging File | 70.02% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.95 Gb Total Space | 23.62 Gb Free Space | 84.52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SCOTT-7AVJWR9SE
Current User Name: Julie
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users

===== Processes - Non-Microsoft Only =====

[06/16/2006 03:38 PM | 00,172,032 | ---- | M] (Anti-Malware Development a.s.) - C:\Program Files\ewido anti-spyware 4.0\guard.exe
[07/23/2008 06:52 PM | 00,206,112 | ---- | M] () - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
[10/26/2004 12:01 PM | 00,127,044 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\nvsvc32.exe
[09/22/2004 01:08 PM | 00,045,056 | ---- | M] () - C:\WINDOWS\system32\wltrysvc.exe
[09/22/2004 01:08 PM | 00,593,920 | ---- | M] (Broadcom Corporation) - C:\WINDOWS\system32\bcmwltry.exe
[12/17/2002 12:28 PM | 00,684,032 | ---- | M] (Roxio) - C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
[01/11/2008 10:16 PM | 00,039,792 | ---- | M] (Adobe Systems Incorporated) - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[08/22/2008 10:15 PM | 06,283,264 | ---- | M] (Anti-Malware Development a.s.) - C:\Program Files\ewido anti-spyware 4.0\ewido.exe
[08/22/2008 06:03 PM | 00,086,016 | ---- | M] () - C:\WINDOWS\system32\wbmfaxil.exe
[08/26/2008 01:38 PM | 01,299,968 | ---- | M] (OldTimer Tools) - C:\Documents and Settings\Julie\Desktop\OTViewIt.exe

===== Win32 Services - Non-Microsoft Only =====

(dmadmin) Logical Disk Manager Administrative Service [On_Demand | Stopped] 
[08/04/2004 12:56 AM | 00,224,768 | ---- | M] (Microsoft Corp., Veritas Software) - C:\WINDOWS\system32\dmadmin.exe

(ewido anti-spyware 4.0 guard) ewido anti-spyware 4.0 guard [Auto | Running] 
[06/16/2006 03:38 PM | 00,172,032 | ---- | M] (Anti-Malware Development a.s.) - C:\Program Files\ewido anti-spyware 4.0\guard.exe

(McAfee SiteAdvisor Service) McAfee SiteAdvisor Service [Auto | Running] 
[07/23/2008 06:52 PM | 00,206,112 | ---- | M] () - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

(NVSvc) NVIDIA Display Driver Service [Auto | Running] 
[10/26/2004 12:01 PM | 00,127,044 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\nvsvc32.exe

(Pml Driver HPZ12) Pml Driver HPZ12 [Disabled | Stopped] 
[09/29/2004 12:14 PM | 00,069,632 | ---- | M] (HP) - C:\WINDOWS\system32\HPZipm12.exe

(WLTRYSVC) WLTRYSVC [Auto | Running] 
[09/22/2004 01:08 PM | 00,045,056 | ---- | M] () - C:\WINDOWS\system32\wltrysvc.exe

===== Driver Services - Non-Microsoft Only =====

(BCM43XX) BCM 802.11b Network Adapter Driver [On_Demand | Running] 
[09/22/2004 01:08 PM | 00,338,176 | ---- | M] (Broadcom Corporation) - C:\WINDOWS\system32\drivers\BCMWL5.SYS

(Cdr4_xp) Cdr4_xp [System | Running] 
[12/17/2002 12:32 PM | 00,061,424 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\cdr4_xp.sys

(Cdralw2k) Cdralw2k [System | Running] 
[12/17/2002 12:32 PM | 00,023,436 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\cdralw2k.sys

(cdudf_xp) cdudf_xp [System | Running] 
[12/17/2002 12:27 PM | 00,241,152 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\cdudf_xp.sys

(dmboot) dmboot [Disabled | Stopped] 
[08/03/2004 11:07 PM | 00,799,744 | ---- | M] (Microsoft Corp., Veritas Software) - C:\WINDOWS\system32\drivers\dmboot.sys

(dmio) dmio [Disabled | Stopped] 
[08/03/2004 11:07 PM | 00,153,344 | ---- | M] (Microsoft Corp., Veritas Software) - C:\WINDOWS\system32\drivers\dmio.sys

(dmload) dmload [Disabled | Stopped] 
[07/16/2003 05:21 PM | 00,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\drivers\dmload.sys

(dvd_2K) dvd_2K [On_Demand | Stopped] 
[10/23/2007 11:28 AM | 00,025,898 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\Dvd_2k.sys

(ewido anti-spyware 4.0 driver) ewido anti-spyware 4.0 driver [System | Running] 
[06/16/2006 03:38 PM | 00,003,968 | ---- | M] () - C:\Program Files\ewido anti-spyware 4.0\guard.sys

(HPZid412) IEEE-1284.4 Driver HPZid412 [On_Demand | Stopped] 
[09/29/2004 06:11 AM | 00,051,120 | R--- | M] (HP) - C:\WINDOWS\system32\drivers\HPZid412.sys

(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [On_Demand | Stopped] 
[09/29/2004 06:11 AM | 00,016,496 | R--- | M] (HP) - C:\WINDOWS\system32\drivers\HPZipr12.sys

(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [On_Demand | Stopped] 
[09/29/2004 06:10 AM | 00,021,744 | ---- | M] (HP) - C:\WINDOWS\system32\drivers\HPZius12.sys

(MDC8021X) AEGIS Protocol (IEEE 802.1x) v2.3.1.7 [Auto | Running] 
[02/21/2008 11:25 PM | 00,015,781 | ---- | M] (Meetinghouse Data Communications) - C:\WINDOWS\system32\drivers\mdc8021x.sys

(mmc_2K) mmc_2K [On_Demand | Running] 
[10/23/2007 11:28 AM | 00,030,630 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\Mmc_2k.sys

(nv) nv [On_Demand | Running] 
[10/26/2004 12:01 PM | 02,830,688 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\drivers\nv4_mini.sys

(OMCI) OMCI WDM Device Driver [System | Running] 
[01/23/2003 04:37 PM | 00,017,217 | ---- | M] (Dell Computer Corporation) - C:\WINDOWS\system32\drivers\omci.sys

(Ptilink) Direct Parallel Link Driver [On_Demand | Running] 
[07/16/2003 05:36 PM | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) - C:\WINDOWS\system32\drivers\ptilink.sys

(pwd_2k) pwd_2k [System | Running] 
[10/23/2007 11:28 AM | 00,143,834 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\pwd_2K.sys

(Secdrv) Secdrv [Auto | Running] 
[07/17/2004 11:36 AM | 00,027,440 | ---- | M] () - C:\WINDOWS\system32\drivers\secdrv.sys

(UdfReadr_xp) UdfReadr_xp [System | Running] 
[10/23/2007 11:28 AM | 00,206,464 | ---- | M] (Roxio) - C:\WINDOWS\System32\drivers\udfreadr_xp.sys

===== Run Keys =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"!ewido" = "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized [08/22/2008 10:15 PM | 06,283,264 | ---- | M] (Anti-Malware Development a.s.)
"AdaptecDirectCD" = "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [12/17/2002 12:28 PM | 00,684,032 | ---- | M] (Roxio)
"Adobe Reader Speed Launcher" = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM | 00,039,792 | ---- | M] (Adobe Systems Incorporated)
"NvCplDaemon" = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [10/26/2004 12:01 PM | 04,632,576 | ---- | M] (NVIDIA Corporation)
"nwiz" = nwiz.exe /installquiet [10/26/2004 12:01 PM | 00,921,600 | ---- | M] (NVIDIA Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"syswincfg" = C:\WINDOWS\system32\wbmfaxil.exe [08/22/2008 06:03 PM | 00,086,016 | ---- | M] ()

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = 
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = 
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-21-1177238915-1060284298-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"syswincfg" = C:\WINDOWS\system32\wbmfaxil.exe [08/22/2008 06:03 PM | 00,086,016 | ---- | M] ()

[HKEY_USERS\S-1-5-21-1177238915-1060284298-839522115-1004\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

===== Startup Folders =====

[All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup]

[Default User Startup Folder - C:\Documents and Settings\Default User\Start Menu\Programs\Startup]

[Julie Startup Folder - C:\Documents and Settings\Julie\Start Menu\Programs\Startup]

===== BHO's =====

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
HKLM CLSID: (McAfee SiteAdvisor BHO) - [07/23/2008 12:21 PM | 00,120,608 | ---- | M] () c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll

===== Toolbars =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}"
HKLM CLSID: (McAfee SiteAdvisor Toolbar) - [07/23/2008 12:21 PM | 00,120,608 | ---- | M] () c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll

===== Policies =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveAutoRun" = 67108863
"NoDriveTypeAutoRun" = 255
"NoDrives" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" = 
"legalnoticetext" = 
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
"NoDrives" = 0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0
"DisableRegistryTools" = 0
"DisableTaskMgr" = 1

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
"CDRAutoRun" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
"CDRAutoRun" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
Unable to open key or key not present!


[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
Unable to open key or key not present!


[HKEY_USERS\S-1-5-21-1177238915-1060284298-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
"NoDrives" = 0

[HKEY_USERS\S-1-5-21-1177238915-1060284298-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]

[HKEY_USERS\S-1-5-21-1177238915-1060284298-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0
"DisableRegistryTools" = 0
"DisableTaskMgr" = 1

===== Desktop Components =====

===== Shared Task Scheduler =====

===== AppInit_Dlls =====

===== Lsa Authentication Packages =====

===== Lsa Security Packages =====

===== Authorized Applications List =====

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [08/04/2004 12:56 AM | 00,140,800 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [08/04/2004 12:56 AM | 00,140,800 | ---- | M] (Microsoft Corporation)

===== HKLM Winlogon Settings =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
"Explorer.exe" - [08/04/2004 12:56 AM | 01,032,192 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
"C:\WINDOWS\system32\userinit.exe" - [08/04/2004 12:56 AM | 00,024,576 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
"logonui.exe" - [08/04/2004 12:56 AM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
"rundll32 shell32" - [08/04/2004 12:56 AM | 08,384,000 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
"Control_RunDLL "sysdm.cpl"" - [08/04/2004 12:56 AM | 00,298,496 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

===== User's Winlogon Settings =====

===== Winlogon Notify Settings =====

===== Safeboot Options =====

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe

===== Disabled MsConfig Items =====

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]
"Pml Driver HPZ12" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
"system.ini" = 0
"win.ini" = 0
"bootini" = 0
"services" = 2
"startup" = 0

===== DNS Name Servers =====

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{8995A1FD-E09F-492D-81AF-A96397EE6399}]
Servers:  | Description: BT Voyager 1060 Laptop Adapter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{FCA90006-531B-4AEC-96C7-D891175B8914}]
Servers:  | Description: 1394 Net Adapter

===== CDRom AutoRun Settings =====

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

===== Autorun Files on Drives =====

AUTOEXEC.BAT []
[10/22/2007 05:13 PM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

===== MountPoints2 =====

===== Hosts File =====

HOSTS File = (718252 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1  localhost
127.0.0.1  ad.a8.net
127.0.0.1  asy.a8ww.net
127.0.0.1  a9rhiwa.cn #[Google.Warning]
127.0.0.1  www.a9rhiwa.cn
127.0.0.1  acezip.net #[SiteAdvisor.acezip.net]
127.0.0.1  www.acezip.net #[Win32/Adware.180Solutions]
127.0.0.1  phpadsnew.abac.com
127.0.0.1  a.abnad.net
127.0.0.1  b.abnad.net
127.0.0.1  c.abnad.net #[eTrust.Tracking.Cookie]
127.0.0.1  d.abnad.net
127.0.0.1  e.abnad.net
127.0.0.1  t.abnad.net
127.0.0.1  z.abnad.net
127.0.0.1  banners.absolpublisher.com
127.0.0.1  tracking.absolstats.com
127.0.0.1  adv.abv.bg
127.0.0.1  bimg.abv.bg
127.0.0.1  www2.a-counter.kiev.ua
127.0.0.1  track.acclaimnetwork.com
127.0.0.1  accuserveadsystem.com
127.0.0.1  www.accuserveadsystem.com
127.0.0.1  gtb5.acecounter.com
127.0.0.1  gtcc1.acecounter.com



[Files/Folders - Created Within 30 days]
[08/22/2008 10:58 PM | ---D | C] - C:\!KillBox
[08/22/2008 11:14 PM | ---D | C] - C:\QooBox
[08/22/2008 11:23 PM | -HSD | C] - C:\RECYCLER
[10/26/2004 12:01 PM | 02,830,688 | ---- | C] (NVIDIA Corporation) - C:\WINDOWS\System32\dllcache\nv4_mini.sys
[10/26/2004 12:01 PM | 03,742,720 | ---- | C] (NVIDIA Corporation) - C:\WINDOWS\System32\dllcache\nv4_disp.dll
[07/17/2004 10:55 PM | 00,129,045 | ---- | C] () - C:\WINDOWS\System32\drivers\cxthsfs2.cty
[07/17/2004 11:35 AM | 00,067,866 | ---- | C] () - C:\WINDOWS\System32\drivers\netwlan5.img
[07/17/2004 11:36 AM | 00,064,352 | ---- | C] () - C:\WINDOWS\System32\drivers\ativmc20.cod
[08/03/2004 10:29 PM | 00,011,295 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\wadv08nt.sys
[08/03/2004 10:29 PM | 00,011,615 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati1mdxx.sys
[08/03/2004 10:29 PM | 00,011,807 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\wadv07nt.sys
[08/03/2004 10:29 PM | 00,011,871 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\wadv09nt.sys
[08/03/2004 10:29 PM | 00,011,935 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\wadv11nt.sys
[08/03/2004 10:29 PM | 00,012,047 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati1pdxx.sys
[08/03/2004 10:29 PM | 00,013,824 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\atinmdxx.sys
[08/03/2004 10:29 PM | 00,013,824 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\atinttxx.sys
[08/03/2004 10:29 PM | 00,014,336 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\atinpdxx.sys
[08/03/2004 10:29 PM | 00,021,343 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati1ttxx.sys
[08/03/2004 10:29 PM | 00,022,271 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\watv06nt.sys
[08/03/2004 10:29 PM | 00,025,471 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\watv10nt.sys
[08/03/2004 10:29 PM | 00,026,367 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati1snxx.sys
[08/03/2004 10:29 PM | 00,028,672 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\atinsnxx.sys
[08/03/2004 10:29 PM | 00,029,455 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati1xbxx.sys
[08/03/2004 10:29 PM | 00,030,671 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati1raxx.sys
[08/03/2004 10:29 PM | 00,031,744 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\atinxbxx.sys
[08/03/2004 10:29 PM | 00,034,735 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati1xsxx.sys
[08/03/2004 10:29 PM | 00,036,463 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati1tuxx.sys
[08/03/2004 10:29 PM | 00,052,224 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\atinraxx.sys
[08/03/2004 10:29 PM | 00,056,623 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati1btxx.sys
[08/03/2004 10:29 PM | 00,057,856 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\atinbtxx.sys
[08/03/2004 10:29 PM | 00,063,488 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\atinxsxx.sys
[08/03/2004 10:29 PM | 00,063,663 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati1rvxx.sys
[08/03/2004 10:29 PM | 00,073,216 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\atintuxx.sys
[08/03/2004 10:29 PM | 00,104,960 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\atinrvxx.sys
[08/03/2004 10:29 PM | 00,166,912 | ---- | C] (S3 Graphics, Inc.) - C:\WINDOWS\System32\drivers\s3gnbm.sys
[08/03/2004 10:29 PM | 00,327,040 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati2mtaa.sys
[08/03/2004 10:29 PM | 00,452,736 | ---- | C] (Matrox Graphics Inc.) - C:\WINDOWS\System32\drivers\mtxparhm.sys
[08/03/2004 10:29 PM | 00,701,440 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\drivers\ati2mtag.sys
[08/03/2004 10:41 PM | 00,011,868 | ---- | C] (Conexant) - C:\WINDOWS\System32\drivers\mdmxsdk.sys
[08/03/2004 10:41 PM | 00,013,240 | ---- | C] (Smart Link) - C:\WINDOWS\System32\drivers\slwdmsup.sys
[08/03/2004 10:41 PM | 00,013,776 | ---- | C] (Smart Link) - C:\WINDOWS\System32\drivers\recagent.sys
[08/03/2004 10:41 PM | 00,095,424 | ---- | C] (Smart Link) - C:\WINDOWS\System32\drivers\slnthal.sys
[08/03/2004 10:41 PM | 00,126,686 | ---- | C] (Smart Link) - C:\WINDOWS\System32\drivers\mtlmnt5.sys
[08/03/2004 10:41 PM | 00,129,535 | ---- | C] (Smart Link) - C:\WINDOWS\System32\drivers\slnt7554.sys
[08/03/2004 10:41 PM | 00,180,360 | ---- | C] (Smart Link) - C:\WINDOWS\System32\drivers\ntmtlfax.sys
[08/03/2004 10:41 PM | 00,220,032 | ---- | C] (Conexant Systems, Inc.) - C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[08/03/2004 10:41 PM | 00,404,990 | ---- | C] (Smart Link) - C:\WINDOWS\System32\drivers\slntamr.sys
[08/03/2004 10:41 PM | 00,685,056 | ---- | C] (Conexant Systems, Inc.) - C:\WINDOWS\System32\drivers\hsfcxts2.sys
[08/03/2004 10:41 PM | 01,041,536 | ---- | C] (Conexant Systems, Inc.) - C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[08/03/2004 10:41 PM | 01,309,184 | ---- | C] (Smart Link) - C:\WINDOWS\System32\drivers\mtlstrm.sys
[08/03/2004 11:07 PM | 00,041,088 | ---- | C] (Silicon Integrated Systems Corporation) - C:\WINDOWS\System32\drivers\sisagp.sys
[08/03/2004 11:07 PM | 00,043,008 | ---- | C] (Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdagp.sys
[08/04/2004 12:56 AM | 00,003,135 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\adv08nt5.dll
[08/04/2004 12:56 AM | 00,003,615 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\adv05nt5.dll
[08/04/2004 12:56 AM | 00,003,647 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\adv07nt5.dll
[08/04/2004 12:56 AM | 00,003,711 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\adv09nt5.dll
[08/04/2004 12:56 AM | 00,003,775 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\adv11nt5.dll
[08/04/2004 12:56 AM | 00,003,901 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\siint5.dll
[08/04/2004 12:56 AM | 00,003,967 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\adv02nt5.dll
[08/04/2004 12:56 AM | 00,004,255 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\adv01nt5.dll
[08/04/2004 12:56 AM | 00,011,325 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\vchnt5.dll
[08/04/2004 12:56 AM | 00,011,359 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\atv02nt5.dll
[08/04/2004 12:56 AM | 00,014,143 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\atv06nt5.dll
[08/04/2004 12:56 AM | 00,015,423 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[08/04/2004 12:56 AM | 00,017,279 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\atv10nt5.dll
[08/04/2004 12:56 AM | 00,021,183 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\atv01nt5.dll
[08/04/2004 12:56 AM | 00,025,471 | ---- | C] (Intel(R) Corporation) - C:\WINDOWS\System32\drivers\atv04nt5.dll
[10/26/2004 12:01 PM | 02,830,688 | ---- | C] (NVIDIA Corporation) - C:\WINDOWS\System32\drivers\nv4_mini.sys
[1 C:\WINDOWS\System32\*.tmp files]
[01/09/2006 10:36 AM | 00,040,960 | ---- | C] () - C:\WINDOWS\System32\swsc.exe
[04/27/2006 05:49 PM | 00,288,417 | ---- | C] (S!Ri) - C:\WINDOWS\System32\SrchSTS.exe
[05/18/2008 09:40 PM | 00,082,944 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.exe
[05/29/2008 09:35 AM | 00,086,528 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\VACFix.exe
[06/05/2003 09:13 PM | 00,053,248 | ---- | C] (http://www.beyondlogic.org) - C:\WINDOWS\System32\Process.exe
[07/31/2004 06:50 PM | 00,051,200 | ---- | C] () - C:\WINDOWS\System32\dumphive.exe
[08/04/2004 12:56 AM | 00,009,728 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\ativdaxx.ax
[08/04/2004 12:56 AM | 00,023,040 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\ativmvxx.ax
[08/04/2004 12:56 AM | 00,032,285 | ---- | C] (Conexant Systems, Inc.) - C:\WINDOWS\System32\hsfcisp2.dll
[08/04/2004 12:56 AM | 00,032,768 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\ativtmxx.dll
[08/04/2004 12:56 AM | 00,032,866 | ---- | C] (Smart Link) - C:\WINDOWS\System32\slrundll.exe
[08/04/2004 12:56 AM | 00,053,248 | ---- | C] () - C:\WINDOWS\System32\vbicodec.ax
[08/04/2004 12:56 AM | 00,073,796 | ---- | C] (Smart Link) - C:\WINDOWS\System32\slserv.exe
[08/04/2004 12:56 AM | 00,073,832 | ---- | C] (Smart Link) - C:\WINDOWS\System32\slcoinst.dll
[08/04/2004 12:56 AM | 00,081,920 | ---- | C] () - C:\WINDOWS\System32\ieencode.dll
[08/04/2004 12:56 AM | 00,086,016 | ---- | C] (Conexant) - C:\WINDOWS\System32\mdmxsdk.dll
[08/04/2004 12:56 AM | 00,164,352 | ---- | C] () - C:\WINDOWS\System32\wstpager.ax
[08/04/2004 12:56 AM | 00,188,508 | ---- | C] (Smart Link) - C:\WINDOWS\System32\slgen.dll
[08/04/2004 12:56 AM | 00,201,728 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\ati2dvag.dll
[08/04/2004 12:56 AM | 00,229,376 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\ati2cqag.dll
[08/04/2004 12:56 AM | 00,239,616 | ---- | C] () - C:\WINDOWS\System32\wstrenderer.ax
[08/04/2004 12:56 AM | 00,286,792 | ---- | C] (Smart Link) - C:\WINDOWS\System32\slextspk.dll
[08/04/2004 12:56 AM | 00,377,984 | ---- | C] (ATI Technologies Inc.) - C:\WINDOWS\System32\ati2dvaa.dll
[08/04/2004 12:56 AM | 00,397,056 | ---- | C] (S3 Graphics, Inc.) - C:\WINDOWS\System32\s3gnb.dll
[08/04/2004 12:56 AM | 00,516,768 | ---- | C] (ATI Technologies Inc. ) - C:\WINDOWS\System32\ativvaxx.dll
[08/04/2004 12:56 AM | 00,870,784 | ---- | C] (ATI Technologies Inc. ) - C:\WINDOWS\System32\ati3d1ag.dll
[08/04/2004 12:56 AM | 01,737,856 | ---- | C] (Matrox Graphics Inc.) - C:\WINDOWS\System32\mtxparhd.dll
[08/04/2004 12:56 AM | 01,888,992 | ---- | C] (ATI Technologies Inc. ) - C:\WINDOWS\System32\ati3duag.dll
[08/14/2008 09:52 PM | 00,082,432 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.C.exe
[08/18/2008 12:19 PM | 00,082,432 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\404Fix.exe
[08/21/2008 11:41 PM | 00,087,552 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\AntiXPVSTFix.exe
[08/22/2008 06:03 PM | 00,041,472 | ---- | C] () - C:\WINDOWS\System32\uryfsxyz.exe
[08/22/2008 06:03 PM | 00,086,016 | ---- | C] () - C:\WINDOWS\System32\wbmfaxil.exe
[08/22/2008 06:05 PM | 00,010,334 | ---- | C] () - C:\WINDOWS\System32\ihyvanohyp.bin
[08/22/2008 06:05 PM | 00,018,522 | ---- | C] () - C:\WINDOWS\System32\ugohinol.db
[08/22/2008 06:05 PM | 00,019,409 | ---- | C] () - C:\WINDOWS\System32\ujolidedyl.ban
[08/22/2008 11:22 PM | 00,001,680 | ---- | C] () - C:\WINDOWS\System32\tmp.reg
[08/22/2008 11:35 PM | ---D | C] - C:\WINDOWS\System32\bits
[08/22/2008 11:36 PM | ---D | C] - C:\WINDOWS\System32\PreInstall
[08/23/2008 12:26 AM | ---D | C] - C:\WINDOWS\System32\ReinstallBackups
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\akttzn.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\anticipator.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\awtoolb.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\bdn.com
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\bsva-egihsg52.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\dpcproxy.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\emesx.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\h@tkeysh@@k.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\hoproxy.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\hxiwlgpm.dat
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\hxiwlgpm.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\medup012.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\medup020.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\msgp.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\msnbho.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\mssecu.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\msvchost.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\mtr2.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\mwin32.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\netode.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\newsd32.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\ps1.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\psof1.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\psoft1.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\regc64.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\regm64.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\Rundl1.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\sncntr.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\ssurf022.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\ssvchost.com
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\ssvchost.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\sysreq.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\taack.dat
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\taack.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\temp#01.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\thun.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\thun32.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\VBIEWER.OCX
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\vbsys2.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\vcatchpi.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\winlogonpc.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\winsystem.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\System32\WINWGPX.EXE
[08/23/2008 12:55 AM | ---D | C] - C:\WINDOWS\System32\smp
[08/24/2008 11:07 PM | 00,011,289 | ---- | C] () - C:\WINDOWS\System32\nvModes.dat
[08/26/2008 01:35 PM | 00,011,289 | ---- | C] () - C:\WINDOWS\System32\nvModes.001
[08/29/2006 07:43 PM | 00,135,168 | ---- | C] (SteelWerX) - C:\WINDOWS\System32\swreg.exe
[09/06/2007 12:22 AM | 00,289,144 | ---- | C] (S!Ri) - C:\WINDOWS\System32\VCCLSID.exe
[10/04/2007 12:36 AM | 00,025,600 | ---- | C] () - C:\WINDOWS\System32\WS2Fix.exe
[10/26/2004 12:01 PM | 00,013,866 | ---- | C] () - C:\WINDOWS\System32\nvdisp.nvu
[10/26/2004 12:01 PM | 00,176,128 | ---- | C] (NVIDIA Corporation) - C:\WINDOWS\System32\nvudisp.exe
[10/26/2004 12:01 PM | 03,742,720 | ---- | C] (NVIDIA Corporation) - C:\WINDOWS\System32\nv4_disp.dll
[12/01/2006 06:20 AM | 00,079,360 | ---- | C] (SteelWerX) - C:\WINDOWS\System32\swxcacls.exe
[9 C:\WINDOWS\*.tmp files]
[08/04/2004 12:56 AM | 00,032,866 | ---- | C] (Smart Link) - C:\WINDOWS\slrundll.exe
[08/22/2008 06:05 PM | 00,013,714 | ---- | C] () - C:\WINDOWS\qecidy.sys
[08/22/2008 06:05 PM | 00,014,940 | ---- | C] () - C:\WINDOWS\puzojywex.vbs
[08/22/2008 06:05 PM | 00,015,906 | ---- | C] () - C:\WINDOWS\ylegapytil.ban
[08/22/2008 06:05 PM | 00,016,475 | ---- | C] () - C:\WINDOWS\enydefov.lib
[08/22/2008 06:05 PM | 00,017,005 | ---- | C] () - C:\WINDOWS\apupiwap.bin
[08/22/2008 06:05 PM | 00,017,141 | ---- | C] () - C:\WINDOWS\itajeraza.dll
[08/22/2008 06:05 PM | 00,017,482 | ---- | C] () - C:\WINDOWS\mopafan.dat
[08/22/2008 06:05 PM | 00,017,640 | ---- | C] () - C:\WINDOWS\ufimyjybez.inf
[08/22/2008 06:05 PM | 00,019,944 | ---- | C] () - C:\WINDOWS\owamycu.pif
[08/22/2008 11:08 PM | ---D | C] - C:\WINDOWS\erdnt
[08/22/2008 11:38 PM | ---D | C] - C:\WINDOWS\SoftwareDistribution
[08/23/2008 09:08 PM | ---D | C] - C:\WINDOWS\Prefetch
[08/23/2008 12:14 AM | ---D | C] - C:\WINDOWS\EHome
[08/23/2008 12:22 AM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstall$
[08/23/2008 12:35 AM | ---D | C] - C:\WINDOWS\ServicePackFiles
[08/23/2008 12:40 AM | ---D | C] - C:\WINDOWS\peernet
[08/23/2008 12:40 AM | ---D | C] - C:\WINDOWS\provisioning
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\a.bat
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\bdn.com
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\FVProtect.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\iTunesMusic.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\mssecu.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\userconfig9x.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | C] () - C:\WINDOWS\winsystem.exe
[08/23/2008 12:55 AM | 00,316,640 | ---- | C] () - C:\WINDOWS\WMSysPr9.prx
[08/23/2008 12:55 AM | ---D | C] - C:\WINDOWS\mslagent
[08/24/2008 06:10 PM | ---D | C] - C:\WINDOWS\nview
[08/24/2008 10:01 AM | 00,001,374 | ---- | C] () - C:\WINDOWS\imsins.BAK
[08/24/2008 10:02 AM | -H-D | C] - C:\WINDOWS\$hf_mig$
[08/26/2008 01:36 PM | ---D | C] - C:\WINDOWS\temp
[08/31/2000 08:00 AM | 00,028,672 | ---- | C] (NirSoft) - C:\WINDOWS\Nircmd.exe
[08/31/2000 08:00 AM | 00,049,152 | ---- | C] () - C:\WINDOWS\VFind.exe
[08/31/2000 08:00 AM | 00,068,096 | ---- | C] () - C:\WINDOWS\zip.exe
[08/31/2000 08:00 AM | 00,080,412 | ---- | C] () - C:\WINDOWS\grep.exe
[08/31/2000 08:00 AM | 00,089,504 | ---- | C] (Smallfrogs Studio) - C:\WINDOWS\fdsv.exe
[08/31/2000 08:00 AM | 00,098,816 | ---- | C] () - C:\WINDOWS\sed.exe
[08/31/2000 08:00 AM | 00,136,704 | ---- | C] (SteelWerX) - C:\WINDOWS\swsc.exe
[08/31/2000 08:00 AM | 00,161,792 | ---- | C] (SteelWerX) - C:\WINDOWS\swreg.exe
[08/31/2000 08:00 AM | 00,212,480 | ---- | C] (SteelWerX) - C:\WINDOWS\swxcacls.exe
[08/26/2008 01:38 PM | 00,000,330 | -H-- | C] () - C:\WINDOWS\tasks\MP Scheduled Scan.job
[08/22/2008 06:03 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\olwjmfyd
[08/22/2008 06:05 PM | 00,015,413 | ---- | C] () - C:\Documents and Settings\All Users\Application Data\sapucunosy.dat
[08/22/2008 11:43 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\McAfee
[08/22/2008 11:45 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[08/22/2008 11:53 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[08/23/2008 12:55 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 120 bytes -> %AllUsersProfile%\Application Data\TEMP:5C321E34
[08/22/2008 06:05 PM | 00,010,792 | ---- | C] () - C:\Documents and Settings\Julie\Application Data\ukohu.bin
[08/22/2008 06:05 PM | 00,013,395 | ---- | C] () - C:\Documents and Settings\Julie\Application Data\yvobezele.ban
[08/22/2008 06:05 PM | 00,011,600 | ---- | C] () - C:\Documents and Settings\Julie\Local Settings\Application Data\xyqide.db
[08/22/2008 06:05 PM | 00,015,236 | ---- | C] () - C:\Documents and Settings\Julie\Local Settings\Application Data\hibamymepy.com
[08/22/2008 06:05 PM | 00,015,830 | ---- | C] () - C:\Documents and Settings\Julie\Local Settings\Application Data\iqufenali.vbs
[08/22/2008 06:05 PM | 00,016,123 | ---- | C] () - C:\Documents and Settings\Julie\Local Settings\Application Data\ilylecig.scr
[08/22/2008 06:05 PM | 00,019,553 | ---- | C] () - C:\Documents and Settings\Julie\Local Settings\Application Data\tevokyb.com
[08/22/2008 06:05 PM | 00,010,954 | ---- | C] () - C:\Documents and Settings\All Users\Documents\pupykom.bat
[08/22/2008 06:05 PM | 00,011,895 | ---- | C] () - C:\Documents and Settings\All Users\Documents\obohulyhid.com
[08/22/2008 06:05 PM | 00,017,824 | ---- | C] () - C:\Documents and Settings\All Users\Documents\iquzame.bin
[08/22/2008 10:06 PM | 00,000,763 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\ewido anti-spyware.lnk
[08/22/2008 06:03 PM | 00,000,126 | ---- | C] () - C:\Documents and Settings\Julie\Desktop\delself.bat
[08/22/2008 09:53 PM | 00,000,502 | ---- | C] () - C:\Documents and Settings\Julie\Desktop\Shortcut to SmitfraudFix.lnk
[08/22/2008 10:44 PM | 00,092,672 | ---- | C] (Option^Explicit Software                        vbtechcd@gmail.com) - C:\Documents and Settings\Julie\Desktop\KillBox.exe
[08/22/2008 10:45 PM | 02,922,072 | ---- | C] (Piriform Ltd) - C:\Documents and Settings\Julie\Desktop\ccsetup210.exe
[08/22/2008 10:46 PM | 02,720,466 | R--- | C] () - C:\Documents and Settings\Julie\Desktop\ComboFix.exe
[08/22/2008 11:04 PM | 00,001,548 | ---- | C] () - C:\Documents and Settings\Julie\Desktop\CCleaner.lnk
[08/22/2008 11:23 PM | ---D | C] - C:\Documents and Settings\Julie\Desktop\SmitfraudFix
[08/22/2008 11:47 PM | 00,000,690 | ---- | C] () - C:\Documents and Settings\Julie\Desktop\SpywareBlaster.lnk
[08/23/2008 08:39 AM | 00,001,734 | ---- | C] () - C:\Documents and Settings\Julie\Desktop\HijackThis.lnk
[08/26/2008 01:38 PM | 01,299,968 | ---- | C] (OldTimer Tools) - C:\Documents and Settings\Julie\Desktop\OTViewIt.exe
[08/22/2008 11:45 PM | ---D | C] - C:\Program Files\Common Files\McAfee
[08/22/2008 06:03 PM | ---D | C] - C:\Program Files\wxnbojf
[08/22/2008 10:16 PM | ---D | C] - C:\Program Files\ewido anti-spyware 4.0
[08/22/2008 11:04 PM | ---D | C] - C:\Program Files\CCleaner
[08/22/2008 11:49 PM | ---D | C] - C:\Program Files\SpywareBlaster
[08/23/2008 08:39 AM | ---D | C] - C:\Program Files\Trend Micro
[08/23/2008 12:51 AM | ---D | C] - C:\Program Files\McAfee
[08/23/2008 12:55 AM | ---D | C] - C:\Program Files\akl
[08/23/2008 12:55 AM | ---D | C] - C:\Program Files\Inet Delivery
[08/23/2008 12:58 AM | ---D | C] - C:\Program Files\Windows Defender

[Files/Folders - Modified Within 30 days]
[08/22/2008 10:58 PM | ---D | M] - C:\!KillBox
[08/22/2008 11:14 PM | ---D | M] - C:\QooBox
[08/22/2008 11:23 PM | -HSD | M] - C:\RECYCLER
[08/23/2008 08:39 AM | R--D | M] - C:\Program Files
[08/23/2008 12:28 AM | 00,047,564 | RHS- | M] () - C:\NTDETECT.COM
[08/23/2008 12:28 AM | 00,250,032 | RHS- | M] () - C:\ntldr
[08/23/2008 12:42 AM | 00,000,211 | RHS- | M] () - C:\boot.ini
[08/23/2008 12:51 AM | -HSD | M] - C:\System Volume Information
[08/23/2008 12:58 AM | -H-D | M] - C:\Config.Msi
[08/24/2008 06:11 PM | ---D | M] - C:\WINDOWS
[08/06/2008 03:08 AM | 00,718,252 | ---- | M] () - C:\WINDOWS\System32\drivers\etc\HOSTS
[08/22/2008 11:22 PM | 00,000,027 | ---- | M] () - C:\WINDOWS\System32\drivers\etc\HOSTS.MVP
[08/22/2008 11:41 PM | ---D | M] - C:\WINDOWS\System32\drivers\etc
[1 C:\WINDOWS\System32\*.tmp files]
[08/14/2008 09:52 PM | 00,082,432 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.C.exe
[08/18/2008 12:19 PM | 00,082,432 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\404Fix.exe
[08/21/2008 11:41 PM | 00,087,552 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\AntiXPVSTFix.exe
[08/22/2008 06:03 PM | 00,041,472 | ---- | M] () - C:\WINDOWS\System32\uryfsxyz.exe
[08/22/2008 06:03 PM | 00,086,016 | ---- | M] () - C:\WINDOWS\System32\wbmfaxil.exe
[08/22/2008 06:05 PM | 00,010,334 | ---- | M] () - C:\WINDOWS\System32\ihyvanohyp.bin
[08/22/2008 06:05 PM | 00,018,522 | ---- | M] () - C:\WINDOWS\System32\ugohinol.db
[08/22/2008 06:05 PM | 00,019,409 | ---- | M] () - C:\WINDOWS\System32\ujolidedyl.ban
[08/22/2008 11:22 PM | 00,001,680 | ---- | M] () - C:\WINDOWS\System32\tmp.reg
[08/22/2008 11:35 PM | ---D | M] - C:\WINDOWS\System32\bits
[08/22/2008 11:36 PM | ---D | M] - C:\WINDOWS\System32\PreInstall
[08/23/2008 08:26 AM | 00,091,888 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT
[08/23/2008 12:26 AM | ---D | M] - C:\WINDOWS\System32\ReinstallBackups
[08/23/2008 12:33 AM | ---D | M] - C:\WINDOWS\System32\usmt
[08/23/2008 12:34 AM | ---D | M] - C:\WINDOWS\System32\Com
[08/23/2008 12:35 AM | ---D | M] - C:\WINDOWS\System32\npp
[08/23/2008 12:35 AM | ---D | M] - C:\WINDOWS\System32\Restore
[08/23/2008 12:40 AM | ---D | M] - C:\WINDOWS\System32\oobe
[08/23/2008 12:40 AM | ---D | M] - C:\WINDOWS\System32\Setup
[08/23/2008 12:48 AM | ---D | M] - C:\WINDOWS\System32\CatRoot
[08/23/2008 12:52 AM | ---D | M] - C:\WINDOWS\System32\wbem
[08/23/2008 12:54 AM | ---D | M] - C:\WINDOWS\System32\inetsrv
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\akttzn.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\anticipator.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\awtoolb.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\bdn.com
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\bsva-egihsg52.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\dpcproxy.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\emesx.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\h@tkeysh@@k.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\hoproxy.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\hxiwlgpm.dat
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\hxiwlgpm.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\medup012.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\medup020.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\msgp.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\msnbho.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\mssecu.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\msvchost.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\mtr2.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\mwin32.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\netode.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\newsd32.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\ps1.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\psof1.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\psoft1.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\regc64.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\regm64.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\Rundl1.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\sncntr.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\ssurf022.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\ssvchost.com
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\ssvchost.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\sysreq.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\taack.dat
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\taack.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\temp#01.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\thun.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\thun32.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\VBIEWER.OCX
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\vbsys2.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\vcatchpi.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\winlogonpc.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\winsystem.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\System32\WINWGPX.EXE
[08/23/2008 12:55 AM | ---D | M] - C:\WINDOWS\System32\smp
[08/23/2008 12:56 AM | 00,040,394 | ---- | M] () - C:\WINDOWS\System32\perfc009.dat
[08/23/2008 12:56 AM | 00,312,172 | ---- | M] () - C:\WINDOWS\System32\perfh009.dat
[08/23/2008 12:56 AM | 00,356,120 | ---- | M] () - C:\WINDOWS\System32\PerfStringBackup.INI
[08/23/2008 12:57 AM | 00,002,206 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl
[08/24/2008 10:02 AM | ---D | M] - C:\WINDOWS\System32\drivers
[08/24/2008 10:02 AM | RHSD | M] - C:\WINDOWS\System32\dllcache
[08/24/2008 11:07 PM | 00,011,289 | ---- | M] () - C:\WINDOWS\System32\nvModes.dat
[08/26/2008 01:35 PM | 00,011,289 | ---- | M] () - C:\WINDOWS\System32\nvModes.001
[08/26/2008 01:35 PM | 00,017,112 | ---- | M] () - C:\WINDOWS\System32\nvapps.xml
[08/26/2008 10:18 AM | ---D | M] - C:\WINDOWS\System32\CatRoot2
[9 C:\WINDOWS\*.tmp files]
[08/22/2008 06:05 PM | 00,013,714 | ---- | M] () - C:\WINDOWS\qecidy.sys
[08/22/2008 06:05 PM | 00,014,940 | ---- | M] () - C:\WINDOWS\puzojywex.vbs
[08/22/2008 06:05 PM | 00,015,906 | ---- | M] () - C:\WINDOWS\ylegapytil.ban
[08/22/2008 06:05 PM | 00,016,475 | ---- | M] () - C:\WINDOWS\enydefov.lib
[08/22/2008 06:05 PM | 00,017,005 | ---- | M] () - C:\WINDOWS\apupiwap.bin
[08/22/2008 06:05 PM | 00,017,141 | ---- | M] () - C:\WINDOWS\itajeraza.dll
[08/22/2008 06:05 PM | 00,017,482 | ---- | M] () - C:\WINDOWS\mopafan.dat
[08/22/2008 06:05 PM | 00,017,640 | ---- | M] () - C:\WINDOWS\ufimyjybez.inf
[08/22/2008 06:05 PM | 00,019,944 | ---- | M] () - C:\WINDOWS\owamycu.pif
[08/22/2008 11:06 PM | ---D | M] - C:\WINDOWS\Minidump
[08/22/2008 11:08 PM | ---D | M] - C:\WINDOWS\erdnt
[08/22/2008 11:11 PM | 00,000,227 | ---- | M] () - C:\WINDOWS\system.ini
[08/22/2008 11:30 PM | --SD | M] - C:\WINDOWS\Downloaded Program Files
[08/22/2008 11:38 PM | ---D | M] - C:\WINDOWS\SoftwareDistribution
[08/23/2008 01:01 AM | ---D | M] - C:\WINDOWS\security
[08/23/2008 12:14 AM | ---D | M] - C:\WINDOWS\EHome
[08/23/2008 12:22 AM | -H-D | M] - C:\WINDOWS\$NtServicePackUninstall$
[08/23/2008 12:29 AM | R--D | M] - C:\WINDOWS\Web
[08/23/2008 12:33 AM | ---D | M] - C:\WINDOWS\system
[08/23/2008 12:35 AM | ---D | M] - C:\WINDOWS\msagent
[08/23/2008 12:35 AM | ---D | M] - C:\WINDOWS\mui
[08/23/2008 12:35 AM | ---D | M] - C:\WINDOWS\ServicePackFiles
[08/23/2008 12:35 AM | ---D | M] - C:\WINDOWS\srchasst
[08/23/2008 12:40 AM | ---D | M] - C:\WINDOWS\ime
[08/23/2008 12:40 AM | ---D | M] - C:\WINDOWS\Media
[08/23/2008 12:40 AM | ---D | M] - C:\WINDOWS\peernet
[08/23/2008 12:40 AM | ---D | M] - C:\WINDOWS\provisioning
[08/23/2008 12:42 AM | 00,000,503 | ---- | M] () - C:\WINDOWS\win.ini
[08/23/2008 12:51 AM | ---D | M] - C:\WINDOWS\AppPatch
[08/23/2008 12:51 AM | R-SD | M] - C:\WINDOWS\Fonts
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\a.bat
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\bdn.com
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\FVProtect.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\iTunesMusic.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\mssecu.exe
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\userconfig9x.dll
[08/23/2008 12:55 AM | 00,004,096 | ---- | M] () - C:\WINDOWS\winsystem.exe
[08/23/2008 12:55 AM | 00,316,640 | ---- | M] () - C:\WINDOWS\WMSysPr9.prx
[08/23/2008 12:55 AM | ---D | M] - C:\WINDOWS\Debug
[08/23/2008 12:55 AM | ---D | M] - C:\WINDOWS\mslagent
[08/23/2008 12:58 AM | ---D | M] - C:\WINDOWS\WinSxS
[08/23/2008 12:58 AM | -HSD | M] - C:\WINDOWS\Installer
[08/24/2008 06:10 PM | ---D | M] - C:\WINDOWS\Help
[08/24/2008 06:10 PM | ---D | M] - C:\WINDOWS\nview
[08/24/2008 06:11 PM | ---D | M] - C:\WINDOWS\system32
[08/24/2008 10:01 AM | 00,001,374 | ---- | M] () - C:\WINDOWS\imsins.BAK
[08/24/2008 10:02 AM | -H-D | M] - C:\WINDOWS\$hf_mig$
[08/24/2008 10:02 AM | -H-D | M] - C:\WINDOWS\inf
[08/26/2008 01:34 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat
[08/26/2008 01:38 PM | ---D | M] - C:\WINDOWS\temp
[08/26/2008 01:38 PM | --SD | M] - C:\WINDOWS\Tasks
[08/26/2008 01:39 PM | ---D | M] - C:\WINDOWS\Prefetch
[08/26/2008 01:34 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT
[08/26/2008 01:38 PM | 00,000,330 | -H-- | M] () - C:\WINDOWS\tasks\MP Scheduled Scan.job
[08/22/2008 06:03 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\olwjmfyd
[08/22/2008 06:05 PM | 00,015,413 | ---- | M] () - C:\Documents and Settings\All Users\Application Data\sapucunosy.dat
[08/22/2008 11:43 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\McAfee
[08/22/2008 11:45 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[08/22/2008 11:53 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[08/23/2008 12:55 AM | ---D | M] - C:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 120 bytes -> %AllUsersProfile%\Application Data\TEMP:5C321E34
[08/23/2008 12:58 AM | --SD | M] - C:\Documents and Settings\All Users\Application Data\Microsoft
[08/22/2008 06:05 PM | 00,010,792 | ---- | M] () - C:\Documents and Settings\Julie\Application Data\ukohu.bin
[08/22/2008 06:05 PM | 00,013,395 | ---- | M] () - C:\Documents and Settings\Julie\Application Data\yvobezele.ban
[08/23/2008 12:57 AM | --SD | M] - C:\Documents and Settings\Julie\Application Data\Microsoft
[08/22/2008 06:05 PM | 00,011,600 | ---- | M] () - C:\Documents and Settings\Julie\Local Settings\Application Data\xyqide.db
[08/22/2008 06:05 PM | 00,015,236 | ---- | M] () - C:\Documents and Settings\Julie\Local Settings\Application Data\hibamymepy.com
[08/22/2008 06:05 PM | 00,015,830 | ---- | M] () - C:\Documents and Settings\Julie\Local Settings\Application Data\iqufenali.vbs
[08/22/2008 06:05 PM | 00,016,123 | ---- | M] () - C:\Documents and Settings\Julie\Local Settings\Application Data\ilylecig.scr
[08/22/2008 06:05 PM | 00,019,553 | ---- | M] () - C:\Documents and Settings\Julie\Local Settings\Application Data\tevokyb.com
[08/23/2008 12:54 AM | 00,013,104 | ---- | M] () - C:\Documents and Settings\Julie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[08/23/2008 12:58 AM | ---D | M] - C:\Documents and Settings\Julie\Local Settings\Application Data\Microsoft
[08/25/2008 11:47 PM | 03,217,368 | -H-- | M] () - C:\Documents and Settings\Julie\Local Settings\Application Data\IconCache.db
[08/22/2008 06:05 PM | 00,010,954 | ---- | M] () - C:\Documents and Settings\All Users\Documents\pupykom.bat
[08/22/2008 06:05 PM | 00,011,895 | ---- | M] () - C:\Documents and Settings\All Users\Documents\obohulyhid.com
[08/22/2008 06:05 PM | 00,017,824 | ---- | M] () - C:\Documents and Settings\All Users\Documents\iquzame.bin
[08/23/2008 12:42 AM | R--D | M] - C:\Documents and Settings\All Users\Documents\My Music
[08/23/2008 12:54 AM | 00,000,076 | -HS- | M] () - C:\Documents and Settings\Julie\My Documents\desktop.ini
[08/23/2008 12:54 AM | R--D | M] - C:\Documents and Settings\Julie\My Documents\My Music
[08/25/2008 11:46 PM | R--D | M] - C:\Documents and Settings\Julie\My Documents\My Pictures
[08/22/2008 10:06 PM | 00,000,763 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\ewido anti-spyware.lnk
[08/22/2008 06:03 PM | 00,000,126 | ---- | M] () - C:\Documents and Settings\Julie\Desktop\delself.bat
[08/22/2008 09:53 PM | 00,000,502 | ---- | M] () - C:\Documents and Settings\Julie\Desktop\Shortcut to SmitfraudFix.lnk
[08/22/2008 10:44 PM | 00,092,672 | ---- | M] (Option^Explicit Software                        vbtechcd@gmail.com) - C:\Documents and Settings\Julie\Desktop\KillBox.exe
[08/22/2008 10:45 PM | 02,922,072 | ---- | M] (Piriform Ltd) - C:\Documents and Settings\Julie\Desktop\ccsetup210.exe
[08/22/2008 10:46 PM | 02,720,466 | R--- | M] () - C:\Documents and Settings\Julie\Desktop\ComboFix.exe
[08/22/2008 11:04 PM | 00,001,548 | ---- | M] () - C:\Documents and Settings\Julie\Desktop\CCleaner.lnk
[08/22/2008 11:23 PM | ---D | M] - C:\Documents and Settings\Julie\Desktop\SmitfraudFix
[08/22/2008 11:47 PM | 00,000,690 | ---- | M] () - C:\Documents and Settings\Julie\Desktop\SpywareBlaster.lnk
[08/23/2008 08:39 AM | 00,001,734 | ---- | M] () - C:\Documents and Settings\Julie\Desktop\HijackThis.lnk
[08/26/2008 01:38 PM | 01,299,968 | ---- | M] (OldTimer Tools) - C:\Documents and Settings\Julie\Desktop\OTViewIt.exe
[08/22/2008 11:45 PM | ---D | M] - C:\Program Files\Common Files\McAfee
[08/23/2008 12:34 AM | ---D | M] - C:\Program Files\Common Files\System

< End of report >