[code] OTScanIt2 logfile created on: 19.2.2009 9:58:56 - Run 1 OTScanIt2 by OldTimer - Version 1.0.7.1 Folder = C:\Documents and Settings\install\Desktop\OTScanIt2 Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000041A | Country: Croatia | Language: HRV | Date Format: d.M.yyyy 502,42 Mb Total Physical Memory | 194,03 Mb Available Physical Memory | 38,62% Memory free 1,20 Gb Paging File | 0,87 Gb Available in Paging File | 72,27% Paging File free Paging file location(s): c:\pagefile.sys 756 1512; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 11,94 Gb Free Space | 40,75% Space Free | Partition Type: NTFS Drive D: | 63,86 Gb Total Space | 37,58 Gb Free Space | 58,86% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 7,45 Gb Total Space | 3,58 Gb Free Space | 48,05% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HP-PAVILION Current User Name: install Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On File Age = 30 Days [Processes - Safe List] ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> [2009.02.05 22:08:26 | 00,254,040 | ---- | M] (ALWIL Software) ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [2009.02.05 22:08:40 | 00,138,680 | ---- | M] (ALWIL Software) ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> [2009.02.05 22:06:04 | 00,352,920 | ---- | M] (ALWIL Software) aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [2009.02.05 22:01:25 | 00,018,752 | ---- | M] (ALWIL Software) ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\ccEvtMgr.exe -> [2006.11.21 17:38:32 | 00,192,104 | ---- | M] (Symantec Corporation) ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\ccSetMgr.exe -> [2006.11.21 17:38:40 | 00,169,576 | ---- | M] (Symantec Corporation) defwatch.exe -> %ProgramFiles%\Symantec AntiVirus\DefWatch.exe -> [2007.03.14 19:48:40 | 00,031,424 | ---- | M] (Symantec Corporation) nbservice.exe -> %CommonProgramFiles%\Nero\Nero BackItUp 4\NBService.exe -> [2008.09.30 12:48:28 | 00,935,208 | ---- | M] (Nero AG) otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2009.01.26 12:13:22 | 00,504,320 | ---- | M] (OldTimer Tools) rtvscan.exe -> %ProgramFiles%\Symantec AntiVirus\Rtvscan.exe -> [2007.03.14 19:48:50 | 01,816,768 | ---- | M] (Symantec Corporation) spbbcsvc.exe -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> [2007.01.10 16:27:38 | 01,160,792 | ---- | M] (Symantec Corporation) wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> [2008.04.14 05:42:42 | 00,235,520 | ---- | M] (Microsoft Corporation) wuauclt.exe -> %SystemRoot%\system32\wuauclt.exe -> [2009.01.08 20:14:39 | 00,051,224 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007.10.24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [2009.02.05 22:01:25 | 00,018,752 | ---- | M] (ALWIL Software) (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [2009.02.05 22:08:40 | 00,138,680 | ---- | M] (ALWIL Software) (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> [2009.02.05 22:08:26 | 00,254,040 | ---- | M] (ALWIL Software) (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> [2009.02.05 22:06:04 | 00,352,920 | ---- | M] (ALWIL Software) (ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccEvtMgr.exe -> [2006.11.21 17:38:32 | 00,192,104 | ---- | M] (Symantec Corporation) (ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSetMgr.exe -> [2006.11.21 17:38:40 | 00,169,576 | ---- | M] (Symantec Corporation) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007.10.24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) (Com4QLBEx) Com4QLBEx [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -> [2008.04.03 11:33:26 | 00,193,840 | ---- | M] (Hewlett-Packard Development Company, L.P.) (DefWatch) Symantec AntiVirus Definition Watcher [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec AntiVirus\DefWatch.exe -> [2007.03.14 19:48:40 | 00,031,424 | ---- | M] (Symantec Corporation) (helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\pchealth\helpctr\binaries\pchsvc.dll -> [2008.04.14 05:42:04 | 00,038,400 | ---- | M] (Microsoft Corporation) (hpqwmiex) hpqwmiex [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> [2008.05.01 16:25:56 | 00,165,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) (LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_1.EXE -> [2006.09.02 16:36:33 | 02,528,960 | ---- | M] (Symantec Corporation) (Microsoft Office Groove Audit Service) Microsoft Office Groove Audit Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Microsoft Office\Office12\GrooveAuditService.exe -> [2007.08.24 06:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) (Nero BackItUp Scheduler 4.0) Nero BackItUp Scheduler 4.0 [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Nero\Nero BackItUp 4\NBService.exe -> [2008.09.30 12:48:28 | 00,935,208 | ---- | M] (Nero AG) (odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007.08.24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2006.10.26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) (SavRoam) SavRoam [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec AntiVirus\SavRoam.exe -> [2007.03.14 19:48:56 | 00,116,416 | ---- | M] (symantec) (SNDSrvc) Symantec Network Drivers Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> [2007.02.12 17:23:10 | 00,214,672 | ---- | M] (Symantec Corporation) (SoundMAX Agent Service (default)) SoundMAX Agent Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> [2002.09.20 14:50:10 | 00,065,536 | ---- | M] (Analog Devices, Inc.) (SPBBCSvc) Symantec SPBBCSvc [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> [2007.01.10 16:27:38 | 01,160,792 | ---- | M] (Symantec Corporation) (Symantec AntiVirus) Symantec AntiVirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec AntiVirus\Rtvscan.exe -> [2007.03.14 19:48:50 | 01,816,768 | ---- | M] (Symantec Corporation) (WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006.10.18 19:05:24 | 00,930,816 | ---- | M] (Microsoft Corporation) (WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\wudfsvc.dll -> [2009.01.08 21:08:43 | 00,055,808 | ---- | M] (Microsoft Corporation) [Driver Services - All] (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aavmker4.sys -> [2009.02.05 22:05:11 | 00,026,944 | ---- | M] (ALWIL Software) (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found (abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found (ACPI) Microsoft ACPI Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\acpi.sys -> [2008.04.14 00:06:36 | 00,187,776 | ---- | M] (Microsoft Corporation) (ACPIEC) Microsoft Embedded Controller Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\acpiec.sys -> [2001.08.23 12:00:00 | 00,011,648 | ---- | M] (Microsoft Corporation) (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found (aeaudio) aeaudio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aeaudio.sys -> [2004.10.06 07:29:50 | 00,129,280 | ---- | M] (Andrea Electronics Corporation) (aec) Microsoft Kernel Acoustic Echo Canceller [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\aec.sys -> [2009.01.08 20:41:28 | 00,142,592 | ---- | M] (Microsoft Corporation) (AFD) AFD [Kernel | System | Running] -> %SystemRoot%\system32\drivers\afd.sys -> [2009.01.08 20:06:09 | 00,138,496 | ---- | M] (Microsoft Corporation) (AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\AGRSM.sys -> [2005.04.13 09:12:38 | 01,066,278 | ---- | M] (Agere Systems) (Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found (aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found (AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found (amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found (ApfiltrService) Alps Pointing-device Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Apfiltr.sys -> [2005.01.31 17:23:08 | 00,109,319 | ---- | M] (Alps Electric Co., Ltd.) (Arp1394) 1394 ARP Client Protocol [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\arp1394.sys -> [2009.01.08 20:41:28 | 00,060,800 | ---- | M] (Microsoft Corporation) (asc) asc [Kernel | Disabled | Stopped] -> -> File not found (asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found (asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswFsBlk.sys -> [2009.02.05 22:07:12 | 00,020,560 | ---- | M] (ALWIL Software) (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswmon2.sys -> [2009.02.05 22:08:10 | 00,094,032 | ---- | M] (ALWIL Software) (aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aswRdr.sys -> [2009.02.05 22:06:10 | 00,023,152 | ---- | M] (ALWIL Software) (aswSP) avast! Self Protection [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aswSP.sys -> [2009.02.05 22:07:23 | 00,114,768 | ---- | M] (ALWIL Software) (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aswTdi.sys -> [2009.02.05 22:06:20 | 00,051,376 | ---- | M] (ALWIL Software) (AsyncMac) RAS Asynchronous Media Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\asyncmac.sys -> [2008.04.14 00:27:28 | 00,014,336 | ---- | M] (Microsoft Corporation) (atapi) Standard IDE/ESDI Hard Disk Controller [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\atapi.sys -> [2008.04.14 00:10:32 | 00,096,512 | ---- | M] (Microsoft Corporation) (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found (Atmarpc) ATM ARP Client Protocol [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\atmarpc.sys -> [2008.04.14 00:21:26 | 00,059,904 | ---- | M] (Microsoft Corporation) (audstub) Audio Stub Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\audstub.sys -> [2001.08.17 14:59:44 | 00,003,072 | ---- | M] (Microsoft Corporation) (Beep) Beep [Kernel | System | Running] -> %SystemRoot%\system32\drivers\beep.sys -> [2001.08.23 12:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) (cbidf2k) cbidf2k [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cbidf2k.sys -> [2001.08.23 12:00:00 | 00,013,952 | ---- | M] (Microsoft Corporation) (cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found (Cdaudio) Cdaudio [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\cdaudio.sys -> [2009.01.08 20:38:03 | 00,018,688 | ---- | M] (Microsoft Corporation) (Cdfs) Cdfs [File_System | Disabled | Running] -> %SystemRoot%\system32\drivers\cdfs.sys -> [2008.04.14 00:44:22 | 00,063,744 | ---- | M] (Microsoft Corporation) (cdrbsdrv) cdrbsdrv [Kernel | System | Running] -> %SystemRoot%\system32\drivers\CDRBSDRV.SYS -> [2004.03.08 12:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) (cdrbsvsd) cdrbsvsd [Kernel | System | Stopped] -> -> File not found (Cdrom) CD-ROM Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\cdrom.sys -> [2009.01.08 20:06:23 | 00,062,976 | ---- | M] (Microsoft Corporation) (Changer) Changer [Kernel | System | Stopped] -> -> File not found (CmBatt) Microsoft AC Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\cmbatt.sys -> [2009.01.08 20:41:28 | 00,013,952 | ---- | M] (Microsoft Corporation) (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found (Compbatt) Microsoft Composite Battery Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\compbatt.sys -> [2009.01.08 20:41:28 | 00,010,240 | ---- | M] (Microsoft Corporation) (Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found (dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found (Disk) Disk Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\disk.sys -> [2009.01.08 20:06:46 | 00,036,352 | ---- | M] (Microsoft Corporation) (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> [2008.04.14 00:14:50 | 00,799,744 | ---- | M] (Microsoft Corp., Veritas Software) (dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> [2008.04.14 00:14:48 | 00,153,344 | ---- | M] (Microsoft Corp., Veritas Software) (dmload) dmload [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmload.sys -> [2001.08.23 12:00:00 | 00,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) (DMusic) Microsoft Kernel DLS Syntheiszer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\DMusic.sys -> [2008.04.14 00:15:02 | 00,052,864 | ---- | M] (Microsoft Corporation) (dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found (drmkaud) Microsoft Kernel DRM Audio Descrambler [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\drmkaud.sys -> [2009.01.08 20:41:28 | 00,002,944 | ---- | M] (Microsoft Corporation) (eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\eeCtrl.sys -> [2009.01.14 11:07:28 | 00,371,248 | ---- | M] (Symantec Corporation) (EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2009.01.14 11:07:28 | 00,099,376 | ---- | M] (Symantec Corporation) (Fastfat) Fastfat [File_System | Disabled | Stopped] -> %SystemRoot%\system32\drivers\fastfat.sys -> [2008.04.14 00:44:30 | 00,143,744 | ---- | M] (Microsoft Corporation) (Fdc) Fdc [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\fdc.sys -> [2008.04.14 00:10:26 | 00,027,392 | ---- | M] (Microsoft Corporation) (Fips) Fips [Kernel | System | Running] -> %SystemRoot%\system32\drivers\fips.sys -> [2008.04.14 00:03:30 | 00,044,544 | ---- | M] (Microsoft Corporation) (Flpydisk) Flpydisk [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\flpydisk.sys -> [2008.04.14 00:10:26 | 00,020,480 | ---- | M] (Microsoft Corporation) (FltMgr) FltMgr [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\fltMgr.sys -> [2008.04.14 00:03:00 | 00,129,792 | ---- | M] (Microsoft Corporation) (Ftdisk) Volume Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ftdisk.sys -> [2001.08.23 12:00:00 | 00,125,056 | ---- | M] (Microsoft Corporation) (GearAspiWDM) GearAspiWDM [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GearAspiWDM.sys -> [2007.03.27 11:33:38 | 00,015,664 | R--- | M] (GEAR Software Inc.) (Gpc) Generic Packet Classifier [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\msgpc.sys -> [2008.04.14 00:26:34 | 00,035,072 | ---- | M] (Microsoft Corporation) (GT72NDISIPXP) GT 72 IP NDIS [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Gt51Ip.sys -> [2007.07.09 14:17:36 | 00,095,744 | ---- | M] (Option NV) (GT72UBUS) GT 72 U BUS [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\gt72ubus.sys -> [2007.06.26 13:38:46 | 00,051,968 | ---- | M] (Option N.V.) (GTPTSER) GT PT SER [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\gtptser.sys -> [2007.03.30 13:38:14 | 00,008,064 | ---- | M] (Option N.V.) (HidUsb) Microsoft HID Class Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\hidusb.sys -> [2008.04.14 00:15:28 | 00,010,368 | ---- | M] (Microsoft Corporation) (hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found (HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HpqKbFiltr.sys -> [2007.06.18 17:12:04 | 00,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) (HTTP) HTTP [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\http.sys -> [2008.04.14 00:23:54 | 00,264,832 | ---- | M] (Microsoft Corporation) (i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found (i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found (i8042prt) i8042 Keyboard and PS/2 Mouse Port Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\i8042prt.sys -> [2008.04.14 00:48:02 | 00,052,480 | ---- | M] (Microsoft Corporation) (ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ialmnt5.sys -> [2005.07.19 11:34:22 | 01,049,180 | ---- | M] (Intel Corporation) (Imapi) CD-Burning Filter Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\imapi.sys -> [2008.04.14 00:11:00 | 00,042,112 | ---- | M] (Microsoft Corporation) (ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found (IntelIde) IntelIde [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\intelide.sys -> [2008.04.14 00:10:30 | 00,005,504 | ---- | M] (Microsoft Corporation) (intelppm) Intel Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\intelppm.sys -> [2008.04.14 00:01:34 | 00,036,352 | ---- | M] (Microsoft Corporation) (Ip6Fw) IPv6 Windows Firewall Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ip6fw.sys -> [2008.04.14 00:23:36 | 00,036,608 | ---- | M] (Microsoft Corporation) (IpFilterDriver) IP Traffic Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ipfltdrv.sys -> [2001.08.23 12:00:00 | 00,032,896 | ---- | M] (Microsoft Corporation) (IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ipinip.sys -> [2008.04.14 00:27:08 | 00,020,864 | ---- | M] (Microsoft Corporation) (IpNat) IP Network Address Translator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ipnat.sys -> [2008.04.14 00:27:16 | 00,152,832 | ---- | M] (Microsoft Corporation) (IPSec) IPSEC driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\ipsec.sys -> [2008.04.14 00:49:44 | 00,075,264 | ---- | M] (Microsoft Corporation) (IRENUM) IR Enumerator Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\irenum.sys -> [2008.04.14 00:24:30 | 00,011,264 | ---- | M] (Microsoft Corporation) (isapnp) PnP ISA/EISA Bus Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\isapnp.sys -> [2008.04.14 00:06:42 | 00,037,248 | ---- | M] (Microsoft Corporation) (Kbdclass) Keyboard Class Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\kbdclass.sys -> [2008.04.14 00:09:48 | 00,024,576 | ---- | M] (Microsoft Corporation) (kmixer) Microsoft Kernel Wave Audio Mixer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\kmixer.sys -> [2009.01.08 20:41:28 | 00,172,416 | ---- | M] (Microsoft Corporation) (KSecDD) KSecDD [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ksecdd.sys -> [2008.04.14 00:01:44 | 00,092,288 | ---- | M] (Microsoft Corporation) (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found (MidiSyn) MidiSyn [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MidiSyn.sys -> [2002.09.20 09:53:34 | 00,235,100 | ---- | M] (Analog Devices Inc) (mnmdd) mnmdd [Kernel | System | Running] -> %SystemRoot%\system32\drivers\mnmdd.sys -> [2001.08.23 12:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) (Modem) Modem [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\modem.sys -> [2009.01.08 20:41:28 | 00,030,080 | ---- | M] (Microsoft Corporation) (Mouclass) Mouse Class Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\mouclass.sys -> [2009.01.08 20:41:28 | 00,023,040 | ---- | M] (Microsoft Corporation) (mouhid) Mouse HID Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mouhid.sys -> [2009.01.08 20:38:03 | 00,012,160 | ---- | M] (Microsoft Corporation) (MountMgr) MountMgr [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\mountmgr.sys -> [2008.04.14 00:09:48 | 00,042,368 | ---- | M] (Microsoft Corporation) (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found (MRxDAV) WebDav Client Redirector [File_System | On_Demand | Running] -> %SystemRoot%\system32\drivers\mrxdav.sys -> [2009.01.08 20:07:56 | 00,179,712 | ---- | M] (Microsoft Corporation) (MRxSmb) MRxSmb [File_System | System | Running] -> %SystemRoot%\system32\drivers\mrxsmb.sys -> [2009.01.08 20:07:59 | 00,455,936 | ---- | M] (Microsoft Corporation) (Msfs) Msfs [File_System | System | Running] -> %SystemRoot%\system32\drivers\msfs.sys -> [2008.04.14 00:02:40 | 00,019,072 | ---- | M] (Microsoft Corporation) (MSKSSRV) Microsoft Streaming Service Proxy [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mskssrv.sys -> [2009.01.08 20:41:28 | 00,007,552 | ---- | M] (Microsoft Corporation) (MSPCLOCK) Microsoft Streaming Clock Proxy [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mspclock.sys -> [2009.01.08 20:41:28 | 00,005,376 | ---- | M] (Microsoft Corporation) (MSPQM) Microsoft Streaming Quality Manager Proxy [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mspqm.sys -> [2009.01.08 20:41:28 | 00,004,992 | ---- | M] (Microsoft Corporation) (mssmbios) Microsoft System Management BIOS Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mssmbios.sys -> [2009.01.08 20:41:28 | 00,015,488 | ---- | M] (Microsoft Corporation) (Mup) Mup [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\mup.sys -> [2009.01.08 20:09:44 | 00,105,344 | ---- | M] (Microsoft Corporation) (NAVENG) NAVENG [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20090205.007\NAVENG.SYS -> [2009.01.14 11:07:28 | 00,089,104 | ---- | M] (Symantec Corporation) (NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20090205.007\NAVEX15.SYS -> [2009.01.14 11:07:28 | 00,876,112 | ---- | M] (Symantec Corporation) (NDIS) NDIS System Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ndis.sys -> [2008.04.14 00:50:38 | 00,182,656 | ---- | M] (Microsoft Corporation) (NdisTapi) Remote Access NDIS TAPI Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ndistapi.sys -> [2008.04.14 00:27:28 | 00,010,112 | ---- | M] (Microsoft Corporation) (Ndisuio) NDIS Usermode I/O Protocol [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ndisuio.sys -> [2009.01.08 20:41:28 | 00,014,592 | ---- | M] (Microsoft Corporation) (NdisWan) Remote Access NDIS WAN Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ndiswan.sys -> [2008.04.14 00:50:44 | 00,091,520 | ---- | M] (Microsoft Corporation) (NDProxy) NDIS Proxy [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ndproxy.sys -> [2008.04.14 00:27:30 | 00,040,576 | ---- | M] (Microsoft Corporation) (NetBIOS) NetBIOS Interface [File_System | System | Running] -> %SystemRoot%\system32\drivers\netbios.sys -> [2008.04.14 00:26:04 | 00,034,688 | ---- | M] (Microsoft Corporation) (NetBT) NetBios over Tcpip [Kernel | System | Running] -> %SystemRoot%\system32\drivers\netbt.sys -> [2008.04.14 00:51:02 | 00,162,816 | ---- | M] (Microsoft Corporation) (NIC1394) 1394 Net Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nic1394.sys -> [2009.01.08 20:41:28 | 00,061,824 | ---- | M] (Microsoft Corporation) (Npfs) Npfs [File_System | System | Running] -> %SystemRoot%\system32\drivers\npfs.sys -> [2008.04.14 00:02:40 | 00,030,848 | ---- | M] (Microsoft Corporation) (Ntfs) Ntfs [File_System | Disabled | Running] -> %SystemRoot%\system32\drivers\ntfs.sys -> [2008.11.18 15:02:08 | 00,576,384 | ---- | M] (Microsoft Corporation) (Null) Null [Kernel | System | Running] -> %SystemRoot%\system32\drivers\null.sys -> [2001.08.23 12:00:00 | 00,002,944 | ---- | M] (Microsoft Corporation) (NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nwlnkflt.sys -> [2001.08.23 12:00:00 | 00,012,416 | ---- | M] (Microsoft Corporation) (NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nwlnkfwd.sys -> [2001.08.23 12:00:00 | 00,032,512 | ---- | M] (Microsoft Corporation) (ohci1394) Texas Instruments OHCI Compliant IEEE 1394 Host Controller [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ohci1394.sys -> [2009.01.08 20:10:42 | 00,061,824 | ---- | M] (Microsoft Corporation) (Parport) Parport [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\parport.sys -> [2009.01.08 20:41:28 | 00,080,128 | ---- | M] (Microsoft Corporation) (PartMgr) PartMgr [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\partmgr.sys -> [2008.04.14 00:10:50 | 00,019,712 | ---- | M] (Microsoft Corporation) (ParVdm) ParVdm [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\parvdm.sys -> [2001.08.23 12:00:00 | 00,006,784 | ---- | M] (Microsoft Corporation) (Passthru) Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ndisio.sys -> [2009.02.06 14:07:07 | 00,053,248 | ---- | M] () (PCI) PCI Bus Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pci.sys -> [2008.04.14 00:06:46 | 00,068,224 | ---- | M] (Microsoft Corporation) (PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found (PCIIde) PCIIde [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pciide.sys -> [2001.08.23 12:00:00 | 00,003,328 | ---- | M] (Microsoft Corporation) (Pcmcia) Pcmcia [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pcmcia.sys -> [2008.04.14 00:06:44 | 00,120,192 | ---- | M] (Microsoft Corporation) (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found (perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found (perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found (PptpMiniport) WAN Miniport (PPTP) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\raspptp.sys -> [2008.04.14 00:49:50 | 00,048,384 | ---- | M] (Microsoft Corporation) (PSched) QoS Packet Scheduler [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\psched.sys -> [2008.04.14 00:26:40 | 00,069,120 | ---- | M] (Microsoft Corporation) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2001.08.23 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2006.11.02 16:57:04 | 00,036,624 | ---- | M] (Sonic Solutions) (ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found (ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found (ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found (ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found (RasAcd) Remote Access Auto Connection Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\rasacd.sys -> [2001.08.23 12:00:00 | 00,008,832 | ---- | M] (Microsoft Corporation) (Rasl2tp) WAN Miniport (L2TP) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\rasl2tp.sys -> [2008.04.14 00:49:44 | 00,051,328 | ---- | M] (Microsoft Corporation) (RasPppoe) Remote Access PPPOE Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\raspppoe.sys -> [2008.04.14 00:27:34 | 00,041,472 | ---- | M] (Microsoft Corporation) (Raspti) Direct Parallel [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\raspti.sys -> [2001.08.23 12:00:00 | 00,016,512 | ---- | M] (Microsoft Corporation) (Rdbss) Rdbss [File_System | System | Running] -> %SystemRoot%\system32\drivers\rdbss.sys -> [2009.01.08 20:11:25 | 00,174,848 | ---- | M] (Microsoft Corporation) (RDPCDD) RDPCDD [Kernel | System | Running] -> %SystemRoot%\system32\drivers\rdpcdd.sys -> [2001.08.23 12:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) (rdpdr) Terminal Server Device Redirector Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\rdpdr.sys -> [2008.04.14 00:02:52 | 00,196,224 | ---- | M] (Microsoft Corporation) (RDPWD) RDPWD [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\rdpwd.sys -> [2009.01.08 20:11:26 | 00,139,656 | ---- | M] (Microsoft Corporation) (redbook) Digital CD Audio Playback Filter Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\redbook.sys -> [2008.04.14 01:10:28 | 00,057,600 | ---- | M] (Microsoft Corporation) (rspndr) Link-Layer Topology Discovery Responder [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\rspndr.sys -> [2009.01.08 20:16:27 | 00,062,848 | ---- | M] (Microsoft Corporation) (RTL8023xp) Realtek 10/100/1000 PCI NIC Family NDIS XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Rtnicxp.sys -> [2008.12.02 06:05:34 | 00,118,656 | ---- | M] (Realtek Semiconductor Corporation ) (rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> -> File not found (SAVRT) SAVRT [Kernel | System | Running] -> %ProgramFiles%\Symantec AntiVirus\savrt.sys -> [2006.09.06 14:41:20 | 00,337,592 | ---- | M] (Symantec Corporation) (SAVRTPEL) SAVRTPEL [Kernel | System | Running] -> %ProgramFiles%\Symantec AntiVirus\Savrtpel.sys -> [2006.09.06 14:41:20 | 00,054,968 | ---- | M] (Symantec Corporation) (sdbus) sdbus [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sdbus.sys -> [2008.04.14 00:06:46 | 00,079,232 | ---- | M] (Microsoft Corporation) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2008.04.13 22:09:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (senfilt) senfilt [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\senfilt.sys -> [2004.04.26 07:49:56 | 00,381,056 | ---- | M] (Sensaura) (Serial) Serial [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\serial.sys -> [2008.04.14 00:45:46 | 00,064,512 | ---- | M] (Microsoft Corporation) (Sfloppy) Sfloppy [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\sfloppy.sys -> [2008.04.14 00:10:50 | 00,011,392 | ---- | M] (Microsoft Corporation) (Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found (smwdm) smwdm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\smwdm.sys -> [2004.09.01 11:17:46 | 00,259,648 | ---- | M] (Analog Devices, Inc.) (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found (SPBBCDrv) SPBBCDrv [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCDrv.sys -> [2007.01.10 16:27:26 | 00,390,744 | ---- | M] (Symantec Corporation) (splitter) Microsoft Kernel Audio Splitter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\splitter.sys -> [2008.04.14 00:15:08 | 00,006,272 | ---- | M] (Microsoft Corporation) (sr) System Restore Filter Driver [File_System | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sr.sys -> [2008.04.14 00:06:54 | 00,073,472 | ---- | M] (Microsoft Corporation) (Srv) Srv [File_System | On_Demand | Running] -> %SystemRoot%\system32\drivers\srv.sys -> [2009.01.08 20:12:55 | 00,333,824 | ---- | M] (Microsoft Corporation) (swenum) Software Bus Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\swenum.sys -> [2009.01.08 20:41:28 | 00,004,352 | ---- | M] (Microsoft Corporation) (swmidi) Microsoft Kernel GS Wavetable Synthesizer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\swmidi.sys -> [2009.01.08 20:41:28 | 00,056,576 | ---- | M] (Microsoft Corporation) (symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found (SymEvent) SymEvent [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SYMEVENT.SYS -> [2009.01.21 03:01:47 | 00,110,952 | ---- | M] (Symantec Corporation) (SYMREDRV) SYMREDRV [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\symredrv.sys -> [2007.02.12 17:22:36 | 00,024,720 | ---- | M] (Symantec Corporation) (SYMTDI) SYMTDI [Kernel | System | Running] -> %SystemRoot%\system32\drivers\symtdi.sys -> [2007.02.12 17:22:40 | 00,196,752 | ---- | M] (Symantec Corporation) (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found (sysaudio) Microsoft Kernel System Audio Device [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sysaudio.sys -> [2009.01.08 20:41:28 | 00,060,800 | ---- | M] (Microsoft Corporation) (Tcpip) TCP/IP Protocol Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\tcpip.sys -> [2009.01.08 21:12:08 | 00,361,600 | ---- | M] (Microsoft Corporation) (tcpsr) tcpsr [Kernel | On_Demand | Stopped] -> -> File not found (TDPIPE) TDPIPE [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\tdpipe.sys -> [2008.04.14 05:43:22 | 00,012,040 | ---- | M] (Microsoft Corporation) (TDTCP) TDTCP [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\tdtcp.sys -> [2008.04.14 05:43:22 | 00,021,896 | ---- | M] (Microsoft Corporation) (TermDD) Terminal Device Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\termdd.sys -> [2008.04.14 05:43:22 | 00,040,840 | ---- | M] (Microsoft Corporation) (tifm21) tifm21 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\tifm21.sys -> [2005.06.23 09:16:08 | 00,162,176 | ---- | M] (Texas Instruments) (TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found (Udfs) Udfs [File_System | Disabled | Stopped] -> %SystemRoot%\system32\drivers\udfs.sys -> [2008.04.14 00:02:38 | 00,066,048 | ---- | M] (Microsoft Corporation) (ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found (Update) Microcode Update Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\update.sys -> [2008.04.14 00:09:48 | 00,384,768 | ---- | M] (Microsoft Corporation) (usbccgp) Microsoft USB Generic Parent Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbccgp.sys -> [2008.04.14 00:15:40 | 00,032,128 | ---- | M] (Microsoft Corporation) (usbehci) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbehci.sys -> [2009.01.08 20:13:39 | 00,030,336 | ---- | M] (Microsoft Corporation) (usbhub) USB2 Enabled Hub [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbhub.sys -> [2008.04.14 00:15:38 | 00,059,520 | ---- | M] (Microsoft Corporation) (USBSTOR) USB Mass Storage Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbstor.sys -> [2008.04.14 00:15:40 | 00,026,368 | ---- | M] (Microsoft Corporation) (usbuhci) Microsoft USB Universal Host Controller Miniport Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbuhci.sys -> [2008.04.14 00:15:36 | 00,020,608 | ---- | M] (Microsoft Corporation) (VgaSave) VgaSave [Kernel | System | Running] -> %SystemRoot%\system32\drivers\vga.sys -> [2008.04.14 00:14:42 | 00,020,992 | ---- | M] (Microsoft Corporation) (ViaIde) ViaIde [Kernel | Disabled | Stopped] -> -> File not found (VolSnap) VolSnap [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\volsnap.sys -> [2008.04.14 00:11:02 | 00,052,352 | ---- | M] (Microsoft Corporation) (w29n51) Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\w29n51.sys -> [2008.01.07 14:36:16 | 02,216,064 | ---- | M] (Intel® Corporation) (Wanarp) Remote Access IP ARP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\wanarp.sys -> [2008.04.14 00:27:22 | 00,034,560 | ---- | M] (Microsoft Corporation) (Wdf01000) Wdf01000 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\wdf01000.sys -> [2006.11.02 07:22:54 | 00,492,000 | ---- | M] (Microsoft Corporation) (WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found (wdmaud) Microsoft WINMM WDM Audio Compatibility Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\wdmaud.sys -> [2009.01.08 20:41:28 | 00,083,072 | ---- | M] (Microsoft Corporation) (WmiAcpi) Microsoft Windows Management Interface for ACPI [Kernel | System | Running] -> %SystemRoot%\system32\drivers\wmiacpi.sys -> [2009.01.08 20:41:28 | 00,008,832 | ---- | M] (Microsoft Corporation) (WudfPf) Windows Driver Foundation - User-mode Driver Framework Platform Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\wudfpf.sys -> [2009.01.08 21:08:42 | 00,077,568 | ---- | M] (Microsoft Corporation) (WudfRd) Windows Driver Foundation - User-mode Driver Framework Reflector [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\wudfrd.sys -> [2009.01.08 21:08:43 | 00,082,944 | ---- | M] (Microsoft Corporation) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\"Start Page" -> https://login.yahoo.com/config/mail?.intl=us -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < HOSTS File > (784 bytes and 22 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 127.0.0.1 www.tEenPassage.com 127.0.0.1 localhost 195.245.119.131 browser-security.microsoft.com < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006.10.22 23:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2007.08.24 07:01:22 | 02,212,224 | ---- | M] (Microsoft Corporation) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008.10.15 01:04:34 | 00,039,792 | ---- | M] (Adobe Systems Incorporated) "avast!" -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> [2009.02.05 22:08:45 | 00,081,000 | ---- | M] (ALWIL Software) "ccApp" -> %CommonProgramFiles%\Symantec Shared\ccApp.exe ["C:\Program Files\Common Files\Symantec Shared\ccApp.exe"] -> [2006.11.21 17:38:28 | 00,052,840 | ---- | M] (Symantec Corporation) "GrooveMonitor" -> %ProgramFiles%\Microsoft Office\Office12\GrooveMonitor.exe ["C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"] -> [2007.08.24 07:00:48 | 00,033,648 | ---- | M] (Microsoft Corporation) "igfxhkcmd" -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> [2005.07.19 11:06:12 | 00,098,304 | ---- | M] (Intel Corporation) "igfxpers" -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> [2005.07.19 11:10:06 | 00,135,168 | ---- | M] (Intel Corporation) "igfxtray" -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> [2005.07.19 11:09:26 | 00,114,688 | ---- | M] (Intel Corporation) "OM_Monitor" -> %ProgramFiles%\OLYMPUS\OLYMPUS Master\FirstStart.exe [C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe] -> [2005.11.29 19:19:00 | 00,061,440 | ---- | M] (OLYMPUS IMAGING CORP.) "QlbCtrl.exe" -> \Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start] -> [2008.08.01 16:14:02 | 00,202,032 | ---- | M] () "QuickTime Task" -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2009.01.24 22:37:25 | 00,118,784 | ---- | M] (Apple Computer, Inc.) "SoundMAX" -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4.exe [C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray] -> [2004.08.06 08:27:56 | 00,880,640 | ---- | M] (Analog Devices, Inc.) "SoundMAXPnP" -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4PNP.exe [C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe] -> [2004.10.14 09:11:10 | 01,409,024 | ---- | M] (Analog Devices, Inc.) "SRFirstRun" -> %SystemRoot%\system32\srclient.dll [rundll32 srclient.dll,CreateFirstRunRp] -> [2008.04.14 05:42:08 | 00,067,584 | ---- | M] (Microsoft Corporation) "UserFaultCheck" -> [%systemroot%\system32\dumprep 0 -u] -> File not found "vptray" -> %ProgramFiles%\Symantec AntiVirus\VPTray.exe [C:\PROGRA~1\SYMANT~1\VPTray.exe] -> [2007.03.14 19:49:02 | 00,125,632 | ---- | M] (Symantec Corporation) "WinampAgent" -> %ProgramFiles%\Winamp\winampa.exe [C:\Program Files\Winamp\winampa.exe] -> [2003.12.13 01:50:34 | 00,051,200 | ---- | M] () < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "OM_Monitor" -> %ProgramFiles%\OLYMPUS\OLYMPUS Master\Monitor.exe [C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe] -> [2005.11.29 19:19:00 | 00,077,824 | ---- | M] (OLYMPUS IMAGING CORP.) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Picture Package Menu.lnk -> %ProgramFiles%\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe -> [2003.11.21 21:02:42 | 00,172,032 | ---- | M] (Sony Corporation) %AllUsersProfile%\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk -> %ProgramFiles%\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe -> [2004.07.08 16:13:42 | 00,126,976 | ---- | M] (Sony Corporation.) %AllUsersProfile%\Start Menu\Programs\Startup\web'n'walk Manager.lnk -> %ProgramFiles%\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe -> [2007.10.12 15:59:10 | 00,815,104 | ---- | M] (T-Mobile) < install Startup Folder > -> C:\Documents and Settings\install\Start Menu\Programs\Startup -> %UserProfile%\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk -> %ProgramFiles%\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe -> [2007.01.15 13:23:48 | 00,364,544 | ---- | M] (Sony Corporation) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"undockwithoutlogon" -> [1] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2008.10.18 18:30:22 | 17,931,616 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2007.12.13 02:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2007.12.13 02:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006.10.26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) {e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008.04.14 00:23:34 | 00,575,488 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008.04.14 05:42:30 | 01,712,640 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008.04.14 05:42:30 | 01,712,640 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{2670000A-7350-4f3c-8081-5663EE0C6C49}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Send to OneNote] -> [2007.12.13 02:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation) CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2006.10.26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008.04.14 00:23:34 | 00,575,488 | ---- | M] (Microsoft Corporation) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008.04.14 05:42:30 | 01,712,640 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232505393828 [WUWebControl Class] -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232505730765 [MUWebControl Class] -> {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} [HKLM] -> http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab [GMNRev Class] -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {1B5FDE98-A915-499F-8A02-6BA12FDFCC32} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) -> {8404AE49-A78B-4F91-B6E9-5CDC53839CD9} -> () -> {E9477296-088C-4248-83AB-AC1BC392AD50} -> (Intel(R) PRO/Wireless 2200BG Network Connection) -> {F248790B-A13D-4394-AA90-5BF1AF17A4F4} -> (1394 Net Adapter) -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> %SystemRoot%\system32\igfxdev.dll -> [2005.07.19 11:05:16 | 00,135,168 | ---- | M] (Intel Corporation) NavLogon -> %SystemRoot%\system32\NavLogon.dll -> [2007.03.14 19:49:14 | 00,043,712 | ---- | M] (Symantec Corporation) < IFEO [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ -> explorer.exe -> %ProgramFiles%\Microsoft Common\svchost.exe [Debugger] -> File not found < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2007.08.24 07:01:22 | 02,212,224 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008.04.14 00:23:34 | 00,575,488 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008.04.14 05:42:36 | 00,158,720 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008.04.14 00:23:34 | 00,575,488 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008.04.14 05:42:36 | 00,158,720 | ---- | M] (Microsoft Corporation) "\??\C:\WINDOWS\system32\winlogon.exe" -> C:\WINDOWS\system32\winlogon.exe [\??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1] -> [2008.04.14 05:42:40 | 00,507,904 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove] -> [2007.08.29 00:23:36 | 00,340,856 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote] -> [2008.05.21 05:54:40 | 01,022,496 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2008.05.21 04:37:24 | 12,844,576 | ---- | M] (Microsoft Corporation) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009.01.08 20:06:23 | 00,062,976 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [PATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2009.01.24 22:30:19 | 00,000,050 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{4306ec50-e86a-11dd-ab54-00150024d44d} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4306ec50-e86a-11dd-ab54-00150024d44d}\Shell \{4306ec50-e86a-11dd-ab54-00150024d44d}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4306ec50-e86a-11dd-ab54-00150024d44d}\Shell\AutoRun \{4306ec50-e86a-11dd-ab54-00150024d44d}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4306ec50-e86a-11dd-ab54-00150024d44d}\Shell\AutoRun\command \{4306ec50-e86a-11dd-ab54-00150024d44d}\Shell\AutoRun\command\\"" -> F:\setup.exe [F:\setup.exe AUTORUN=1] -> File not found \{ef225778-e759-11dd-ab50-00150024d44d} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef225778-e759-11dd-ab50-00150024d44d}\Shell\AutoRun\command \{ef225778-e759-11dd-ab50-00150024d44d}\Shell\AutoRun\command\\"" -> F:\spevql.exe [F:\spevql.exe] -> File not found \{ef225778-e759-11dd-ab50-00150024d44d} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef225778-e759-11dd-ab50-00150024d44d}\Shell\explore\Command \{ef225778-e759-11dd-ab50-00150024d44d}\Shell\explore\Command\\"" -> F:\spevql.exe [F:\spevql.exe] -> File not found \{ef225778-e759-11dd-ab50-00150024d44d} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef225778-e759-11dd-ab50-00150024d44d}\Shell\open\Command \{ef225778-e759-11dd-ab50-00150024d44d}\Shell\open\Command\\"" -> F:\spevql.exe [F:\spevql.exe] -> File not found [Registry - Additional Scans - Safe List] < ControlSets > -> HKEY_LOCAL_MACHINE\SYSTEM\Select -> HKEY_LOCAL_MACHINE\SYSTEM\Select \\"Current" -> [2] -> File not found \\"Default" -> [2] -> File not found \\"Failed" -> [0] -> File not found \\"LastKnownGood" -> [1] -> File not found < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .chm [@ = chm.file] -> %SystemRoot%\hh.exe -> [2008.04.14 05:42:22 | 00,028,160 | ---- | M] (Microsoft Corporation) .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .hlp [@ = hlpfile] -> %SystemRoot%\system32\winhlp32.exe -> [2001.08.23 12:00:00 | 00,025,600 | ---- | M] (Microsoft Corporation) .hta [@ = htafile] -> %SystemRoot%\system32\mshta.exe -> [2009.01.08 20:22:02 | 00,062,976 | ---- | M] (Microsoft Corporation) .html [@ = htmlfile] -> %ProgramFiles%\Internet Explorer\IEXPLORE.EXE -> [2008.10.15 07:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) .inf [@ = inffile] -> %SystemRoot%\system32\notepad.exe -> [2008.04.14 05:42:30 | 00,086,528 | ---- | M] (Microsoft Corporation) .ini [@ = inifile] -> %SystemRoot%\system32\notepad.exe -> [2008.04.14 05:42:30 | 00,086,528 | ---- | M] (Microsoft Corporation) .js [@ = JSFile] -> %SystemRoot%\system32\wscript.exe -> [2009.01.08 20:14:30 | 00,176,128 | ---- | M] (Microsoft Corporation) .jse [@ = JSEFile] -> %SystemRoot%\system32\wscript.exe -> [2009.01.08 20:14:30 | 00,176,128 | ---- | M] (Microsoft Corporation) .pif [@ = piffile] -> "%1" %* -> .reg [@ = regfile] -> %SystemRoot%\regedit.exe -> [2008.04.14 05:42:34 | 00,163,840 | ---- | M] (Microsoft Corporation) .scr [@ = scrfile] -> "%1" /S -> .txt [@ = txtfile] -> %SystemRoot%\system32\notepad.exe -> [2008.04.14 05:42:30 | 00,086,528 | ---- | M] (Microsoft Corporation) .vbe [@ = VBEFile] -> %SystemRoot%\system32\wscript.exe -> [2009.01.08 20:14:30 | 00,176,128 | ---- | M] (Microsoft Corporation) .vbs [@ = VBSFile] -> %SystemRoot%\system32\wscript.exe -> [2009.01.08 20:14:30 | 00,176,128 | ---- | M] (Microsoft Corporation) .wsf [@ = WSFFile] -> %SystemRoot%\system32\wscript.exe -> [2009.01.08 20:14:30 | 00,176,128 | ---- | M] (Microsoft Corporation) .wsh [@ = WSHFile] -> %SystemRoot%\system32\wscript.exe -> [2009.01.08 20:14:30 | 00,176,128 | ---- | M] (Microsoft Corporation) < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"FirstRunDisabled" -> [1] -> File not found \\"AntiVirusDisableNotify" -> [0] -> File not found \\"FirewallDisableNotify" -> [1] -> File not found \\"UpdatesDisableNotify" -> [0] -> File not found \\"AntiVirusOverride" -> [0] -> File not found \\"FirewallOverride" -> [1] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus \Monitoring\SymantecAntiVirus\\"DisableMonitoring" -> [1] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> < Tcpip Persistent Routes > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\PersistentRoutes -> [Files/Folders - Created Within 30 Days] 7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2009.02.19 09:55:26 | 00,000,000 | ---D | C] MalwarebytesPortable -> %SystemDrive%\MalwarebytesPortable -> [2009.02.18 11:29:31 | 00,000,000 | ---D | C] VFind -> %UserProfile%\Desktop\VFind -> [2009.02.18 08:41:51 | 00,000,000 | ---D | C] boot.ini.SAB -> %SystemDrive%\boot.ini.SAB -> [2009.02.17 20:18:50 | 00,000,211 | -H-- | C] () Thinstall -> %UserProfile%\Local Settings\Application Data\Thinstall -> [2009.02.17 20:17:32 | 00,000,000 | ---D | C] Thinstall -> %AppData%\Thinstall -> [2009.02.17 20:17:32 | 00,000,000 | ---D | C] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> [2009.02.17 19:58:48 | 00,023,152 | ---- | C] (ALWIL Software) avast! Antivirus.lnk -> %AllUsersProfile%\Desktop\avast! Antivirus.lnk -> [2009.02.17 19:58:48 | 00,001,709 | ---- | C] () aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> [2009.02.17 19:58:47 | 00,051,376 | ---- | C] (ALWIL Software) aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> [2009.02.17 19:58:46 | 00,026,944 | ---- | C] (ALWIL Software) AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> [2009.02.17 19:58:44 | 00,097,480 | ---- | C] (ALWIL Software) aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> [2009.02.17 19:58:43 | 00,114,768 | ---- | C] (ALWIL Software) aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> [2009.02.17 19:58:43 | 00,094,032 | ---- | C] (ALWIL Software) aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> [2009.02.17 19:58:43 | 00,093,296 | ---- | C] (ALWIL Software) aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> [2009.02.17 19:58:43 | 00,020,560 | ---- | C] (ALWIL Software) aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> [2009.02.17 19:58:01 | 01,256,296 | ---- | C] (ALWIL Software) actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [2009.02.17 19:58:01 | 00,380,928 | ---- | C] () Alwil Software -> %ProgramFiles%\Alwil Software -> [2009.02.17 19:57:40 | 00,000,000 | ---D | C] Prefetch -> %SystemRoot%\Prefetch -> [2009.02.17 18:57:38 | 00,000,000 | ---D | C] msfeeds.dll -> %SystemRoot%\System32\dllcache\msfeeds.dll -> [2009.02.17 18:53:24 | 00,459,264 | ---- | C] (Microsoft Corporation) iertutil.dll -> %SystemRoot%\System32\dllcache\iertutil.dll -> [2009.02.17 18:53:24 | 00,267,776 | ---- | C] (Microsoft Corporation) msrating.dll -> %SystemRoot%\System32\dllcache\msrating.dll -> [2009.02.17 18:53:24 | 00,193,024 | ---- | C] (Microsoft Corporation) url.dll -> %SystemRoot%\System32\dllcache\url.dll -> [2009.02.17 18:53:24 | 00,105,984 | ---- | C] (Microsoft Corporation) occache.dll -> %SystemRoot%\System32\dllcache\occache.dll -> [2009.02.17 18:53:24 | 00,102,912 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> %SystemRoot%\System32\dllcache\msfeedsbs.dll -> [2009.02.17 18:53:24 | 00,052,224 | ---- | C] (Microsoft Corporation) pngfilt.dll -> %SystemRoot%\System32\dllcache\pngfilt.dll -> [2009.02.17 18:53:24 | 00,044,544 | ---- | C] (Microsoft Corporation) iernonce.dll -> %SystemRoot%\System32\dllcache\iernonce.dll -> [2009.02.17 18:53:24 | 00,044,544 | ---- | C] (Microsoft Corporation) jsproxy.dll -> %SystemRoot%\System32\dllcache\jsproxy.dll -> [2009.02.17 18:53:24 | 00,027,648 | ---- | C] (Microsoft Corporation) mshtmled.dll -> %SystemRoot%\System32\dllcache\mshtmled.dll -> [2009.02.17 18:53:23 | 00,477,696 | ---- | C] (Microsoft Corporation) ieapfltr.dll -> %SystemRoot%\System32\dllcache\ieapfltr.dll -> [2009.02.17 18:53:23 | 00,383,488 | ---- | C] (Microsoft Corporation) webcheck.dll -> %SystemRoot%\System32\dllcache\webcheck.dll -> [2009.02.17 18:53:23 | 00,233,472 | ---- | C] (Microsoft Corporation) ieaksie.dll -> %SystemRoot%\System32\dllcache\ieaksie.dll -> [2009.02.17 18:53:23 | 00,230,400 | ---- | C] (Microsoft Corporation) ieakeng.dll -> %SystemRoot%\System32\dllcache\ieakeng.dll -> [2009.02.17 18:53:23 | 00,153,088 | ---- | C] (Microsoft Corporation) advpack.dll -> %SystemRoot%\System32\dllcache\advpack.dll -> [2009.02.17 18:53:23 | 00,124,928 | ---- | C] (Microsoft Corporation) ie4uinit.exe -> %SystemRoot%\System32\dllcache\ie4uinit.exe -> [2009.02.17 18:53:23 | 00,088,064 | ---- | C] (Microsoft Corporation) icardie.dll -> %SystemRoot%\System32\dllcache\icardie.dll -> [2009.02.17 18:53:23 | 00,063,488 | ---- | C] (Microsoft Corporation) ieudinit.exe -> %SystemRoot%\System32\dllcache\ieudinit.exe -> [2009.02.17 18:53:23 | 00,031,232 | ---- | C] (Microsoft Corporation) ieapfltr.dat -> %SystemRoot%\System32\dllcache\ieapfltr.dat -> [2009.02.17 18:53:22 | 02,455,488 | ---- | C] (Microsoft Corporation) ieframe.dll.mui -> %SystemRoot%\System32\dllcache\ieframe.dll.mui -> [2009.02.17 18:53:22 | 00,991,232 | ---- | C] (Microsoft Corporation) wininet.dll -> %SystemRoot%\System32\dllcache\wininet.dll -> [2009.02.17 18:53:22 | 00,826,368 | ---- | C] (Microsoft Corporation) mstime.dll -> %SystemRoot%\System32\dllcache\mstime.dll -> [2009.02.17 18:53:22 | 00,671,232 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> %SystemRoot%\System32\dllcache\iedkcs32.dll -> [2009.02.17 18:53:22 | 00,384,512 | ---- | C] (Microsoft Corporation) dxtmsft.dll -> %SystemRoot%\System32\dllcache\dxtmsft.dll -> [2009.02.17 18:53:22 | 00,347,136 | ---- | C] (Microsoft Corporation) dxtrans.dll -> %SystemRoot%\System32\dllcache\dxtrans.dll -> [2009.02.17 18:53:22 | 00,214,528 | ---- | C] (Microsoft Corporation) ieakui.dll -> %SystemRoot%\System32\dllcache\ieakui.dll -> [2009.02.17 18:53:22 | 00,161,792 | ---- | C] (Microsoft Corporation) extmgr.dll -> %SystemRoot%\System32\dllcache\extmgr.dll -> [2009.02.17 18:53:22 | 00,133,120 | ---- | C] (Microsoft Corporation) inetcpl.cpl -> %SystemRoot%\System32\dllcache\inetcpl.cpl -> [2009.02.17 18:53:21 | 01,831,424 | ---- | C] (Microsoft Corporation) urlmon.dll -> %SystemRoot%\System32\dllcache\urlmon.dll -> [2009.02.17 18:53:21 | 01,160,192 | ---- | C] (Microsoft Corporation) ieframe.dll -> %SystemRoot%\System32\dllcache\ieframe.dll -> [2009.02.17 18:53:20 | 06,066,176 | ---- | C] (Microsoft Corporation) iexplore.exe -> %SystemRoot%\System32\dllcache\iexplore.exe -> [2009.02.17 18:53:20 | 00,633,632 | ---- | C] (Microsoft Corporation) vgx.dll -> %SystemRoot%\System32\dllcache\vgx.dll -> [2009.02.17 18:53:01 | 00,765,952 | ---- | C] (Microsoft Corporation) mshtml.dll -> %SystemRoot%\System32\dllcache\mshtml.dll -> [2009.02.17 18:52:46 | 03,593,216 | ---- | C] (Microsoft Corporation) dllcache -> %SystemRoot%\System32\dllcache -> [2009.02.17 18:52:01 | 00,000,000 | ---D | C] logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [2009.02.17 18:50:12 | 00,000,488 | RH-- | C] () wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | C] () WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | C] () sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | C] () nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | C] () ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | C] () c_852.nls -> %SystemRoot%\System32\c_852.nls -> [2009.02.17 18:32:28 | 00,066,594 | ---- | C] () irclass.dll -> %SystemRoot%\System32\irclass.dll -> [2009.02.17 18:32:19 | 00,013,312 | ---- | C] (Microsoft Corporation) spxcoins.dll -> %SystemRoot%\System32\spxcoins.dll -> [2009.02.17 18:32:18 | 00,024,661 | ---- | C] (Perle Systems Ltd.) secupdat.dat -> %SystemRoot%\System32\secupdat.dat -> [2009.02.06 14:07:10 | 00,066,560 | -H-- | C] () ijrup.exe -> %UserProfile%\ijrup.exe -> [2009.02.06 14:07:10 | 00,032,768 | -H-- | C] () ndisio.sys -> %SystemRoot%\System32\drivers\ndisio.sys -> [2009.02.06 14:07:07 | 00,053,248 | ---- | C] () services.exe -> %SystemRoot%\services.exe -> [2009.02.06 14:06:32 | 00,040,961 | ---- | C] () iehelper.dll -> %SystemRoot%\System32\iehelper.dll -> [2009.02.06 13:59:21 | 00,009,216 | ---- | C] () sysguard.exe -> %SystemRoot%\sysguard.exe -> [2009.02.06 13:53:34 | 00,398,340 | ---- | C] () TDSSserv.sys -> %SystemRoot%\System32\drivers\TDSSserv.sys -> [2009.02.06 13:53:03 | 00,051,712 | ---- | C] (Microsoft Corporation) Microsoft Common -> %ProgramFiles%\Microsoft Common -> [2009.02.06 13:52:05 | 00,000,000 | ---D | C] MSXML 4.0 -> %ProgramFiles%\MSXML 4.0 -> [2009.02.05 18:31:35 | 00,000,000 | ---D | C] Adobe Reader 8.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 8.lnk -> [2009.02.04 14:32:16 | 00,001,729 | ---- | C] () Adobe -> %ProgramFiles%\Adobe -> [2009.02.04 14:31:39 | 00,000,000 | ---D | C] Core stability.zip -> %UserProfile%\Desktop\Core stability.zip -> [2009.02.03 21:59:54 | 00,285,898 | ---- | C] () Meets -> %UserProfile%\Desktop\Meets -> [2009.02.02 15:32:54 | 00,000,000 | ---D | C] trening.docx -> %UserProfile%\Desktop\trening.docx -> [2009.02.01 23:46:04 | 00,011,394 | ---- | C] () Shortcut to SUPER.lnk -> %UserProfile%\Desktop\Shortcut to SUPER.lnk -> [2009.02.01 13:21:58 | 00,000,536 | ---- | C] () Shortcut to FREESTYLER09.lnk -> %UserProfile%\Desktop\Shortcut to FREESTYLER09.lnk -> [2009.01.31 12:21:01 | 00,000,389 | ---- | C] () -62090957 -> %SystemDrive%\-62090957 -> [2009.01.26 23:36:39 | 00,000,002 | ---- | C] () WTS.xls -> %UserProfile%\Desktop\WTS.xls -> [2009.01.25 00:35:27 | 00,024,576 | ---- | C] () OLYMPUS Master.lnk -> %AllUsersProfile%\Desktop\OLYMPUS Master.lnk -> [2009.01.24 23:28:52 | 00,000,774 | ---- | C] () OLYMPUS -> %ProgramFiles%\OLYMPUS -> [2009.01.24 23:28:04 | 00,000,000 | ---D | C] Pvmjpg21.dll -> %SystemRoot%\System32\Pvmjpg21.dll -> [2009.01.24 23:27:37 | 00,319,488 | ---- | C] (Pegasus Imaging Corporation) ImageMixer VCD DVD2 for OLYMPUS 2.0.lnk -> %AllUsersProfile%\Desktop\ImageMixer VCD DVD2 for OLYMPUS 2.0.lnk -> [2009.01.24 23:27:35 | 00,001,707 | ---- | C] () Media Player Classic -> %AppData%\Media Player Classic -> [2009.01.24 23:17:59 | 00,000,000 | ---D | C] pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> [2009.01.24 23:00:59 | 00,278,528 | ---- | C] (Real Networks, Inc) unrar.dll -> %SystemRoot%\System32\unrar.dll -> [2009.01.24 23:00:57 | 00,157,696 | ---- | C] () mplva6.dll -> %SystemRoot%\System32\mplva6.dll -> [2009.01.24 23:00:56 | 01,650,688 | ---- | C] (Ligos Corporation) mplvw7.dll -> %SystemRoot%\System32\mplvw7.dll -> [2009.01.24 23:00:56 | 01,581,056 | ---- | C] (Ligos Corporation) mplvm6.dll -> %SystemRoot%\System32\mplvm6.dll -> [2009.01.24 23:00:56 | 01,552,384 | ---- | C] (Ligos Corporation) mplvpx.dll -> %SystemRoot%\System32\mplvpx.dll -> [2009.01.24 23:00:56 | 01,122,304 | ---- | C] (Ligos Corporation) vp31vfw.dll -> %SystemRoot%\System32\vp31vfw.dll -> [2009.01.24 23:00:54 | 00,446,464 | ---- | C] (On2.com) msmpeg4.dll -> %SystemRoot%\System32\msmpeg4.dll -> [2009.01.24 23:00:54 | 00,413,760 | ---- | C] (Microsoft Corporation) DivXc32f.dll -> %SystemRoot%\System32\DivXc32f.dll -> [2009.01.24 23:00:54 | 00,413,760 | ---- | C] (Hacked with Joy !) DivXc32.dll -> %SystemRoot%\System32\DivXc32.dll -> [2009.01.24 23:00:54 | 00,413,760 | ---- | C] (Hacked with Joy !) mp3fhg.acm -> %SystemRoot%\System32\mp3fhg.acm -> [2009.01.24 23:00:54 | 00,360,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) ac3acm.acm -> %SystemRoot%\System32\ac3acm.acm -> [2009.01.24 23:00:54 | 00,118,784 | ---- | C] (fccHandler) WMV9VCM.dll -> %SystemRoot%\System32\WMV9VCM.dll -> [2009.01.24 23:00:53 | 01,415,680 | ---- | C] (Microsoft Corporation) 3ivx.dll -> %SystemRoot%\System32\3ivx.dll -> [2009.01.24 23:00:53 | 01,024,000 | ---- | C] (3ivx.com) vp7vfw.dll -> %SystemRoot%\System32\vp7vfw.dll -> [2009.01.24 23:00:53 | 00,630,784 | ---- | C] (On2.com) x264vfw.dll -> %SystemRoot%\System32\x264vfw.dll -> [2009.01.24 23:00:53 | 00,457,234 | ---- | C] () vp6vfw.dll -> %SystemRoot%\System32\vp6vfw.dll -> [2009.01.24 23:00:53 | 00,438,272 | ---- | C] (On2.com) 3ivxVfWCodec.dll -> %SystemRoot%\System32\3ivxVfWCodec.dll -> [2009.01.24 23:00:53 | 00,286,720 | ---- | C] (3ivx.com) qt-dx331.dll -> %SystemRoot%\System32\qt-dx331.dll -> [2009.01.24 23:00:52 | 03,596,288 | ---- | C] () libdivx.dll -> %SystemRoot%\System32\libdivx.dll -> [2009.01.24 23:00:52 | 01,044,480 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) xvidcore.dll -> %SystemRoot%\System32\xvidcore.dll -> [2009.01.24 23:00:52 | 00,761,856 | ---- | C] () dpuGUI11.dll -> %SystemRoot%\System32\dpuGUI11.dll -> [2009.01.24 23:00:52 | 00,593,920 | ---- | C] (DivXNetworks) dpus11.dll -> %SystemRoot%\System32\dpus11.dll -> [2009.01.24 23:00:52 | 00,339,968 | ---- | C] (DivXNetworks) dpu11.dll -> %SystemRoot%\System32\dpu11.dll -> [2009.01.24 23:00:52 | 00,294,912 | ---- | C] (DivXNetworks) ssldivx.dll -> %SystemRoot%\System32\ssldivx.dll -> [2009.01.24 23:00:52 | 00,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) dtu100.dll -> %SystemRoot%\System32\dtu100.dll -> [2009.01.24 23:00:52 | 00,200,704 | ---- | C] (DivXNetworks) xvidvfw.dll -> %SystemRoot%\System32\xvidvfw.dll -> [2009.01.24 23:00:52 | 00,180,224 | ---- | C] () dpl100.dll -> %SystemRoot%\System32\dpl100.dll -> [2009.01.24 23:00:52 | 00,086,016 | ---- | C] (DivXNetworks) dpv11.dll -> %SystemRoot%\System32\dpv11.dll -> [2009.01.24 23:00:52 | 00,057,344 | ---- | C] (DivXNetworks) divx.dll -> %SystemRoot%\System32\divx.dll -> [2009.01.24 23:00:50 | 00,574,976 | ---- | C] (DivX, Inc.) ff_vfw.dll -> %SystemRoot%\System32\ff_vfw.dll -> [2009.01.24 23:00:49 | 00,006,144 | ---- | C] () msvcr70.dll -> %SystemRoot%\System32\msvcr70.dll -> [2009.01.24 23:00:46 | 00,344,064 | ---- | C] (Microsoft Corporation) unicows.dll -> %SystemRoot%\System32\unicows.dll -> [2009.01.24 23:00:46 | 00,245,408 | ---- | C] (Microsoft Corporation) cpuinf32.dll -> %SystemRoot%\System32\cpuinf32.dll -> [2009.01.24 23:00:46 | 00,019,968 | ---- | C] () Real -> %AppData%\Real -> [2009.01.24 23:00:42 | 00,000,000 | ---D | C] Real -> %AllUsersProfile%\Application Data\Real -> [2009.01.24 23:00:42 | 00,000,000 | ---D | C] K-Lite Codec Pack -> %ProgramFiles%\K-Lite Codec Pack -> [2009.01.24 23:00:42 | 00,000,000 | ---D | C] Sony Corporation -> %AppData%\Sony Corporation -> [2009.01.24 22:52:46 | 00,000,000 | ---D | C] Product Registration.url -> %AllUsersProfile%\Desktop\Product Registration.url -> [2009.01.24 22:51:45 | 00,000,165 | ---- | C] () Picture Motion Browser Media Check Tool.lnk -> %UserProfile%\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk -> [2009.01.24 22:50:45 | 00,001,983 | ---- | C] () HDD Handycam Utility.lnk -> %AllUsersProfile%\Desktop\HDD Handycam Utility.lnk -> [2009.01.24 22:49:58 | 00,001,913 | ---- | C] () Picture Motion Browser.lnk -> %AllUsersProfile%\Desktop\Picture Motion Browser.lnk -> [2009.01.24 22:46:43 | 00,001,683 | ---- | C] () Sony -> %ProgramFiles%\Sony -> [2009.01.24 22:46:42 | 00,000,000 | ---D | C] Sony Corporation -> %AllUsersProfile%\Application Data\Sony Corporation -> [2009.01.24 22:45:49 | 00,000,000 | ---D | C] Winamp.lnk -> %UserProfile%\Desktop\Winamp.lnk -> [2009.01.24 22:40:27 | 00,000,654 | ---- | C] () winamp.ini -> %SystemRoot%\winamp.ini -> [2009.01.24 22:40:06 | 00,000,192 | ---- | C] () Winamp -> %ProgramFiles%\Winamp -> [2009.01.24 22:40:06 | 00,000,000 | ---D | C] unvise32qt.exe -> %SystemRoot%\unvise32qt.exe -> [2009.01.24 22:37:21 | 00,106,496 | ---- | C] (MindVision) QuickTime Player.lnk -> %AllUsersProfile%\Desktop\QuickTime Player.lnk -> [2009.01.24 22:36:46 | 00,000,724 | ---- | C] () QuickTime -> %SystemRoot%\System32\QuickTime -> [2009.01.24 22:36:36 | 00,000,000 | ---D | C] QuickTime -> %ProgramFiles%\QuickTime -> [2009.01.24 22:36:35 | 00,000,000 | ---D | C] QuickTime -> %AllUsersProfile%\Application Data\QuickTime -> [2009.01.24 22:36:14 | 00,000,000 | ---D | C] First Step Guide.lnk -> %AllUsersProfile%\Desktop\First Step Guide.lnk -> [2009.01.24 22:28:21 | 00,001,877 | ---- | C] () Sony Product Registration.url -> %AllUsersProfile%\Desktop\Sony Product Registration.url -> [2009.01.24 22:27:04 | 00,000,210 | ---- | C] () Picture Package Menu.lnk -> %AllUsersProfile%\Desktop\Picture Package Menu.lnk -> [2009.01.24 22:27:02 | 00,000,893 | ---- | C] () Picture Package destination folder.lnk -> %AllUsersProfile%\Desktop\Picture Package destination folder.lnk -> [2009.01.24 22:27:02 | 00,000,887 | ---- | C] () Picture Package Menu.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Picture Package Menu.lnk -> [2009.01.24 22:27:02 | 00,000,763 | ---- | C] () LTOCX12n.INF -> %SystemRoot%\System32\LTOCX12n.INF -> [2009.01.24 22:27:00 | 00,001,458 | ---- | C] () Picture Package VCD Maker.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk -> [2009.01.24 22:26:55 | 00,000,813 | ---- | C] () VB5DB.DLL -> %SystemRoot%\System32\VB5DB.DLL -> [2009.01.24 22:26:50 | 00,089,360 | ---- | C] (Microsoft Corporation) muvee Technologies -> %CommonProgramFiles%\muvee Technologies -> [2009.01.24 22:26:37 | 00,000,000 | ---D | C] CDRBSDRV.SYS -> %SystemRoot%\System32\drivers\CDRBSDRV.SYS -> [2009.01.24 22:26:32 | 00,013,567 | ---- | C] (B.H.A Corporation) Sony Corporation -> %ProgramFiles%\Sony Corporation -> [2009.01.24 22:26:32 | 00,000,000 | ---D | C] Nero -> %AppData%\Nero -> [2009.01.24 17:39:18 | 00,000,000 | ---D | C] Windows Sidebar -> %ProgramFiles%\Windows Sidebar -> [2009.01.24 17:17:15 | 00,000,000 | ---D | C] Nero StartSmart.lnk -> %AllUsersProfile%\Desktop\Nero StartSmart.lnk -> [2009.01.24 17:09:12 | 00,002,369 | ---- | C] () Nero -> %ProgramFiles%\Nero -> [2009.01.24 17:00:16 | 00,000,000 | ---D | C] Nero -> %AllUsersProfile%\Application Data\Nero -> [2009.01.24 16:59:36 | 00,000,000 | ---D | C] Nero -> %CommonProgramFiles%\Nero -> [2009.01.24 16:59:32 | 00,000,000 | ---D | C] directx -> %ProgramFiles%\directx -> [2009.01.24 14:11:26 | 00,000,000 | ---D | C] PIXELA ImageMixer Ver.1.0 for Sony.lnk -> %AllUsersProfile%\Desktop\PIXELA ImageMixer Ver.1.0 for Sony.lnk -> [2009.01.24 14:10:52 | 00,001,673 | ---- | C] () PIXELA -> %ProgramFiles%\PIXELA -> [2009.01.24 14:07:54 | 00,000,000 | ---D | C] Sonyhcp.dll -> %SystemRoot%\System32\drivers\Sonyhcp.dll -> [2009.01.24 14:06:36 | 00,003,654 | ---- | C] () Drivers -> %SystemDrive%\Drivers -> [2009.01.24 14:06:35 | 00,000,000 | ---D | C] Dartfish -> %AppData%\Dartfish -> [2009.01.23 10:18:55 | 00,000,000 | ---D | C] Dartfish -> %UserProfile%\Local Settings\Application Data\Dartfish -> [2009.01.23 10:12:45 | 00,000,000 | ---D | C] My Videos -> %UserProfile%\My Documents\My Videos -> [2009.01.22 22:41:32 | 00,000,000 | R--D | C] MOTA113.exe -> %SystemRoot%\MOTA113.exe -> [2009.01.22 17:22:28 | 00,087,552 | ---- | C] () meta4.exe -> %SystemRoot%\meta4.exe -> [2009.01.22 17:22:27 | 00,217,073 | ---- | C] () x2.64.exe -> %SystemRoot%\x2.64.exe -> [2009.01.22 17:22:26 | 00,523,776 | ---- | C] () yv12vfw.dll -> %SystemRoot%\System32\yv12vfw.dll -> [2009.01.22 17:22:25 | 00,070,656 | ---- | C] (www.helixcommunity.org) i420vfw.dll -> %SystemRoot%\System32\i420vfw.dll -> [2009.01.22 17:22:25 | 00,070,656 | ---- | C] (www.helixcommunity.org) AVSredirect.dll -> %SystemRoot%\System32\AVSredirect.dll -> [2009.01.22 17:22:25 | 00,027,648 | ---- | C] () x.264.exe -> %SystemRoot%\System32\x.264.exe -> [2009.01.22 17:22:24 | 00,261,120 | ---- | C] () avisynth.dll -> %SystemRoot%\System32\avisynth.dll -> [2009.01.22 17:22:23 | 00,306,688 | ---- | C] (The Public) devil.dll -> %SystemRoot%\System32\devil.dll -> [2009.01.22 17:22:22 | 00,719,872 | ---- | C] (Abysmal Software) Smab.dll -> %SystemRoot%\System32\Smab.dll -> [2009.01.22 17:22:21 | 00,471,552 | ---- | C] () AviSynth 2.5 -> %ProgramFiles%\AviSynth 2.5 -> [2009.01.22 17:22:20 | 00,000,000 | ---D | C] Dartfish Connect.lnk -> %AllUsersProfile%\Desktop\Dartfish Connect.lnk -> [2009.01.22 13:09:17 | 00,001,834 | ---- | C] () Dartfish -> %AllUsersProfile%\Application Data\Dartfish -> [2009.01.22 13:08:58 | 00,000,000 | ---D | C] Dartfish -> %ProgramFiles%\Dartfish -> [2009.01.22 13:07:19 | 00,000,000 | ---D | C] kdna4c6.tgz -> %SystemRoot%\System32\kdna4c6.tgz -> [2009.01.22 13:06:59 | 00,001,024 | ---- | C] () Dartfish v4.5.2.0 -> %UserProfile%\Desktop\Dartfish v4.5.2.0 -> [2009.01.22 12:54:38 | 00,000,000 | ---D | C] SUPER -> %UserProfile%\Desktop\SUPER -> [2009.01.22 12:52:47 | 00,000,000 | ---D | C] Adobe -> %AppData%\Adobe -> [2009.01.22 11:56:37 | 00,000,000 | ---D | C] web'n'walk Manager.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\web'n'walk Manager.lnk -> [2009.01.22 11:06:59 | 00,000,943 | ---- | C] () web'n'walk Manager.lnk -> %AllUsersProfile%\Desktop\web'n'walk Manager.lnk -> [2009.01.22 11:06:59 | 00,000,913 | ---- | C] () T-Mobile -> %ProgramFiles%\T-Mobile -> [2009.01.22 11:06:58 | 00,000,000 | ---D | C] Microsoft Silverlight -> %ProgramFiles%\Microsoft Silverlight -> [2009.01.21 04:56:29 | 00,000,000 | ---D | C] URTTEMP -> %SystemRoot%\System32\URTTEMP -> [2009.01.21 04:52:57 | 00,000,000 | ---D | C] ie7updates -> %SystemRoot%\ie7updates -> [2009.01.21 04:15:56 | 00,000,000 | ---D | C] WBEM -> %SystemRoot%\WBEM -> [2009.01.21 04:15:18 | 00,000,000 | ---D | C] ie7 -> %SystemRoot%\ie7 -> [2009.01.21 04:13:46 | 00,000,000 | -H-D | C] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [2009.01.21 04:13:30 | 00,000,000 | -H-D | C] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [2009.01.21 04:13:10 | 00,000,000 | -H-D | C] MRT.exe -> %SystemRoot%\System32\MRT.exe -> [2009.01.21 04:11:30 | 20,853,704 | ---- | C] (Microsoft Corporation) spmsg.dll -> %SystemRoot%\System32\spmsg.dll -> [2009.01.21 04:10:04 | 00,017,272 | ---- | C] (Microsoft Corporation) Windows Media Connect 2 -> %ProgramFiles%\Windows Media Connect 2 -> [2009.01.21 04:09:37 | 00,000,000 | ---D | C] MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [2009.01.21 04:07:51 | 00,000,000 | -H-- | C] () UMDF -> %SystemRoot%\System32\drivers\UMDF -> [2009.01.21 04:07:47 | 00,000,000 | ---D | C] LogFiles -> %SystemRoot%\System32\LogFiles -> [2009.01.21 04:07:47 | 00,000,000 | ---D | C] Microsoft CAPICOM 2.1.0.2 -> %ProgramFiles%\Microsoft CAPICOM 2.1.0.2 -> [2009.01.21 04:05:52 | 00,000,000 | ---D | C] Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [2009.01.21 03:52:02 | 00,000,000 | ---D | C] PreInstall -> %SystemRoot%\System32\PreInstall -> [2009.01.21 03:48:29 | 00,000,000 | ---D | C] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [2009.01.21 03:48:27 | 00,000,000 | -H-D | C] SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [2009.01.21 03:37:51 | 00,000,000 | ---D | C] UserData -> %UserProfile%\UserData -> [2009.01.21 03:36:22 | 00,000,000 | -HSD | C] vpc32.INI -> %SystemRoot%\vpc32.INI -> [2009.01.21 03:12:42 | 00,000,000 | ---- | C] () Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [2009.01.21 03:11:29 | 00,000,000 | ---D | C] Adobe -> %AllUsersProfile%\Application Data\Adobe -> [2009.01.21 03:10:53 | 00,000,000 | ---D | C] Adobe -> %CommonProgramFiles%\Adobe -> [2009.01.21 03:10:43 | 00,000,000 | ---D | C] Symantec -> %UserProfile%\Local Settings\Application Data\Symantec -> [2009.01.21 03:02:37 | 00,000,000 | ---D | C] SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> [2009.01.21 03:01:40 | 00,110,952 | ---- | C] (Symantec Corporation) S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> [2009.01.21 03:01:40 | 00,048,768 | ---- | C] (Symantec Corporation) SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [2009.01.21 03:01:40 | 00,008,014 | ---- | C] () SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [2009.01.21 03:01:40 | 00,000,805 | ---- | C] () capicom.dll -> %SystemRoot%\System32\capicom.dll -> [2009.01.21 03:01:26 | 00,466,944 | ---- | C] (Microsoft Corporation) Symantec -> %ProgramFiles%\Symantec -> [2009.01.21 03:01:25 | 00,000,000 | ---D | C] Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [2009.01.21 03:01:15 | 00,000,000 | ---D | C] Symantec AntiVirus -> %ProgramFiles%\Symantec AntiVirus -> [2009.01.21 03:01:15 | 00,000,000 | ---D | C] Symantec -> %AllUsersProfile%\Application Data\Symantec -> [2009.01.21 03:01:15 | 00,000,000 | ---D | C] msonpmon.dll -> %SystemRoot%\System32\msonpmon.dll -> [2009.01.21 02:50:01 | 00,032,592 | ---- | C] (Microsoft Corporation) Microsoft Works -> %ProgramFiles%\Microsoft Works -> [2009.01.21 02:49:00 | 00,000,000 | ---D | C] MSBuild -> %ProgramFiles%\MSBuild -> [2009.01.21 02:48:47 | 00,000,000 | ---D | C] Microsoft Visual Studio -> %ProgramFiles%\Microsoft Visual Studio -> [2009.01.21 02:48:17 | 00,000,000 | ---D | C] DESIGNER -> %CommonProgramFiles%\DESIGNER -> [2009.01.21 02:48:17 | 00,000,000 | ---D | C] Microsoft.NET -> %ProgramFiles%\Microsoft.NET -> [2009.01.21 02:47:10 | 00,000,000 | ---D | C] Microsoft Visual Studio 8 -> %ProgramFiles%\Microsoft Visual Studio 8 -> [2009.01.21 02:44:36 | 00,000,000 | ---D | C] ShellNew -> %SystemRoot%\ShellNew -> [2009.01.21 02:43:20 | 00,000,000 | -H-D | C] Microsoft Help -> %UserProfile%\Local Settings\Application Data\Microsoft Help -> [2009.01.21 02:41:56 | 00,000,000 | ---D | C] Microsoft Office -> %ProgramFiles%\Microsoft Office -> [2009.01.21 02:41:15 | 00,000,000 | ---D | C] Microsoft Help -> %AllUsersProfile%\Application Data\Microsoft Help -> [2009.01.21 02:41:08 | 00,000,000 | ---D | C] MSOCache -> %SystemDrive%\MSOCache -> [2009.01.21 02:39:42 | 00,000,000 | RH-D | C] driveri -> %UserProfile%\Desktop\driveri -> [2009.01.21 02:39:12 | 00,000,000 | ---D | C] RECYCLER -> %SystemDrive%\RECYCLER -> [2009.01.21 02:37:52 | 00,000,000 | -HSD | C] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009.01.21 02:31:50 | 00,128,000 | ---- | C] () GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009.01.21 02:24:13 | 00,068,456 | ---- | C] () PC Drivers HeadQuarters -> %AllUsersProfile%\Application Data\PC Drivers HeadQuarters -> [2009.01.21 02:22:14 | 00,000,000 | ---D | C] Downloaded Installations -> %UserProfile%\Local Settings\Application Data\Downloaded Installations -> [2009.01.21 02:21:25 | 00,000,000 | ---D | C] assembly -> %SystemRoot%\assembly -> [2009.01.21 02:19:31 | 00,000,000 | R-SD | C] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [2009.01.21 02:19:08 | 00,000,000 | ---D | C] pid.PNF -> %SystemRoot%\System32\pid.PNF -> [2009.01.21 02:18:42 | 00,004,444 | ---- | C] () audstub.sys -> %SystemRoot%\System32\drivers\audstub.sys -> [2009.01.21 02:17:28 | 00,003,072 | ---- | C] (Microsoft Corporation) redbook.sys -> %SystemRoot%\System32\drivers\redbook.sys -> [2009.01.21 02:17:03 | 00,057,600 | ---- | C] (Microsoft Corporation) enum1394.sys -> %SystemRoot%\System32\drivers\enum1394.sys -> [2009.01.21 02:16:22 | 00,006,400 | ---- | C] (Microsoft Corporation) imsins.BAK -> %SystemRoot%\imsins.BAK -> [2009.01.21 02:14:53 | 00,001,374 | ---- | C] () PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009.01.21 02:14:50 | 00,481,352 | ---- | C] () Installer -> %SystemRoot%\Installer -> [2009.01.21 02:14:50 | 00,000,000 | -HSD | C] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [2009.01.21 02:14:49 | 00,004,161 | ---- | C] () ODBC -> %CommonProgramFiles%\ODBC -> [2009.01.21 02:14:49 | 00,000,000 | ---D | C] SpeechEngines -> %CommonProgramFiles%\SpeechEngines -> [2009.01.21 02:14:45 | 00,000,000 | ---D | C] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [2009.01.21 02:14:45 | 00,000,000 | ---D | C] Program Files -> %ProgramFiles% -> [2009.01.21 02:14:44 | 00,000,000 | R--D | C] Common Files -> %CommonProgramFiles% -> [2009.01.21 02:14:44 | 00,000,000 | ---D | C] c_28603.nls -> %SystemRoot%\System32\c_28603.nls -> [2009.01.21 02:14:43 | 00,066,082 | ---- | C] () c_28599.nls -> %SystemRoot%\System32\c_28599.nls -> [2009.01.21 02:14:41 | 00,066,082 | ---- | C] () C_28595.NLS -> %SystemRoot%\System32\C_28595.NLS -> [2009.01.21 02:14:39 | 00,066,082 | ---- | C] () C_28597.NLS -> %SystemRoot%\System32\C_28597.NLS -> [2009.01.21 02:14:37 | 00,066,082 | ---- | C] () C_28594.NLS -> %SystemRoot%\System32\C_28594.NLS -> [2009.01.21 02:14:36 | 00,066,082 | ---- | C] () c_20127.nls -> %SystemRoot%\System32\c_20127.nls -> [2009.01.21 02:14:32 | 00,066,082 | ---- | C] () WFWNET.DRV -> %SystemRoot%\System\WFWNET.DRV -> [2009.01.21 02:14:31 | 00,013,600 | ---- | C] (Microsoft Corporation) TIMER.DRV -> %SystemRoot%\System\TIMER.DRV -> [2009.01.21 02:14:31 | 00,004,048 | ---- | C] (Microsoft Corporation) SYSTEM.DRV -> %SystemRoot%\System\SYSTEM.DRV -> [2009.01.21 02:14:31 | 00,003,360 | ---- | C] (Microsoft Corporation) VGA.DRV -> %SystemRoot%\System\VGA.DRV -> [2009.01.21 02:14:31 | 00,002,176 | ---- | C] (Microsoft Corporation) SOUND.DRV -> %SystemRoot%\System\SOUND.DRV -> [2009.01.21 02:14:31 | 00,001,744 | ---- | C] (Microsoft Corporation) MOUSE.DRV -> %SystemRoot%\System\MOUSE.DRV -> [2009.01.21 02:14:30 | 00,002,032 | ---- | C] (Microsoft Corporation) KEYBOARD.DRV -> %SystemRoot%\System\KEYBOARD.DRV -> [2009.01.21 02:14:30 | 00,002,000 | ---- | C] (Microsoft Corporation) AVICAP.DLL -> %SystemRoot%\System\AVICAP.DLL -> [2009.01.21 02:14:29 | 00,069,584 | ---- | C] (Microsoft Corporation) irenum.sys -> %SystemRoot%\System32\drivers\irenum.sys -> [2009.01.21 02:14:29 | 00,011,264 | ---- | C] (Microsoft Corporation) AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [2009.01.21 02:14:29 | 00,001,688 | ---- | C] () WINSPOOL.DRV -> %SystemRoot%\System\WINSPOOL.DRV -> [2009.01.21 02:14:28 | 00,146,432 | ---- | C] (Microsoft Corporation) storprop.dll -> %SystemRoot%\System32\storprop.dll -> [2009.01.21 02:14:25 | 00,074,752 | ---- | C] (Microsoft Corporation) desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [2009.01.21 02:14:15 | 00,000,084 | -HS- | C] () desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [2009.01.21 02:14:15 | 00,000,062 | -HS- | C] () desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [2009.01.21 02:14:15 | 00,000,062 | -HS- | C] () Start Menu -> %AllUsersProfile%\Start Menu -> [2009.01.21 02:14:15 | 00,000,000 | R--D | C] Documents -> %AllUsersProfile%\Documents -> [2009.01.21 02:14:15 | 00,000,000 | R--D | C] Templates -> %AllUsersProfile%\Templates -> [2009.01.21 02:14:15 | 00,000,000 | -H-D | C] Favorites -> %AllUsersProfile%\Favorites -> [2009.01.21 02:14:15 | 00,000,000 | ---D | C] Desktop -> %AllUsersProfile%\Desktop -> [2009.01.21 02:14:15 | 00,000,000 | ---D | C] Apoint2K -> %ProgramFiles%\Apoint2K -> [2009.01.21 02:14:12 | 00,000,000 | ---D | C] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [2009.01.21 02:13:58 | 00,000,000 | ---D | C] CatRoot -> %SystemRoot%\System32\CatRoot -> [2009.01.21 02:13:58 | 00,000,000 | ---D | C] setupapi.old -> %SystemRoot%\setupapi.old -> [2009.01.21 02:13:52 | 00,871,186 | ---- | C] () Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [2009.01.21 02:13:52 | 00,000,000 | --SD | C] Application Data -> %AllUsersProfile%\Application Data -> [2009.01.21 02:13:52 | 00,000,000 | RH-D | C] Documents and Settings -> %SystemDrive%\Documents and Settings -> [2009.01.21 02:13:22 | 00,000,000 | ---D | C] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009.01.21 02:13:21 | 00,264,616 | ---- | C] () System Volume Information -> %SystemDrive%\System Volume Information -> [2009.01.21 02:13:21 | 00,000,000 | -HSD | C] boot.ini -> %SystemDrive%\boot.ini -> [2009.01.21 02:12:36 | 00,000,211 | -H-- | C] () $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [2009.01.21 02:12:31 | 00,000,288 | ---- | C] () Fonts -> %SystemRoot%\Fonts -> [2009.01.21 02:05:13 | 00,000,000 | R-SD | C] Web -> %SystemRoot%\Web -> [2009.01.21 02:05:13 | 00,000,000 | R--D | C] inf -> %SystemRoot%\inf -> [2009.01.21 02:05:13 | 00,000,000 | -H-D | C] WinSxS -> %SystemRoot%\WinSxS -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] wins -> %SystemRoot%\System32\wins -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] WINDOWS -> %SystemRoot% -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] wbem -> %SystemRoot%\System32\wbem -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] usmt -> %SystemRoot%\System32\usmt -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] twain_32 -> %SystemRoot%\twain_32 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Temp -> %SystemRoot%\Temp -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] system32 -> %SystemRoot%\system32 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] system -> %SystemRoot%\system -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] spool -> %SystemRoot%\System32\spool -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] ShellExt -> %SystemRoot%\System32\ShellExt -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Setup -> %SystemRoot%\System32\Setup -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] security -> %SystemRoot%\security -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] scripting -> %SystemRoot%\System32\scripting -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Resources -> %SystemRoot%\Resources -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] repair -> %SystemRoot%\repair -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] ras -> %SystemRoot%\System32\ras -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Provisioning -> %SystemRoot%\Provisioning -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] PeerNet -> %SystemRoot%\PeerNet -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] pchealth -> %SystemRoot%\pchealth -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] oobe -> %SystemRoot%\System32\oobe -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] npp -> %SystemRoot%\System32\npp -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Network Diagnostic -> %SystemRoot%\Network Diagnostic -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] mui -> %SystemRoot%\System32\mui -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] mui -> %SystemRoot%\mui -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] msapps -> %SystemRoot%\msapps -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] msagent -> %SystemRoot%\msagent -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Media -> %SystemRoot%\Media -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] L2Schemas -> %SystemRoot%\L2Schemas -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] java -> %SystemRoot%\java -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] inetsrv -> %SystemRoot%\System32\inetsrv -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] IME -> %SystemRoot%\System32\IME -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] ime -> %SystemRoot%\ime -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] icsxml -> %SystemRoot%\System32\icsxml -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] ias -> %SystemRoot%\System32\ias -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Help -> %SystemRoot%\Help -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] export -> %SystemRoot%\System32\export -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] etc -> %SystemRoot%\System32\drivers\etc -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] en -> %SystemRoot%\System32\en -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] ehome -> %SystemRoot%\ehome -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] drivers -> %SystemRoot%\System32\drivers -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Driver Cache -> %SystemRoot%\Driver Cache -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] disdn -> %SystemRoot%\System32\drivers\disdn -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] dhcp -> %SystemRoot%\System32\dhcp -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Debug -> %SystemRoot%\Debug -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Cursors -> %SystemRoot%\Cursors -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Connection Wizard -> %SystemRoot%\Connection Wizard -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] config -> %SystemRoot%\System32\config -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] Config -> %SystemRoot%\Config -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] AppPatch -> %SystemRoot%\AppPatch -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] addins -> %SystemRoot%\addins -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 3com_dmi -> %SystemRoot%\System32\3com_dmi -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 3076 -> %SystemRoot%\System32\3076 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 2052 -> %SystemRoot%\System32\2052 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 1054 -> %SystemRoot%\System32\1054 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 1042 -> %SystemRoot%\System32\1042 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 1041 -> %SystemRoot%\System32\1041 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 1037 -> %SystemRoot%\System32\1037 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 1033 -> %SystemRoot%\System32\1033 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 1031 -> %SystemRoot%\System32\1031 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 1028 -> %SystemRoot%\System32\1028 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] 1025 -> %SystemRoot%\System32\1025 -> [2009.01.21 02:05:13 | 00,000,000 | ---D | C] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [2009.01.21 01:55:02 | 00,000,000 | ---D | C] Intel -> %ProgramFiles%\Intel -> [2009.01.21 01:50:53 | 00,000,000 | ---D | C] tiinst -> %SystemRoot%\tiinst -> [2009.01.21 01:49:37 | 00,000,000 | ---D | C] Rtlnicxp.sys -> %SystemRoot%\System32\drivers\Rtlnicxp.sys -> [2009.01.21 01:48:25 | 00,074,496 | ---- | C] (Realtek Semiconductor Corporation ) OPTIONS -> %SystemRoot%\OPTIONS -> [2009.01.21 01:48:25 | 00,000,000 | ---D | C] Broadcom -> %ProgramFiles%\Broadcom -> [2009.01.21 01:48:13 | 00,000,000 | ---D | C] Msft_Kernel_HpqKbFiltr_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf -> [2009.01.21 01:47:17 | 00,000,000 | -H-- | C] () MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> %SystemRoot%\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> [2009.01.21 01:47:15 | 00,000,000 | -H-- | C] () spupdsvc.exe -> %SystemRoot%\System32\spupdsvc.exe -> [2009.01.21 01:46:59 | 00,023,856 | ---- | C] (Microsoft Corporation) ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [2009.01.21 01:46:41 | 00,000,000 | ---D | C] wdfcoinstaller01005.dll -> %SystemRoot%\System32\wdfcoinstaller01005.dll -> [2009.01.21 01:46:35 | 01,419,232 | ---- | C] (Microsoft Corporation) Hewlett-Packard -> %ProgramFiles%\Hewlett-Packard -> [2009.01.21 01:46:31 | 00,000,000 | ---D | C] InstallShield -> %AppData%\InstallShield -> [2009.01.21 01:46:13 | 00,000,000 | ---D | C] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2009.01.21 01:44:41 | 04,814,698 | -H-- | C] () MidiSyn.sys -> %SystemRoot%\System32\drivers\MidiSyn.sys -> [2009.01.21 01:43:03 | 00,235,100 | ---- | C] (Analog Devices Inc) splitter.sys -> %SystemRoot%\System32\drivers\splitter.sys -> [2009.01.21 01:42:59 | 00,006,272 | ---- | C] (Microsoft Corporation) DMusic.sys -> %SystemRoot%\System32\drivers\DMusic.sys -> [2009.01.21 01:42:54 | 00,052,864 | ---- | C] (Microsoft Corporation) ksproxy.ax -> %SystemRoot%\System32\ksproxy.ax -> [2009.01.21 01:42:30 | 00,129,536 | ---- | C] (Microsoft Corporation) ksuser.dll -> %SystemRoot%\System32\ksuser.dll -> [2009.01.21 01:42:30 | 00,004,096 | ---- | C] (Microsoft Corporation) senfilt.sys -> %SystemRoot%\System32\drivers\senfilt.sys -> [2009.01.21 01:42:27 | 00,381,056 | ---- | C] (Sensaura) SMMedia.dll -> %SystemRoot%\System32\SMMedia.dll -> [2009.01.21 01:42:26 | 01,285,632 | ---- | C] (Analog Devices) wdmioctl.dll -> %SystemRoot%\System32\wdmioctl.dll -> [2009.01.21 01:42:26 | 00,030,208 | ---- | C] (Analog Devices Inc.) virtear.dll -> %SystemRoot%\System32\virtear.dll -> [2009.01.21 01:42:25 | 00,991,232 | ---- | C] (Sensaura) DSndUp.exe -> %SystemRoot%\System32\DSndUp.exe -> [2009.01.21 01:42:25 | 00,069,632 | ---- | C] (Analog Devices Inc.) CleanUp.exe -> %SystemRoot%\System32\CleanUp.exe -> [2009.01.21 01:42:25 | 00,065,536 | ---- | C] (adi) InstallShield Installation Information -> %ProgramFiles%\InstallShield Installation Information -> [2009.01.21 01:42:25 | 00,000,000 | -H-D | C] VirtualEar -> %SystemRoot%\VirtualEar -> [2009.01.21 01:42:25 | 00,000,000 | ---D | C] Analog Devices -> %ProgramFiles%\Analog Devices -> [2009.01.21 01:42:25 | 00,000,000 | ---D | C] InstallShield -> %CommonProgramFiles%\InstallShield -> [2009.01.21 01:42:11 | 00,000,000 | ---D | C] swsetup -> %SystemDrive%\swsetup -> [2009.01.21 01:42:04 | 00,000,000 | ---D | C] HP -> %ProgramFiles%\HP -> [2009.01.21 01:37:06 | 00,000,000 | ---D | C] Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [2009.01.21 01:37:04 | 00,000,000 | ---D | C] Identities -> %AppData%\Identities -> [2009.01.21 01:32:54 | 00,000,000 | ---D | C] Uninstall Information -> %ProgramFiles%\Uninstall Information -> [2009.01.21 01:32:52 | 00,000,000 | -H-D | C] desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [2009.01.21 01:32:48 | 00,000,078 | -HS- | C] () My Pictures -> %UserProfile%\My Documents\My Pictures -> [2009.01.21 01:32:48 | 00,000,000 | R--D | C] My Music -> %UserProfile%\My Documents\My Music -> [2009.01.21 01:32:48 | 00,000,000 | R--D | C] ntuser.ini -> %UserProfile%\ntuser.ini -> [2009.01.21 01:32:45 | 00,000,178 | -HS- | C] () desktop.ini -> %AppData%\desktop.ini -> [2009.01.21 01:32:44 | 00,000,062 | -HS- | C] () NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009.01.21 01:32:43 | 02,621,440 | -H-- | C] () desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [2009.01.21 01:32:43 | 00,000,084 | -HS- | C] () Microsoft -> %AppData%\Microsoft -> [2009.01.21 01:32:43 | 00,000,000 | --SD | C] SendTo -> %UserProfile%\SendTo -> [2009.01.21 01:32:43 | 00,000,000 | RH-D | C] Recent -> %UserProfile%\Recent -> [2009.01.21 01:32:43 | 00,000,000 | RH-D | C] Application Data -> %AppData% -> [2009.01.21 01:32:43 | 00,000,000 | RH-D | C] Start Menu -> %UserProfile%\Start Menu -> [2009.01.21 01:32:43 | 00,000,000 | R--D | C] My Documents -> %UserProfile%\My Documents -> [2009.01.21 01:32:43 | 00,000,000 | R--D | C] Favorites -> %UserProfile%\Favorites -> [2009.01.21 01:32:43 | 00,000,000 | R--D | C] Cookies -> %UserProfile%\Cookies -> [2009.01.21 01:32:43 | 00,000,000 | -HSD | C] Templates -> %UserProfile%\Templates -> [2009.01.21 01:32:43 | 00,000,000 | -H-D | C] PrintHood -> %UserProfile%\PrintHood -> [2009.01.21 01:32:43 | 00,000,000 | -H-D | C] NetHood -> %UserProfile%\NetHood -> [2009.01.21 01:32:43 | 00,000,000 | -H-D | C] Local Settings -> %UserProfile%\Local Settings -> [2009.01.21 01:32:43 | 00,000,000 | -H-D | C] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [2009.01.21 01:32:43 | 00,000,000 | ---D | C] Desktop -> %UserProfile%\Desktop -> [2009.01.21 01:32:43 | 00,000,000 | ---D | C] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [2009.01.21 01:31:41 | 00,000,000 | ---D | C] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009.01.21 01:31:39 | 00,000,006 | -H-- | C] () Microsoft -> %SystemRoot%\System32\Microsoft -> [2009.01.21 01:31:36 | 00,000,000 | --SD | C] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [2009.01.21 01:31:21 | 00,008,192 | ---- | C] () bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009.01.21 01:30:24 | 00,002,048 | --S- | C] () xircom -> %SystemRoot%\System32\xircom -> [2009.01.21 01:27:03 | 00,000,000 | ---D | C] xerox -> %ProgramFiles%\xerox -> [2009.01.21 01:27:03 | 00,000,000 | ---D | C] microsoft frontpage -> %ProgramFiles%\microsoft frontpage -> [2009.01.21 01:27:03 | 00,000,000 | ---D | C] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [2009.01.21 01:26:40 | 00,002,626 | ---- | C] () AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [2009.01.21 01:26:40 | 00,000,050 | ---- | C] () MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [2009.01.21 01:26:40 | 00,000,000 | RHS- | C] () IO.SYS -> %SystemDrive%\IO.SYS -> [2009.01.21 01:26:40 | 00,000,000 | RHS- | C] () control.ini -> %SystemRoot%\control.ini -> [2009.01.21 01:26:40 | 00,000,000 | ---- | C] () CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [2009.01.21 01:26:40 | 00,000,000 | ---- | C] () nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [2009.01.21 01:26:30 | 00,023,392 | ---- | C] () amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [2009.01.21 01:26:30 | 00,016,832 | ---- | C] () WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [2009.01.21 01:26:29 | 00,316,640 | ---- | C] () mapi32.dll -> %SystemRoot%\System32\mapi32.dll -> [2009.01.21 01:26:18 | 00,112,128 | ---- | C] (Microsoft Corporation) DRM -> %AllUsersProfile%\DRM -> [2009.01.21 01:25:30 | 00,000,000 | -HSD | C] WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [2009.01.21 01:25:19 | 00,000,488 | RH-- | C] () Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [2009.01.21 01:25:19 | 00,000,000 | --SD | C] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [2009.01.21 01:25:19 | 00,000,000 | R--D | C] cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [2009.01.21 01:25:12 | 00,000,749 | RH-- | C] () WindowsUpdate -> %ProgramFiles%\WindowsUpdate -> [2009.01.21 01:25:07 | 00,000,000 | -H-D | C] DirectX -> %SystemRoot%\System32\DirectX -> [2009.01.21 01:24:43 | 00,000,000 | ---D | C] atrace.dll -> %SystemRoot%\System32\atrace.dll -> [2009.01.21 01:24:37 | 00,011,264 | ---- | C] (Microsoft Corporation) winnt256.bmp -> %SystemRoot%\winnt256.bmp -> [2009.01.21 01:24:35 | 00,048,680 | -HS- | C] () winnt.bmp -> %SystemRoot%\winnt.bmp -> [2009.01.21 01:24:34 | 00,048,680 | -HS- | C] () desktop.ini -> %SystemRoot%\System32\desktop.ini -> [2009.01.21 01:24:34 | 00,000,002 | ---- | C] () desktop.ini -> %SystemRoot%\desktop.ini -> [2009.01.21 01:24:34 | 00,000,002 | ---- | C] () msg723.acm -> %SystemRoot%\System32\msg723.acm -> [2009.01.21 01:24:27 | 00,118,784 | ---- | C] (Microsoft Corporation) nmevtmsg.dll -> %SystemRoot%\System32\nmevtmsg.dll -> [2009.01.21 01:24:27 | 00,012,288 | ---- | C] (Microsoft Corporation) acctres.dll -> %SystemRoot%\System32\acctres.dll -> [2009.01.21 01:24:26 | 00,064,512 | ---- | C] (Microsoft Corporation) Services -> %CommonProgramFiles%\Services -> [2009.01.21 01:24:26 | 00,000,000 | ---D | C] icfgnt5.dll -> %SystemRoot%\System32\icfgnt5.dll -> [2009.01.21 01:24:23 | 00,016,384 | ---- | C] (Microsoft Corporation) desktop.ini -> %SystemRoot%\tasks\desktop.ini -> [2009.01.21 01:24:23 | 00,000,065 | RH-- | C] () Tasks -> %SystemRoot%\Tasks -> [2009.01.21 01:24:23 | 00,000,000 | --SD | C] MSSoap -> %CommonProgramFiles%\MSSoap -> [2009.01.21 01:24:22 | 00,000,000 | ---D | C] srchasst -> %SystemRoot%\srchasst -> [2009.01.21 01:24:17 | 00,000,000 | ---D | C] Macromed -> %SystemRoot%\System32\Macromed -> [2009.01.21 01:24:17 | 00,000,000 | ---D | C] wuaueng.dll -> %SystemRoot%\System32\wuaueng.dll -> [2009.01.21 01:24:13 | 01,809,944 | ---- | C] (Microsoft Corporation) wucltui.dll -> %SystemRoot%\System32\wucltui.dll -> [2009.01.21 01:24:13 | 00,323,608 | ---- | C] (Microsoft Corporation) wuaucpl.cpl -> %SystemRoot%\System32\wuaucpl.cpl -> [2009.01.21 01:24:13 | 00,213,528 | ---- | C] (Microsoft Corporation) wuweb.dll -> %SystemRoot%\System32\wuweb.dll -> [2009.01.21 01:24:13 | 00,202,776 | ---- | C] (Microsoft Corporation) wuaueng1.dll -> %SystemRoot%\System32\wuaueng1.dll -> [2009.01.21 01:24:13 | 00,194,520 | ---- | C] (Microsoft Corporation) wuauclt1.exe -> %SystemRoot%\System32\wuauclt1.exe -> [2009.01.21 01:24:13 | 00,172,504 | ---- | C] (Microsoft Corporation) wuauclt.exe -> %SystemRoot%\System32\wuauclt.exe -> [2009.01.21 01:24:13 | 00,051,224 | ---- | C] (Microsoft Corporation) wups.dll -> %SystemRoot%\System32\wups.dll -> [2009.01.21 01:24:13 | 00,034,328 | ---- | C] (Microsoft Corporation) wuauserv.dll -> %SystemRoot%\System32\wuauserv.dll -> [2009.01.21 01:24:13 | 00,023,576 | ---- | C] (Microsoft Corporation) wuapi.dll -> %SystemRoot%\System32\wuapi.dll -> [2009.01.21 01:24:12 | 00,561,688 | ---- | C] (Microsoft Corporation) qmgr.dll -> %SystemRoot%\System32\qmgr.dll -> [2009.01.21 01:24:12 | 00,409,088 | ---- | C] (Microsoft Corporation) qmgrprxy.dll -> %SystemRoot%\System32\qmgrprxy.dll -> [2009.01.21 01:24:12 | 00,018,944 | ---- | C] (Microsoft Corporation) bitsprx2.dll -> %SystemRoot%\System32\bitsprx2.dll -> [2009.01.21 01:24:12 | 00,008,192 | ---- | C] (Microsoft Corporation) bitsprx4.dll -> %SystemRoot%\System32\bitsprx4.dll -> [2009.01.21 01:24:12 | 00,007,168 | ---- | C] (Microsoft Corporation) bitsprx3.dll -> %SystemRoot%\System32\bitsprx3.dll -> [2009.01.21 01:24:12 | 00,007,168 | ---- | C] (Microsoft Corporation) Movie Maker -> %ProgramFiles%\Movie Maker -> [2009.01.21 01:24:07 | 00,000,000 | ---D | C] safrslv.dll -> %SystemRoot%\System32\safrslv.dll -> [2009.01.21 01:23:48 | 00,045,568 | ---- | C] (Microsoft Corporation) safrcdlg.dll -> %SystemRoot%\System32\safrcdlg.dll -> [2009.01.21 01:23:48 | 00,043,520 | ---- | C] (Microsoft Corporation) racpldlg.dll -> %SystemRoot%\System32\racpldlg.dll -> [2009.01.21 01:23:48 | 00,043,520 | ---- | C] (Microsoft Corporation) safrdm.dll -> %SystemRoot%\System32\safrdm.dll -> [2009.01.21 01:23:48 | 00,029,696 | ---- | C] (Microsoft Corporation) fltMgr.sys -> %SystemRoot%\System32\drivers\fltMgr.sys -> [2009.01.21 01:23:44 | 00,129,792 | ---- | C] (Microsoft Corporation) fltMc.exe -> %SystemRoot%\System32\fltMc.exe -> [2009.01.21 01:23:44 | 00,040,448 | ---- | C] (Microsoft Corporation) fltlib.dll -> %SystemRoot%\System32\fltlib.dll -> [2009.01.21 01:23:44 | 00,016,896 | ---- | C] (Microsoft Corporation) srrstr.dll -> %SystemRoot%\System32\srrstr.dll -> [2009.01.21 01:23:43 | 00,239,104 | ---- | C] (Microsoft Corporation) srsvc.dll -> %SystemRoot%\System32\srsvc.dll -> [2009.01.21 01:23:43 | 00,171,008 | ---- | C] (Microsoft Corporation) sr.sys -> %SystemRoot%\System32\drivers\sr.sys -> [2009.01.21 01:23:43 | 00,073,472 | ---- | C] (Microsoft Corporation) srclient.dll -> %SystemRoot%\System32\srclient.dll -> [2009.01.21 01:23:43 | 00,067,584 | ---- | C] (Microsoft Corporation) Restore -> %SystemRoot%\System32\Restore -> [2009.01.21 01:23:43 | 00,000,000 | ---D | C] msh261.drv -> %SystemRoot%\System32\msh261.drv -> [2009.01.21 01:23:42 | 00,188,416 | ---- | C] (Microsoft Corporation) ils.dll -> %SystemRoot%\System32\ils.dll -> [2009.01.21 01:23:42 | 00,081,920 | ---- | C] (Microsoft Corporation) msconf.dll -> %SystemRoot%\System32\msconf.dll -> [2009.01.21 01:23:42 | 00,069,632 | ---- | C] (Microsoft Corporation) mnmsrvc.exe -> %SystemRoot%\System32\mnmsrvc.exe -> [2009.01.21 01:23:42 | 00,053,248 | ---- | C] (Microsoft Corporation) mnmdd.dll -> %SystemRoot%\System32\mnmdd.dll -> [2009.01.21 01:23:42 | 00,034,560 | ---- | C] (Microsoft Corporation) nmmkcert.dll -> %SystemRoot%\System32\nmmkcert.dll -> [2009.01.21 01:23:42 | 00,028,672 | ---- | C] (Microsoft Corporation) msoeacct.dll -> %SystemRoot%\System32\msoeacct.dll -> [2009.01.21 01:23:39 | 00,252,928 | ---- | C] (Microsoft Corporation) msoert2.dll -> %SystemRoot%\System32\msoert2.dll -> [2009.01.21 01:23:39 | 00,105,984 | ---- | C] (Microsoft Corporation) NetMeeting -> %ProgramFiles%\NetMeeting -> [2009.01.21 01:23:39 | 00,000,000 | ---D | C] inetcomm.dll -> %SystemRoot%\System32\inetcomm.dll -> [2009.01.21 01:23:37 | 00,691,712 | ---- | C] (Microsoft Corporation) inetres.dll -> %SystemRoot%\System32\inetres.dll -> [2009.01.21 01:23:37 | 00,048,128 | ---- | C] (Microsoft Corporation) mstask.dll -> %SystemRoot%\System32\mstask.dll -> [2009.01.21 01:23:35 | 00,274,944 | ---- | C] (Microsoft Corporation) schedsvc.dll -> %SystemRoot%\System32\schedsvc.dll -> [2009.01.21 01:23:35 | 00,192,512 | ---- | C] (Microsoft Corporation) mstinit.exe -> %SystemRoot%\System32\mstinit.exe -> [2009.01.21 01:23:35 | 00,029,696 | ---- | C] (Microsoft Corporation) Outlook Express -> %ProgramFiles%\Outlook Express -> [2009.01.21 01:23:35 | 00,000,000 | ---D | C] inetcfg.dll -> %SystemRoot%\System32\inetcfg.dll -> [2009.01.21 01:23:34 | 00,274,432 | ---- | C] (Microsoft Corporation) isign32.dll -> %SystemRoot%\System32\isign32.dll -> [2009.01.21 01:23:34 | 00,081,920 | ---- | C] (Microsoft Corporation) icwdial.dll -> %SystemRoot%\System32\icwdial.dll -> [2009.01.21 01:23:34 | 00,073,728 | ---- | C] (Microsoft Corporation) icwphbk.dll -> %SystemRoot%\System32\icwphbk.dll -> [2009.01.21 01:23:34 | 00,065,536 | ---- | C] (Microsoft Corporation) System -> %CommonProgramFiles%\System -> [2009.01.21 01:23:28 | 00,000,000 | ---D | C] Internet Explorer -> %ProgramFiles%\Internet Explorer -> [2009.01.21 01:23:22 | 00,000,000 | ---D | C] My Pictures -> %AllUsersProfile%\Documents\My Pictures -> [2009.01.21 01:23:21 | 00,000,000 | R--D | C] emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [2009.01.21 01:22:54 | 00,023,348 | ---- | C] () ComPlus Applications -> %ProgramFiles%\ComPlus Applications -> [2009.01.21 01:22:40 | 00,000,000 | ---D | C] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [2009.01.21 01:22:38 | 00,000,037 | ---- | C] () vb.ini -> %SystemRoot%\vb.ini -> [2009.01.21 01:22:38 | 00,000,036 | ---- | C] () Registration -> %SystemRoot%\Registration -> [2009.01.21 01:22:32 | 00,000,000 | ---D | C] My Music -> %AllUsersProfile%\Documents\My Music -> [2009.01.21 01:22:21 | 00,000,000 | R--D | C] Windows Media Player -> %ProgramFiles%\Windows Media Player -> [2009.01.21 01:22:21 | 00,000,000 | ---D | C] Online Services -> %ProgramFiles%\Online Services -> [2009.01.21 01:22:21 | 00,000,000 | ---D | C] Messenger -> %ProgramFiles%\Messenger -> [2009.01.21 01:22:11 | 00,000,000 | ---D | C] write.exe -> %SystemRoot%\System32\write.exe -> [2009.01.21 01:22:07 | 00,023,040 | ---- | C] (Microsoft Corporation) MSN Gaming Zone -> %ProgramFiles%\MSN Gaming Zone -> [2009.01.21 01:22:07 | 00,000,000 | ---D | C] sndvol32.exe -> %SystemRoot%\System32\sndvol32.exe -> [2009.01.21 01:21:58 | 00,156,160 | ---- | C] (Microsoft Corporation) avwav.dll -> %SystemRoot%\System32\avwav.dll -> [2009.01.21 01:21:58 | 00,073,216 | ---- | C] (Microsoft Corporation) avtapi.dll -> %SystemRoot%\System32\avtapi.dll -> [2009.01.21 01:21:57 | 00,227,840 | ---- | C] (Microsoft Corporation) winchat.exe -> %SystemRoot%\System32\winchat.exe -> [2009.01.21 01:21:57 | 00,035,328 | ---- | C] (Microsoft Corporation) avmeter.dll -> %SystemRoot%\System32\avmeter.dll -> [2009.01.21 01:21:57 | 00,016,384 | ---- | C] (Microsoft Corporation) Prairie Wind.bmp -> %SystemRoot%\Prairie Wind.bmp -> [2009.01.21 01:21:52 | 00,065,954 | ---- | C] () Santa Fe Stucco.bmp -> %SystemRoot%\Santa Fe Stucco.bmp -> [2009.01.21 01:21:52 | 00,065,832 | ---- | C] () River Sumida.bmp -> %SystemRoot%\River Sumida.bmp -> [2009.01.21 01:21:52 | 00,026,680 | ---- | C] () Greenstone.bmp -> %SystemRoot%\Greenstone.bmp -> [2009.01.21 01:21:52 | 00,026,582 | ---- | C] () Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp -> [2009.01.21 01:21:52 | 00,017,362 | ---- | C] () Gone Fishing.bmp -> %SystemRoot%\Gone Fishing.bmp -> [2009.01.21 01:21:52 | 00,017,336 | ---- | C] () Zapotec.bmp -> %SystemRoot%\Zapotec.bmp -> [2009.01.21 01:21:52 | 00,009,522 | ---- | C] () subrange.uce -> %SystemRoot%\System32\subrange.uce -> [2009.01.21 01:21:51 | 00,093,702 | ---- | C] () Soap Bubbles.bmp -> %SystemRoot%\Soap Bubbles.bmp -> [2009.01.21 01:21:51 | 00,065,978 | ---- | C] () Coffee Bean.bmp -> %SystemRoot%\Coffee Bean.bmp -> [2009.01.21 01:21:51 | 00,017,062 | ---- | C] () shiftjis.uce -> %SystemRoot%\System32\shiftjis.uce -> [2009.01.21 01:21:51 | 00,016,740 | ---- | C] () FeatherTexture.bmp -> %SystemRoot%\FeatherTexture.bmp -> [2009.01.21 01:21:51 | 00,016,730 | ---- | C] () korean.uce -> %SystemRoot%\System32\korean.uce -> [2009.01.21 01:21:51 | 00,012,876 | ---- | C] () kanji_2.uce -> %SystemRoot%\System32\kanji_2.uce -> [2009.01.21 01:21:51 | 00,008,484 | ---- | C] () Blue Lace 16.bmp -> %SystemRoot%\Blue Lace 16.bmp -> [2009.01.21 01:21:51 | 00,001,272 | ---- | C] () getuname.dll -> %SystemRoot%\System32\getuname.dll -> [2009.01.21 01:21:50 | 00,605,696 | ---- | C] (Microsoft Corporation) calc.exe -> %SystemRoot%\System32\calc.exe -> [2009.01.21 01:21:50 | 00,132,096 | ---- | C] (Microsoft Corporation) charmap.exe -> %SystemRoot%\System32\charmap.exe -> [2009.01.21 01:21:50 | 00,097,792 | ---- | C] (Microsoft Corporation) ideograf.uce -> %SystemRoot%\System32\ideograf.uce -> [2009.01.21 01:21:50 | 00,060,458 | ---- | C] () gb2312.uce -> %SystemRoot%\System32\gb2312.uce -> [2009.01.21 01:21:50 | 00,024,006 | ---- | C] () bopomofo.uce -> %SystemRoot%\System32\bopomofo.uce -> [2009.01.21 01:21:50 | 00,022,984 | ---- | C] () kanji_1.uce -> %SystemRoot%\System32\kanji_1.uce -> [2009.01.21 01:21:50 | 00,006,948 | ---- | C] () mshearts.exe -> %SystemRoot%\System32\mshearts.exe -> [2009.01.21 01:21:49 | 00,144,384 | ---- | C] (Microsoft Corporation) winmine.exe -> %SystemRoot%\System32\winmine.exe -> [2009.01.21 01:21:49 | 00,137,216 | ---- | C] (Microsoft Corporation) sol.exe -> %SystemRoot%\System32\sol.exe -> [2009.01.21 01:21:49 | 00,074,240 | ---- | C] (Microsoft Corporation) freecell.exe -> %SystemRoot%\System32\freecell.exe -> [2009.01.21 01:21:49 | 00,072,704 | ---- | C] (Microsoft Corporation) regini.exe -> %SystemRoot%\System32\regini.exe -> [2009.01.21 01:21:48 | 00,051,200 | ---- | C] (Microsoft Corporation) qwinsta.exe -> %SystemRoot%\System32\qwinsta.exe -> [2009.01.21 01:21:48 | 00,039,424 | ---- | C] (Microsoft Corporation) tsshutdn.exe -> %SystemRoot%\System32\tsshutdn.exe -> [2009.01.21 01:21:48 | 00,034,304 | ---- | C] (Microsoft Corporation) qappsrv.exe -> %SystemRoot%\System32\qappsrv.exe -> [2009.01.21 01:21:48 | 00,034,304 | ---- | C] (Microsoft Corporation) tskill.exe -> %SystemRoot%\System32\tskill.exe -> [2009.01.21 01:21:48 | 00,033,792 | ---- | C] (Microsoft Corporation) rwinsta.exe -> %SystemRoot%\System32\rwinsta.exe -> [2009.01.21 01:21:48 | 00,033,280 | ---- | C] (Microsoft Corporation) tsdiscon.exe -> %SystemRoot%\System32\tsdiscon.exe -> [2009.01.21 01:21:48 | 00,032,256 | ---- | C] (Microsoft Corporation) tscon.exe -> %SystemRoot%\System32\tscon.exe -> [2009.01.21 01:21:48 | 00,032,256 | ---- | C] (Microsoft Corporation) shadow.exe -> %SystemRoot%\System32\shadow.exe -> [2009.01.21 01:21:48 | 00,032,256 | ---- | C] (Microsoft Corporation) reset.exe -> %SystemRoot%\System32\reset.exe -> [2009.01.21 01:21:48 | 00,027,136 | ---- | C] (Microsoft Corporation) tslabels.ini -> %SystemRoot%\System32\tslabels.ini -> [2009.01.21 01:21:48 | 00,013,223 | ---- | C] () rdpcfgex.dll -> %SystemRoot%\System32\rdpcfgex.dll -> [2009.01.21 01:21:48 | 00,004,096 | ---- | C] (Microsoft Corporation) tslabels.h -> %SystemRoot%\System32\tslabels.h -> [2009.01.21 01:21:48 | 00,003,286 | ---- | C] () usrlogon.cmd -> %SystemRoot%\System32\usrlogon.cmd -> [2009.01.21 01:21:48 | 00,001,161 | ---- | C] () msg.exe -> %SystemRoot%\System32\msg.exe -> [2009.01.21 01:21:47 | 00,038,400 | ---- | C] (Microsoft Corporation) logoff.exe -> %SystemRoot%\System32\logoff.exe -> [2009.01.21 01:21:47 | 00,032,768 | ---- | C] (Microsoft Corporation) cdmodem.dll -> %SystemRoot%\System32\cdmodem.dll -> [2009.01.21 01:21:47 | 00,015,872 | ---- | C] (Microsoft Corporation) msdtcprf.ini -> %SystemRoot%\System32\msdtcprf.ini -> [2009.01.21 01:21:47 | 00,001,931 | ---- | C] () msdtcprf.h -> %SystemRoot%\System32\msdtcprf.h -> [2009.01.21 01:21:47 | 00,000,768 | ---- | C] () wmimgmt.msc -> %SystemRoot%\System32\wmimgmt.msc -> [2009.01.21 01:21:41 | 00,063,488 | ---- | C] () MSN -> %ProgramFiles%\MSN -> [2009.01.21 01:21:27 | 00,000,000 | ---D | C] accwiz.exe -> %SystemRoot%\System32\accwiz.exe -> [2009.01.21 01:21:26 | 00,201,728 | ---- | C] (Microsoft Corporation) sndrec32.exe -> %SystemRoot%\System32\sndrec32.exe -> [2009.01.21 01:21:26 | 00,148,992 | ---- | C] (Microsoft Corporation) mplay32.exe -> %SystemRoot%\System32\mplay32.exe -> [2009.01.21 01:21:26 | 00,140,800 | ---- | C] (Microsoft Corporation) access.cpl -> %SystemRoot%\System32\access.cpl -> [2009.01.21 01:21:26 | 00,068,608 | ---- | C] (Microsoft Corporation) mspaint.exe -> %SystemRoot%\System32\mspaint.exe -> [2009.01.21 01:21:25 | 00,360,448 | ---- | C] (Microsoft Corporation) Windows NT -> %ProgramFiles%\Windows NT -> [2009.01.21 01:21:25 | 00,000,000 | ---D | C] spider.exe -> %SystemRoot%\System32\spider.exe -> [2009.01.21 01:21:24 | 00,556,032 | ---- | C] (Microsoft Corporation) clipbrd.exe -> %SystemRoot%\System32\clipbrd.exe -> [2009.01.21 01:21:24 | 00,120,320 | ---- | C] (Microsoft Corporation) rdpwd.sys -> %SystemRoot%\System32\drivers\rdpwd.sys -> [2009.01.21 01:21:23 | 00,139,656 | ---- | C] (Microsoft Corporation) tscfgwmi.dll -> %SystemRoot%\System32\tscfgwmi.dll -> [2009.01.21 01:21:23 | 00,093,696 | ---- | C] (Microsoft Corporation) tsgqec.dll -> %SystemRoot%\System32\tsgqec.dll -> [2009.01.21 01:21:23 | 00,053,248 | ---- | C] (Microsoft Corporation) tdtcp.sys -> %SystemRoot%\System32\drivers\tdtcp.sys -> [2009.01.21 01:21:23 | 00,021,896 | ---- | C] (Microsoft Corporation) tdpipe.sys -> %SystemRoot%\System32\drivers\tdpipe.sys -> [2009.01.21 01:21:23 | 00,012,040 | ---- | C] (Microsoft Corporation) en-US -> %SystemRoot%\System32\en-US -> [2009.01.21 01:21:23 | 00,000,000 | ---D | C] rhttpaa.dll -> %SystemRoot%\System32\rhttpaa.dll -> [2009.01.21 01:21:22 | 00,290,304 | ---- | C] (Microsoft Corporation) aaclient.dll -> %SystemRoot%\System32\aaclient.dll -> [2009.01.21 01:21:22 | 00,136,192 | ---- | C] (Microsoft Corporation) mstscax.dll -> %SystemRoot%\System32\mstscax.dll -> [2009.01.21 01:21:21 | 02,062,336 | ---- | C] (Microsoft Corporation) mstsc.exe -> %SystemRoot%\System32\mstsc.exe -> [2009.01.21 01:21:21 | 00,695,296 | ---- | C] (Microsoft Corporation) sessmgr.exe -> %SystemRoot%\System32\sessmgr.exe -> [2009.01.21 01:21:21 | 00,158,720 | ---- | C] (Microsoft Corporation) rdshost.exe -> %SystemRoot%\System32\rdshost.exe -> [2009.01.21 01:21:21 | 00,084,480 | ---- | C] (Microsoft Corporation) remotepg.dll -> %SystemRoot%\System32\remotepg.dll -> [2009.01.21 01:21:21 | 00,060,416 | ---- | C] (Microsoft Corporation) rdsaddin.exe -> %SystemRoot%\System32\rdsaddin.exe -> [2009.01.21 01:21:21 | 00,031,232 | ---- | C] (Microsoft Corporation) termsrv.dll -> %SystemRoot%\System32\termsrv.dll -> [2009.01.21 01:21:20 | 00,295,424 | ---- | C] (Microsoft Corporation) rdchost.dll -> %SystemRoot%\System32\rdchost.dll -> [2009.01.21 01:21:20 | 00,147,968 | ---- | C] (Microsoft Corporation) rdpwsx.dll -> %SystemRoot%\System32\rdpwsx.dll -> [2009.01.21 01:21:20 | 00,087,176 | ---- | C] (Microsoft Corporation) rdpclip.exe -> %SystemRoot%\System32\rdpclip.exe -> [2009.01.21 01:21:20 | 00,080,384 | ---- | C] (Microsoft Corporation) cfgbkend.dll -> %SystemRoot%\System32\cfgbkend.dll -> [2009.01.21 01:21:20 | 00,038,912 | ---- | C] (Microsoft Corporation) qprocess.exe -> %SystemRoot%\System32\qprocess.exe -> [2009.01.21 01:21:20 | 00,037,376 | ---- | C] (Microsoft Corporation) rdpsnd.dll -> %SystemRoot%\System32\rdpsnd.dll -> [2009.01.21 01:21:20 | 00,019,968 | ---- | C] (Microsoft Corporation) icaapi.dll -> %SystemRoot%\System32\icaapi.dll -> [2009.01.21 01:21:20 | 00,011,264 | ---- | C] (Microsoft Corporation) msdtctm.dll -> %SystemRoot%\System32\msdtctm.dll -> [2009.01.21 01:21:19 | 00,956,928 | ---- | C] (Microsoft Corporation) msdtcprx.dll -> %SystemRoot%\System32\msdtcprx.dll -> [2009.01.21 01:21:19 | 00,427,008 | ---- | C] (Microsoft Corporation) msdtcuiu.dll -> %SystemRoot%\System32\msdtcuiu.dll -> [2009.01.21 01:21:19 | 00,161,792 | ---- | C] (Microsoft Corporation) mtxoci.dll -> %SystemRoot%\System32\mtxoci.dll -> [2009.01.21 01:21:19 | 00,091,648 | ---- | C] (Microsoft Corporation) MsDtc -> %SystemRoot%\System32\MsDtc -> [2009.01.21 01:21:19 | 00,000,000 | ---D | C] msdtclog.dll -> %SystemRoot%\System32\msdtclog.dll -> [2009.01.21 01:21:18 | 00,058,880 | ---- | C] (Microsoft Corporation) msdtc.exe -> %SystemRoot%\System32\msdtc.exe -> [2009.01.21 01:21:18 | 00,023,552 | ---- | C] (Microsoft Corporation) xolehlp.dll -> %SystemRoot%\System32\xolehlp.dll -> [2009.01.21 01:21:18 | 00,011,776 | ---- | C] (Microsoft Corporation) comrepl.dll -> %SystemRoot%\System32\comrepl.dll -> [2009.01.21 01:21:17 | 00,097,792 | ---- | C] (Microsoft Corporation) colbact.dll -> %SystemRoot%\System32\colbact.dll -> [2009.01.21 01:21:17 | 00,060,416 | ---- | C] (Microsoft Corporation) stclient.dll -> %SystemRoot%\System32\stclient.dll -> [2009.01.21 01:21:17 | 00,059,392 | ---- | C] (Microsoft Corporation) mtxlegih.dll -> %SystemRoot%\System32\mtxlegih.dll -> [2009.01.21 01:21:17 | 00,034,304 | ---- | C] (Microsoft Corporation) mtxdm.dll -> %SystemRoot%\System32\mtxdm.dll -> [2009.01.21 01:21:17 | 00,030,720 | ---- | C] (Microsoft Corporation) comaddin.dll -> %SystemRoot%\System32\comaddin.dll -> [2009.01.21 01:21:17 | 00,028,160 | ---- | C] (Microsoft Corporation) dcomcnfg.exe -> %SystemRoot%\System32\dcomcnfg.exe -> [2009.01.21 01:21:17 | 00,023,552 | ---- | C] (Microsoft Corporation) mtxex.dll -> %SystemRoot%\System32\mtxex.dll -> [2009.01.21 01:21:17 | 00,004,096 | ---- | C] (Microsoft Corporation) Com -> %SystemRoot%\System32\Com -> [2009.01.21 01:21:17 | 00,000,000 | ---D | C] catsrvut.dll -> %SystemRoot%\System32\catsrvut.dll -> [2009.01.21 01:21:16 | 00,625,664 | ---- | C] (Microsoft Corporation) catsrv.dll -> %SystemRoot%\System32\catsrv.dll -> [2009.01.21 01:21:16 | 00,226,304 | ---- | C] (Microsoft Corporation) clbcatex.dll -> %SystemRoot%\System32\clbcatex.dll -> [2009.01.21 01:21:16 | 00,110,592 | ---- | C] (Microsoft Corporation) catsrvps.dll -> %SystemRoot%\System32\catsrvps.dll -> [2009.01.21 01:21:16 | 00,085,504 | ---- | C] (Microsoft Corporation) comsvcs.dll -> %SystemRoot%\System32\comsvcs.dll -> [2009.01.21 01:21:15 | 01,267,200 | ---- | C] (Microsoft Corporation) comuid.dll -> %SystemRoot%\System32\comuid.dll -> [2009.01.21 01:21:15 | 00,539,648 | ---- | C] (Microsoft Corporation) clbcatq.dll -> %SystemRoot%\System32\clbcatq.dll -> [2009.01.21 01:21:15 | 00,498,688 | ---- | C] (Microsoft Corporation) comsnap.dll -> %SystemRoot%\System32\comsnap.dll -> [2009.01.21 01:21:15 | 00,167,424 | ---- | C] (Microsoft Corporation) servdeps.dll -> %SystemRoot%\System32\servdeps.dll -> [2009.01.21 01:21:08 | 00,056,320 | ---- | C] (Microsoft Corporation) cmprops.dll -> %SystemRoot%\System32\cmprops.dll -> [2009.01.21 01:21:06 | 00,185,344 | ---- | C] (Microsoft Corporation) licwmi.dll -> %SystemRoot%\System32\licwmi.dll -> [2009.01.21 01:21:06 | 00,058,880 | ---- | C] (Microsoft Corporation) mmfutil.dll -> %SystemRoot%\System32\mmfutil.dll -> [2009.01.21 01:21:06 | 00,017,408 | ---- | C] (Microsoft Corporation) rdpdr.sys -> %SystemRoot%\System32\drivers\rdpdr.sys -> [2009.01.21 01:21:02 | 00,196,224 | ---- | C] (Microsoft Corporation) termdd.sys -> %SystemRoot%\System32\drivers\termdd.sys -> [2009.01.21 01:21:02 | 00,040,840 | ---- | C] (Microsoft Corporation) My Videos -> %AllUsersProfile%\Documents\My Videos -> [2009.01.21 01:21:01 | 00,000,000 | R--D | C] [Files/Folders - Modified Within 30 Days] 7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 32 C:\Documents and Settings\install\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\install\Local Settings\Temp\*.tmp -> 16 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009.02.19 09:57:59 | 00,481,352 | ---- | M] () perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009.02.19 09:57:59 | 00,409,360 | ---- | M] () perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009.02.19 09:57:59 | 00,064,716 | ---- | M] () wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009.02.19 09:54:10 | 00,002,228 | ---- | M] () hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [2009.02.19 09:53:44 | 00,000,784 | ---- | M] () SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009.02.19 09:53:37 | 00,000,006 | -H-- | M] () bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009.02.19 09:53:27 | 00,002,048 | --S- | M] () ntuser.ini -> %UserProfile%\ntuser.ini -> [2009.02.19 09:52:41 | 00,000,178 | -HS- | M] () NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009.02.19 09:52:40 | 02,621,440 | -H-- | M] () Perflib_Perfdata_2b4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2b4.dat -> [2009.02.19 09:50:41 | 00,016,384 | ---- | M] () Perflib_Perfdata_2b0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2b0.dat -> [2009.02.18 23:43:09 | 00,016,384 | ---- | M] () Perflib_Perfdata_2ac.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2ac.dat -> [2009.02.18 11:18:13 | 00,016,384 | ---- | M] () index.dat -> %UserProfile%\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat -> [2009.02.17 22:22:02 | 00,032,768 | -HS- | M] () index.dat -> %UserProfile%\Local Settings\Temp\History\History.IE5\index.dat -> [2009.02.17 22:22:02 | 00,032,768 | -HS- | M] () index.dat -> %UserProfile%\Local Settings\Temp\Cookies\index.dat -> [2009.02.17 22:22:02 | 00,016,384 | -HS- | M] () index.dat -> %SystemRoot%\Temp\Temporary Internet Files\Content.IE5\index.dat -> [2009.02.17 21:41:23 | 00,032,768 | -HS- | M] () index.dat -> %SystemRoot%\Temp\History\History.IE5\index.dat -> [2009.02.17 21:41:23 | 00,032,768 | -HS- | M] () index.dat -> %SystemRoot%\Temp\Cookies\index.dat -> [2009.02.17 21:41:23 | 00,032,768 | -HS- | M] () Perflib_Perfdata_5c0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5c0.dat -> [2009.02.17 20:14:14 | 00,016,384 | ---- | M] () avast! Antivirus.lnk -> %AllUsersProfile%\Desktop\avast! Antivirus.lnk -> [2009.02.17 19:58:48 | 00,001,709 | ---- | M] () CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [2009.02.17 19:58:43 | 00,002,626 | ---- | M] () FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009.02.17 19:07:13 | 00,264,616 | ---- | M] () $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [2009.02.17 18:54:39 | 00,000,288 | ---- | M] () desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [2009.02.17 18:52:35 | 00,000,084 | -HS- | M] () nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [2009.02.17 18:52:22 | 00,023,392 | ---- | M] () amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [2009.02.17 18:52:22 | 00,016,832 | ---- | M] () ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [2009.02.17 18:52:02 | 00,004,161 | ---- | M] () WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [2009.02.17 18:50:12 | 00,000,488 | RH-- | M] () logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [2009.02.17 18:50:12 | 00,000,488 | RH-- | M] () wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | M] () WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | M] () sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | M] () nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | M] () ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | M] () cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [2009.02.17 18:50:05 | 00,000,749 | RH-- | M] () win.ini -> %SystemRoot%\win.ini -> [2009.02.17 18:49:46 | 00,000,582 | ---- | M] () emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [2009.02.17 18:45:31 | 00,023,348 | ---- | M] () boot.ini.SAB -> %SystemDrive%\boot.ini.SAB -> [2009.02.17 18:41:15 | 00,000,211 | -H-- | M] () boot.ini -> %SystemDrive%\boot.ini -> [2009.02.17 18:41:15 | 00,000,211 | -H-- | M] () pid.PNF -> %SystemRoot%\System32\pid.PNF -> [2009.02.17 18:40:16 | 00,004,444 | ---- | M] () System.ini -> %SystemRoot%\System.ini -> [2009.02.17 18:33:00 | 00,000,268 | ---- | M] () desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [2009.02.17 18:31:54 | 00,000,062 | -HS- | M] () desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [2009.02.17 18:31:54 | 00,000,062 | -HS- | M] () setupapi.old -> %SystemRoot%\setupapi.old -> [2009.02.06 17:39:00 | 00,871,186 | ---- | M] () iehelper.dll -> %SystemRoot%\System32\iehelper.dll -> [2009.02.06 17:18:58 | 00,009,216 | ---- | M] () svchost.exe -> %UserProfile%\Local Settings\Temp\WERea2f.dir00\svchost.exe -> [2009.02.06 17:17:31 | 00,000,000 | ---- | M] () secupdat.dat -> %SystemRoot%\System32\secupdat.dat -> [2009.02.06 14:07:10 | 00,066,560 | -H-- | M] () ijrup.exe -> %UserProfile%\ijrup.exe -> [2009.02.06 14:07:10 | 00,032,768 | -H-- | M] () ndisio.sys -> %SystemRoot%\System32\drivers\ndisio.sys -> [2009.02.06 14:07:07 | 00,053,248 | ---- | M] () services.exe -> %SystemRoot%\services.exe -> [2009.02.06 14:06:32 | 00,040,961 | ---- | M] () sysguard.exe -> %SystemRoot%\sysguard.exe -> [2009.02.06 13:53:33 | 00,398,340 | ---- | M] () TDSSserv.sys -> %SystemRoot%\System32\drivers\TDSSserv.sys -> [2009.02.06 13:53:03 | 00,051,712 | ---- | M] (Microsoft Corporation) -62090957 -> %SystemDrive%\-62090957 -> [2009.02.06 13:51:25 | 00,000,002 | ---- | M] () qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009.02.05 23:17:16 | 00,005,511 | ---- | M] () qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009.02.05 23:17:16 | 00,004,232 | ---- | M] () aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> [2009.02.05 22:11:35 | 01,256,296 | ---- | M] (ALWIL Software) aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> [2009.02.05 22:08:19 | 00,093,296 | ---- | M] (ALWIL Software) aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> [2009.02.05 22:08:10 | 00,094,032 | ---- | M] (ALWIL Software) aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> [2009.02.05 22:07:23 | 00,114,768 | ---- | M] (ALWIL Software) aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> [2009.02.05 22:07:12 | 00,020,560 | ---- | M] (ALWIL Software) aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> [2009.02.05 22:06:20 | 00,051,376 | ---- | M] (ALWIL Software) aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> [2009.02.05 22:06:10 | 00,023,152 | ---- | M] (ALWIL Software) aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> [2009.02.05 22:05:11 | 00,026,944 | ---- | M] (ALWIL Software) AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> [2009.02.05 22:04:45 | 00,097,480 | ---- | M] (ALWIL Software) trening.docx -> %UserProfile%\Desktop\trening.docx -> [2009.02.04 22:15:26 | 00,011,394 | ---- | M] () Adobe Reader 8.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 8.lnk -> [2009.02.04 14:32:17 | 00,001,729 | ---- | M] () Core stability.zip -> %UserProfile%\Desktop\Core stability.zip -> [2009.02.03 21:59:55 | 00,285,898 | ---- | M] () z6qi664.tgz -> %SystemRoot%\System32\z6qi664.tgz -> [2009.02.01 23:38:24 | 00,000,352 | ---- | M] () WTS.xls -> %UserProfile%\Desktop\WTS.xls -> [2009.02.01 23:36:42 | 00,024,576 | ---- | M] () prsgrc.tgz -> %SystemRoot%\System32\prsgrc.tgz -> [2009.02.01 16:45:34 | 00,000,114 | ---- | M] () prsgrc.dll -> %SystemRoot%\System32\prsgrc.dll -> [2009.02.01 16:45:33 | 00,000,100 | ---- | M] () ssprs.tgz -> %SystemRoot%\System32\ssprs.tgz -> [2009.02.01 16:45:33 | 00,000,086 | ---- | M] () Shortcut to SUPER.lnk -> %UserProfile%\Desktop\Shortcut to SUPER.lnk -> [2009.02.01 13:21:58 | 00,000,536 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009.02.01 12:40:43 | 00,128,000 | ---- | M] () Shortcut to FREESTYLER09.lnk -> %UserProfile%\Desktop\Shortcut to FREESTYLER09.lnk -> [2009.01.31 12:20:36 | 00,000,389 | ---- | M] () OLYMPUS Master.lnk -> %AllUsersProfile%\Desktop\OLYMPUS Master.lnk -> [2009.01.24 23:28:52 | 00,000,774 | ---- | M] () ImageMixer VCD DVD2 for OLYMPUS 2.0.lnk -> %AllUsersProfile%\Desktop\ImageMixer VCD DVD2 for OLYMPUS 2.0.lnk -> [2009.01.24 23:27:35 | 00,001,707 | ---- | M] () winamp.ini -> %SystemRoot%\winamp.ini -> [2009.01.24 22:55:27 | 00,000,192 | ---- | M] () Product Registration.url -> %AllUsersProfile%\Desktop\Product Registration.url -> [2009.01.24 22:51:45 | 00,000,165 | ---- | M] () Picture Motion Browser Media Check Tool.lnk -> %UserProfile%\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk -> [2009.01.24 22:50:45 | 00,001,983 | ---- | M] () HDD Handycam Utility.lnk -> %AllUsersProfile%\Desktop\HDD Handycam Utility.lnk -> [2009.01.24 22:49:58 | 00,001,913 | ---- | M] () Picture Motion Browser.lnk -> %AllUsersProfile%\Desktop\Picture Motion Browser.lnk -> [2009.01.24 22:46:43 | 00,001,683 | ---- | M] () Winamp.lnk -> %UserProfile%\Desktop\Winamp.lnk -> [2009.01.24 22:40:27 | 00,000,654 | ---- | M] () QuickTime Player.lnk -> %AllUsersProfile%\Desktop\QuickTime Player.lnk -> [2009.01.24 22:36:46 | 00,000,724 | ---- | M] () AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [2009.01.24 22:30:19 | 00,000,050 | ---- | M] () First Step Guide.lnk -> %AllUsersProfile%\Desktop\First Step Guide.lnk -> [2009.01.24 22:28:21 | 00,001,877 | ---- | M] () Sony Product Registration.url -> %AllUsersProfile%\Desktop\Sony Product Registration.url -> [2009.01.24 22:27:04 | 00,000,210 | ---- | M] () Picture Package Menu.lnk -> %AllUsersProfile%\Desktop\Picture Package Menu.lnk -> [2009.01.24 22:27:02 | 00,000,893 | ---- | M] () Picture Package destination folder.lnk -> %AllUsersProfile%\Desktop\Picture Package destination folder.lnk -> [2009.01.24 22:27:02 | 00,000,887 | ---- | M] () Picture Package Menu.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Picture Package Menu.lnk -> [2009.01.24 22:27:02 | 00,000,763 | ---- | M] () Picture Package VCD Maker.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk -> [2009.01.24 22:26:55 | 00,000,813 | ---- | M] () IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2009.01.24 17:40:51 | 04,814,698 | -H-- | M] () Nero StartSmart.lnk -> %AllUsersProfile%\Desktop\Nero StartSmart.lnk -> [2009.01.24 17:09:12 | 00,002,369 | ---- | M] () PIXELA ImageMixer Ver.1.0 for Sony.lnk -> %AllUsersProfile%\Desktop\PIXELA ImageMixer Ver.1.0 for Sony.lnk -> [2009.01.24 14:10:52 | 00,001,673 | ---- | M] () GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009.01.23 10:13:12 | 00,068,456 | ---- | M] () bassmod.dll -> %UserProfile%\Local Settings\Temp\bassmod.dll -> [2009.01.23 10:12:12 | 00,034,308 | ---- | M] () Dartfish Connect.lnk -> %AllUsersProfile%\Desktop\Dartfish Connect.lnk -> [2009.01.22 13:09:17 | 00,001,834 | ---- | M] () kdna4c6.tgz -> %SystemRoot%\System32\kdna4c6.tgz -> [2009.01.22 13:06:59 | 00,001,024 | ---- | M] () kdna4c6.dll -> %SystemRoot%\System32\kdna4c6.dll -> [2009.01.22 13:06:59 | 00,001,024 | ---- | M] () grcauth2.dll -> %SystemRoot%\System32\grcauth2.dll -> [2009.01.22 13:06:54 | 00,001,024 | ---- | M] () grcauth1.dll -> %SystemRoot%\System32\grcauth1.dll -> [2009.01.22 13:06:54 | 00,001,024 | ---- | M] () clauth2.dll -> %SystemRoot%\System32\clauth2.dll -> [2009.01.22 13:06:49 | 00,001,024 | ---- | M] () clauth1.dll -> %SystemRoot%\System32\clauth1.dll -> [2009.01.22 13:06:49 | 00,001,024 | ---- | M] () ssprs.dll -> %SystemRoot%\System32\ssprs.dll -> [2009.01.22 13:06:48 | 00,000,072 | ---- | M] () web'n'walk Manager.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\web'n'walk Manager.lnk -> [2009.01.22 11:06:59 | 00,000,943 | ---- | M] () web'n'walk Manager.lnk -> %AllUsersProfile%\Desktop\web'n'walk Manager.lnk -> [2009.01.22 11:06:59 | 00,000,913 | ---- | M] () opa12.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [2009.01.22 11:04:36 | 00,008,206 | ---- | M] () imsins.BAK -> %SystemRoot%\imsins.BAK -> [2009.01.21 04:56:54 | 00,001,374 | ---- | M] () desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [2009.01.21 04:39:15 | 00,000,078 | -HS- | M] () MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [2009.01.21 04:07:51 | 00,000,000 | -H-- | M] () vpc32.INI -> %SystemRoot%\vpc32.INI -> [2009.01.21 03:12:42 | 00,000,000 | ---- | M] () SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> [2009.01.21 03:01:47 | 00,110,952 | ---- | M] (Symantec Corporation) S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> [2009.01.21 03:01:47 | 00,048,768 | ---- | M] (Symantec Corporation) SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [2009.01.21 03:01:47 | 00,008,014 | ---- | M] () SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [2009.01.21 03:01:47 | 00,000,805 | ---- | M] () desktop.ini -> %AppData%\desktop.ini -> [2009.01.21 02:14:15 | 00,000,062 | -HS- | M] () Msft_Kernel_HpqKbFiltr_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf -> [2009.01.21 01:47:17 | 00,000,000 | -H-- | M] () MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> %SystemRoot%\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> [2009.01.21 01:47:15 | 00,000,000 | -H-- | M] () REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [2009.01.21 01:31:21 | 00,008,192 | ---- | M] () desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [2009.01.21 01:26:49 | 00,000,084 | -HS- | M] () MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [2009.01.21 01:26:40 | 00,000,000 | RHS- | M] () IO.SYS -> %SystemDrive%\IO.SYS -> [2009.01.21 01:26:40 | 00,000,000 | RHS- | M] () control.ini -> %SystemRoot%\control.ini -> [2009.01.21 01:26:40 | 00,000,000 | ---- | M] () CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [2009.01.21 01:26:40 | 00,000,000 | ---- | M] () WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [2009.01.21 01:26:31 | 00,316,640 | ---- | M] () vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [2009.01.21 01:22:38 | 00,000,037 | ---- | M] () vb.ini -> %SystemRoot%\vb.ini -> [2009.01.21 01:22:38 | 00,000,036 | ---- | M] () dsetup32.dll -> %UserProfile%\Local Settings\Temp\NERO1002626\unit_tpi_directx-9c-redist-d3dx9-30\dsetup32.dll -> [2008.10.10 08:09:07 | 02,248,984 | ---- | M] (Microsoft Corporation) DXSETUP.exe -> %UserProfile%\Local Settings\Temp\NERO1002626\unit_tpi_directx-9c-redist-d3dx9-30\DXSETUP.exe -> [2008.10.10 08:09:07 | 00,484,632 | ---- | M] (Microsoft Corporation) DSETUP.dll -> %UserProfile%\Local Settings\Temp\NERO1002626\unit_tpi_directx-9c-redist-d3dx9-30\DSETUP.dll -> [2008.10.10 08:09:07 | 00,074,520 | ---- | M] (Microsoft Corporation) WindowsInstaller-KB893803-v2-x86.exe -> %UserProfile%\Local Settings\Temp\NERO1002626\unit_tpi_windows-installer-3.1\WindowsInstaller-KB893803-v2-x86.exe -> [2008.10.10 08:08:20 | 02,585,872 | ---- | M] (Microsoft Corporation) vcredist_x86.exe -> %UserProfile%\Local Settings\Temp\NERO1002626\unit_tpi_vcredist-x86-2005Sp1\vcredist_x86.exe -> [2008.10.10 08:05:58 | 02,723,264 | ---- | M] (Microsoft Corporation) Toolbar.exe -> %UserProfile%\Local Settings\Temp\NERO1002626\unit_app_75\Toolbar.exe -> [2008.10.10 08:05:07 | 00,503,808 | ---- | M] () ipclog.exe -> %UserProfile%\Local Settings\Temp\NERO1002626\ipclog.exe -> [2008.10.09 18:16:49 | 00,111,912 | ---- | M] (Nero AG) setupx.exe -> %UserProfile%\Local Settings\Temp\NERO1002626\setupx.exe -> [2008.10.09 18:16:48 | 05,870,888 | ---- | M] (Nero AG) unicows.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\unicows.dll -> [2005.09.23 07:57:06 | 00,245,408 | R--- | M] (Microsoft Corporation) install.exe -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.exe -> [2005.09.23 07:01:16 | 00,609,472 | ---- | M] (Microsoft Corporation) install.res.1053.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1053.dll -> [2005.09.23 06:47:32 | 00,081,920 | ---- | M] (Microsoft Corporation) install.res.1055.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1055.dll -> [2005.09.23 06:47:32 | 00,080,896 | ---- | M] (Microsoft Corporation) install.res.1049.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1049.dll -> [2005.09.23 06:47:30 | 00,082,432 | ---- | M] (Microsoft Corporation) install.res.2070.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.2070.dll -> [2005.09.23 06:47:06 | 00,084,480 | ---- | M] (Microsoft Corporation) install.res.1046.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1046.dll -> [2005.09.23 06:47:04 | 00,082,432 | ---- | M] (Microsoft Corporation) install.res.1045.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1045.dll -> [2005.09.23 06:46:40 | 00,083,456 | ---- | M] (Microsoft Corporation) install.res.1043.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1043.dll -> [2005.09.23 06:46:38 | 00,083,456 | ---- | M] (Microsoft Corporation) install.res.1044.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1044.dll -> [2005.09.23 06:46:38 | 00,081,920 | ---- | M] (Microsoft Corporation) install.res.1042.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1042.dll -> [2005.09.23 06:44:58 | 00,080,896 | ---- | M] (Microsoft Corporation) install.res.1041.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1041.dll -> [2005.09.23 06:42:58 | 00,080,896 | ---- | M] (Microsoft Corporation) install.res.1040.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1040.dll -> [2005.09.23 06:40:56 | 00,084,480 | ---- | M] (Microsoft Corporation) install.res.1038.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1038.dll -> [2005.09.23 06:40:32 | 00,083,968 | ---- | M] (Microsoft Corporation) install.res.1037.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1037.dll -> [2005.09.23 06:40:30 | 00,080,896 | ---- | M] (Microsoft Corporation) install.res.1036.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1036.dll -> [2005.09.23 06:38:52 | 00,086,016 | ---- | M] (Microsoft Corporation) install.res.1035.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1035.dll -> [2005.09.23 06:38:26 | 00,081,408 | ---- | M] (Microsoft Corporation) install.res.3082.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.3082.dll -> [2005.09.23 06:36:48 | 00,085,504 | ---- | M] (Microsoft Corporation) install.res.1032.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1032.dll -> [2005.09.23 06:36:24 | 00,087,552 | ---- | M] (Microsoft Corporation) install.res.1031.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1031.dll -> [2005.09.23 06:34:44 | 00,085,504 | ---- | M] (Microsoft Corporation) install.res.1030.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1030.dll -> [2005.09.23 06:34:12 | 00,081,920 | ---- | M] (Microsoft Corporation) install.res.1029.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1029.dll -> [2005.09.23 06:34:10 | 00,082,944 | ---- | M] (Microsoft Corporation) install.res.1028.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1028.dll -> [2005.09.23 06:32:24 | 00,080,896 | ---- | M] (Microsoft Corporation) install.res.2052.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.2052.dll -> [2005.09.23 06:30:18 | 00,080,896 | ---- | M] (Microsoft Corporation) install.res.3076.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.3076.dll -> [2005.09.23 06:29:50 | 00,080,896 | ---- | M] (Microsoft Corporation) install.res.1025.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1025.dll -> [2005.09.23 06:29:48 | 00,080,896 | ---- | M] (Microsoft Corporation) mscoree.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\mscoree.dll -> [2005.09.23 04:30:40 | 00,270,848 | ---- | M] (Microsoft Corporation) install.res.1033.dll -> %UserProfile%\Local Settings\Temp\IS4.tmp\install.res.1033.dll -> [2005.09.23 03:46:14 | 00,080,896 | ---- | M] (Microsoft Corporation) [Alternate Data Streams] @Alternate Data Stream - 351568 bytes -> %UserProfile%\Local Settings\Temp\WERea2f.dir00\svchost.exe:ext.exe.hdmp @Alternate Data Stream - 61248 bytes -> %UserProfile%\Local Settings\Temp\WERea2f.dir00\svchost.exe:ext.exe.mdmp [CatchMe Rootkit Scan by GMER] Rootkit scan error - could not find scan log Rootkit scan error - could not find scan log < End of report > [/code]