[code] OTS logfile created on: 1/30/2010 11:33:06 PM - Run 1 OTS by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Rebecca Cooper\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 382.00 Mb Total Physical Memory | 257.00 Mb Available Physical Memory | 67.00% Memory free 920.00 Mb Paging File | 694.00 Mb Available in Paging File | 75.00% Paging File free Paging file location(s): c:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111.78 Gb Total Space | 90.66 Gb Free Space | 81.10% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: RCOOPER Current User Name: Rebecca Cooper Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\OTS.exe -> [2010/01/30 23:30:05 | 000,632,320 | ---- | M] (OldTimer Tools) jqs.exe -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/07/25 04:23:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) avguard.exe -> C:\Program Files\Avira\AntiVir Desktop\avguard.exe -> [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) sched.exe -> C:\Program Files\Avira\AntiVir Desktop\sched.exe -> [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) avgnt.exe -> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe -> [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) rthdcpl.exe -> C:\WINDOWS\RTHDCPL.EXE -> [2008/11/07 15:40:52 | 017,421,824 | ---- | M] (Realtek Semiconductor Corp.) explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) [Modules - Safe List] ots.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\OTS.exe -> [2010/01/30 23:30:05 | 000,632,320 | ---- | M] (OldTimer Tools) [Win32 Services - Safe List] (JavaQuickStarterService) Java Quick Starter [Auto | Running] -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/07/25 04:23:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) (AntiVirService) Avira AntiVir Guard [Auto | Running] -> C:\Program Files\Avira\AntiVir Desktop\avguard.exe -> [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) (GameConsoleService) GameConsoleService [On_Demand | Stopped] -> C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe -> [2009/07/16 18:16:44 | 000,250,616 | ---- | M] (WildTangent, Inc.) (AntiVirSchedulerService) Avira AntiVir Scheduler [Auto | Running] -> C:\Program Files\Avira\AntiVir Desktop\sched.exe -> [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Driver Services - All] (WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found (ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found (TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found (symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found (Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found (ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found (ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found (ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found (ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found (perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found (perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found (PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found (IntelIde) IntelIde [Kernel | Disabled | Stopped] -> -> File not found (ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found (i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found (i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found (hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found (EagleNT) EagleNT [Kernel | On_Demand | Stopped] -> -> File not found (dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found (dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found (Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found (Changer) Changer [Kernel | System | Stopped] -> -> File not found (cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found (catchme) catchme [Kernel | On_Demand | Stopped] -> -> File not found (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found (asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found (asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found (asc) asc [Kernel | Disabled | Stopped] -> -> File not found (amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found (AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found (aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found (Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found (abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found (avgntflt) avgntflt [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\avgntflt.sys -> [2009/12/08 06:00:43 | 000,056,816 | ---- | M] (Avira GmbH) (HTTP) HTTP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\http.sys -> [2009/10/20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) (KSecDD) KSecDD [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\ksecdd.sys -> [2009/06/24 06:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) (ssmdrv) ssmdrv [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\ssmdrv.sys -> [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) (avipbb) avipbb [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\avipbb.sys -> [2009/03/30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) (avgio) avgio [Kernel | System | Running] -> C:\Program Files\Avira\AntiVir Desktop\avgio.sys -> [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) (Srv) Srv [File_System | On_Demand | Running] -> C:\WINDOWS\system32\drivers\srv.sys -> [2008/12/11 05:57:09 | 000,333,952 | ---- | M] (Microsoft Corporation) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.sys -> [2008/11/11 16:21:52 | 004,946,944 | ---- | M] (Realtek Semiconductor Corp.) (MRxSmb) MRxSmb [File_System | System | Running] -> C:\WINDOWS\system32\drivers\mrxsmb.sys -> [2008/10/24 06:21:09 | 000,455,296 | ---- | M] (Microsoft Corporation) (AFD) AFD [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\afd.sys -> [2008/08/14 05:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) (Tcpip) TCP/IP Protocol Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\tcpip.sys -> [2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) (RDPWD) RDPWD [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\rdpwd.sys -> [2008/04/13 19:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) (TDTCP) TDTCP [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\tdtcp.sys -> [2008/04/13 19:13:21 | 000,021,896 | ---- | M] (Microsoft Corporation) (TermDD) Terminal Device Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\termdd.sys -> [2008/04/13 19:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) (TDPIPE) TDPIPE [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\tdpipe.sys -> [2008/04/13 19:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) (Rdbss) Rdbss [File_System | System | Running] -> C:\WINDOWS\system32\drivers\rdbss.sys -> [2008/04/13 14:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) (NetBT) NetBios over Tcpip [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\netbt.sys -> [2008/04/13 14:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) (NdisWan) Remote Access NDIS WAN Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ndiswan.sys -> [2008/04/13 14:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) (NDIS) NDIS System Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\ndis.sys -> [2008/04/13 14:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) (PptpMiniport) WAN Miniport (PPTP) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\raspptp.sys -> [2008/04/13 14:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) (Rasl2tp) WAN Miniport (L2TP) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rasl2tp.sys -> [2008/04/13 14:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) (IPSec) IPSEC driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\ipsec.sys -> [2008/04/13 14:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) (i8042prt) i8042 Keyboard and PS/2 Mouse Port Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\i8042prt.sys -> [2008/04/13 14:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) (wdmaud) Microsoft WINMM WDM Audio Compatibility Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\wdmaud.sys -> [2008/04/13 14:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) (Mup) Mup [File_System | Boot | Running] -> C:\WINDOWS\system32\drivers\mup.sys -> [2008/04/13 14:17:05 | 000,105,344 | ---- | M] (Microsoft Corporation) (sysaudio) Microsoft Kernel System Audio Device [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sysaudio.sys -> [2008/04/13 14:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) (Ntfs) Ntfs [File_System | Disabled | Running] -> C:\WINDOWS\system32\drivers\ntfs.sys -> [2008/04/13 14:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) (Serial) Serial port driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\serial.sys -> [2008/04/13 14:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) (Fastfat) Fastfat [File_System | Disabled | Stopped] -> C:\WINDOWS\system32\drivers\fastfat.sys -> [2008/04/13 14:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) (Cdfs) Cdfs [File_System | Disabled | Running] -> C:\WINDOWS\system32\drivers\cdfs.sys -> [2008/04/13 14:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) (Modem) Modem [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\modem.sys -> [2008/04/13 14:00:19 | 000,030,080 | ---- | M] (Microsoft Corporation) (RasPppoe) Remote Access PPPOE Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\raspppoe.sys -> [2008/04/13 13:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) (NDProxy) NDIS Proxy [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ndproxy.sys -> [2008/04/13 13:57:29 | 000,040,576 | ---- | M] (Microsoft Corporation) (AsyncMac) RAS Asynchronous Media Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\asyncmac.sys -> [2008/04/13 13:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) (NdisTapi) Remote Access NDIS TAPI Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ndistapi.sys -> [2008/04/13 13:57:27 | 000,010,112 | ---- | M] (Microsoft Corporation) (Wanarp) Remote Access IP ARP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\wanarp.sys -> [2008/04/13 13:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) (IpNat) IP Network Address Translator [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ipnat.sys -> [2008/04/13 13:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) (IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ipinip.sys -> [2008/04/13 13:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) (PSched) QoS Packet Scheduler [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\psched.sys -> [2008/04/13 13:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) (Gpc) Generic Packet Classifier [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\msgpc.sys -> [2008/04/13 13:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) (NetBIOS) NetBIOS Interface [File_System | System | Running] -> C:\WINDOWS\system32\drivers\netbios.sys -> [2008/04/13 13:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) (Ndisuio) NDIS Usermode I/O Protocol [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ndisuio.sys -> [2008/04/13 13:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) (IRENUM) IR Enumerator Service [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\irenum.sys -> [2008/04/13 13:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) (Ip6Fw) IPv6 Windows Firewall Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ip6fw.sys -> [2008/04/13 13:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) (Atmarpc) ATM ARP Client Protocol [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\atmarpc.sys -> [2008/04/13 13:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) (USBSTOR) USB Mass Storage Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbstor.sys -> [2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) (usbhub) USB2 Enabled Hub [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\usbhub.sys -> [2008/04/13 13:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) (usbehci) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\usbehci.sys -> [2008/04/13 13:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) (usbuhci) Microsoft USB Universal Host Controller Miniport Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\usbuhci.sys -> [2008/04/13 13:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) (hidusb) Microsoft HID Class Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hidusb.sys -> [2008/04/13 13:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) (drmkaud) Microsoft Kernel DRM Audio Descrambler [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\drmkaud.sys -> [2008/04/13 13:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) (kmixer) Microsoft Kernel Wave Audio Mixer [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\kmixer.sys -> [2008/04/13 13:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) (swmidi) Microsoft Kernel GS Wavetable Synthesizer [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\swmidi.sys -> [2008/04/13 13:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) (splitter) Microsoft Kernel Audio Splitter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\splitter.sys -> [2008/04/13 13:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) (DMusic) Microsoft Kernel DLS Syntheiszer [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\dmusic.sys -> [2008/04/13 13:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) (dmboot) dmboot [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\drivers\dmboot.sys -> [2008/04/13 13:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) (dmio) dmio [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\drivers\dmio.sys -> [2008/04/13 13:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) (VgaSave) VGA Display Controller. [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\vga.sys -> [2008/04/13 13:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) (VolSnap) VolSnap [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\volsnap.sys -> [2008/04/13 13:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) (Imapi) CD-Burning Filter Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\imapi.sys -> [2008/04/13 13:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) (PartMgr) Partition Manager [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\partmgr.sys -> [2008/04/13 13:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) (Sfloppy) Sfloppy [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\sfloppy.sys -> [2008/04/13 13:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) (Disk) Disk Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\disk.sys -> [2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) (Cdrom) CD-ROM Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\cdrom.sys -> [2008/04/13 13:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) (ViaIde) ViaIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\viaide.sys -> [2008/04/13 13:40:31 | 000,005,376 | ---- | M] (Microsoft Corporation) (atapi) Standard IDE/ESDI Hard Disk Controller [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\atapi.sys -> [2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) (redbook) Digital CD Audio Playback Filter Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\redbook.sys -> [2008/04/13 13:40:27 | 000,057,600 | ---- | M] (Microsoft Corporation) (Fdc) Floppy Disk Controller Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\fdc.sys -> [2008/04/13 13:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) (Flpydisk) Flpydisk [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\flpydisk.sys -> [2008/04/13 13:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) (serenum) Serenum Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\serenum.sys -> [2008/04/13 13:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) (Parport) Parallel port driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\parport.sys -> [2008/04/13 13:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) (swenum) Software Bus Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\swenum.sys -> [2008/04/13 13:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) (MSKSSRV) Microsoft Streaming Service Proxy [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mskssrv.sys -> [2008/04/13 13:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) (MSPQM) Microsoft Streaming Quality Manager Proxy [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mspqm.sys -> [2008/04/13 13:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) (MSPCLOCK) Microsoft Streaming Clock Proxy [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mspclock.sys -> [2008/04/13 13:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) (Kbdclass) Keyboard Class Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\kbdclass.sys -> [2008/04/13 13:39:47 | 000,024,576 | ---- | M] (Microsoft Corporation) (Mouclass) Mouse Class Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\mouclass.sys -> [2008/04/13 13:39:47 | 000,023,040 | ---- | M] (Microsoft Corporation) (Update) Microcode Update Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\update.sys -> [2008/04/13 13:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) (MountMgr) Mount Point Manager [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\mountmgr.sys -> [2008/04/13 13:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) (sr) System Restore Filter Driver [File_System | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sr.sys -> [2008/04/13 13:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) (mssmbios) Microsoft System Management BIOS Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mssmbios.sys -> [2008/04/13 13:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) (PCI) PCI Bus Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\pci.sys -> [2008/04/13 13:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) (Pcmcia) Pcmcia [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\drivers\pcmcia.sys -> [2008/04/13 13:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) (isapnp) PnP ISA/EISA Bus Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\isapnp.sys -> [2008/04/13 13:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) (uagp35) Microsoft AGPv3.5 Filter [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\uagp35.sys -> [2008/04/13 13:36:40 | 000,044,672 | ---- | M] (Microsoft Corporation) (ACPI) Microsoft ACPI Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ACPI.sys -> [2008/04/13 13:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) (Fips) Fips [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\fips.sys -> [2008/04/13 13:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) (FltMgr) FltMgr [File_System | Boot | Running] -> C:\WINDOWS\system32\drivers\fltmgr.sys -> [2008/04/13 13:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) (MRxDAV) WebDav Client Redirector [File_System | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mrxdav.sys -> [2008/04/13 13:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) (Npfs) Npfs [File_System | System | Running] -> C:\WINDOWS\system32\drivers\npfs.sys -> [2008/04/13 13:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) (Msfs) Msfs [File_System | System | Running] -> C:\WINDOWS\system32\drivers\msfs.sys -> [2008/04/13 13:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) (Udfs) Udfs [File_System | Disabled | Stopped] -> C:\WINDOWS\system32\drivers\udfs.sys -> [2008/04/13 13:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) (intelppm) Intel Processor Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\intelppm.sys -> [2008/04/13 13:31:32 | 000,036,352 | ---- | M] (Microsoft Corporation) (aec) Microsoft Kernel Acoustic Echo Canceller [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\aec.sys -> [2008/04/13 11:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2007/11/13 03:47:45 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (UCharger) Energizer Usb Charger Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\UCharger.sys -> [2007/05/15 06:43:50 | 000,013,765 | ---- | M] () (WudfRd) Windows Driver Foundation - User-mode Driver Framework Reflector [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\WudfRd.sys -> [2006/09/28 18:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) (WudfPf) Windows Driver Foundation - User-mode Driver Framework Platform Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\WudfPf.sys -> [2006/09/28 17:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) (Ftdisk) Volume Manager Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ftdisk.sys -> [2004/08/04 07:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) (IpFilterDriver) IP Traffic Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ipfltdrv.sys -> [2004/08/04 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) (NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nwlnkfwd.sys -> [2004/08/04 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) (Cdaudio) Cdaudio [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\cdaudio.sys -> [2004/08/04 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2004/08/04 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) (Raspti) Direct Parallel [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\raspti.sys -> [2004/08/04 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) (cbidf2k) cbidf2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\drivers\cbidf2k.sys -> [2004/08/04 07:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) (NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nwlnkflt.sys -> [2004/08/04 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) (mouhid) Mouse HID Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mouhid.sys -> [2004/08/04 07:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) (WS2IFSL) Windows Socket 2.0 Non-IFS Service Provider Support Environment [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\ws2ifsl.sys -> [2004/08/04 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) (ACPIEC) ACPIEC [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\drivers\acpiec.sys -> [2004/08/04 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) (RasAcd) Remote Access Auto Connection Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\rasacd.sys -> [2004/08/04 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) (ParVdm) ParVdm [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\parvdm.sys -> [2004/08/04 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) (dmload) dmload [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\drivers\dmload.sys -> [2004/08/04 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) (RDPCDD) RDPCDD [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\rdpcdd.sys -> [2004/08/04 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) (mnmdd) mnmdd [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\mnmdd.sys -> [2004/08/04 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) (Beep) Beep [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\beep.sys -> [2004/08/04 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) (PCIIde) PCIIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\pciide.sys -> [2004/08/04 07:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) (Null) Null [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\null.sys -> [2004/08/04 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2004/08/03 17:29:28 | 000,701,440 | ---- | M] (ATI Technologies Inc.) (FETNDIS) VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\fetnd5.sys -> [2001/08/17 12:13:08 | 000,027,165 | ---- | M] (VIA Technologies, Inc. ) (audstub) Audio Stub Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\audstub.sys -> [2001/08/17 08:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Registry - All] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Page_Transitions" -> 1 -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\"Page_Transitions" -> 1 -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.google.com/ -> HKEY_CURRENT_USER\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\WINDOWS\system32\ieframe.dll [Microsoft Url Search Hook] -> [2009/12/21 14:14:02 | 011,070,464 | ---- | M] (Microsoft Corporation) HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Rebecca Cooper\Application Data\Mozilla\FireFox\Profiles\im81q534.default\prefs.js -> browser.startup.homepage -> "http://www.google.com/" -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15 -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> {20a82645-c095-46ed-80e3-08825760534b}:1.1 -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/06/23 21:41:23 | 000,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com -> C:\Program Files\Java\jre6\lib\deploy\jqs\ff [C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF] -> [2009/05/13 07:46:04 | 000,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\{CE436162-C178-4635-BFA4-F00E8FBFEF6C} -> C:\DOCUMENTS AND SETTINGS\REBECCA COOPER\LOCAL SETTINGS\APPLICATION DATA\{CE436162-C178-4635-BFA4-F00E8FBFEF6C} -> HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/01/06 18:46:18 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/01/29 18:39:56 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\Rebecca Cooper\Application Data\Mozilla\Extensions -> [2009/06/28 23:33:40 | 000,000,000 | ---D | M] No name found -> C:\Documents and Settings\Rebecca Cooper\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2009/06/28 23:33:40 | 000,000,000 | ---D | M] -> C:\Documents and Settings\Rebecca Cooper\Application Data\Mozilla\Firefox\Profiles\im81q534.default\extensions -> [2010/01/30 23:11:59 | 000,000,000 | ---D | M] Microsoft .NET Framework Assistant -> C:\Documents and Settings\Rebecca Cooper\Application Data\Mozilla\Firefox\Profiles\im81q534.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/06/29 00:27:20 | 000,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2010/01/30 23:11:59 | 000,000,000 | ---D | M] Default -> C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2010/01/06 18:46:18 | 000,000,000 | ---D | M] Java Console -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} -> [2009/09/12 20:19:16 | 000,000,000 | ---D | M] < HOSTS File > (27 bytes and 1 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/01/22 14:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/07/25 04:23:03 | 000,041,760 | ---- | M] (Sun Microsystems, Inc.) {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/07/25 04:22:43 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\"{01E04581-4EEE-11D0-BFE9-00AA005B4383}" [HKLM] -> C:\WINDOWS\system32\browseui.dll [&Address] -> [2008/04/13 19:11:50 | 001,025,024 | ---- | M] (Microsoft Corporation) ShellBrowser\\"{0E5CBF21-D15F-11D0-8301-00AA005B4383}" [HKLM] -> C:\WINDOWS\system32\shell32.dll [&Links] -> [2008/06/17 14:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) WebBrowser\\"{01E04581-4EEE-11D0-BFE9-00AA005B4383}" [HKLM] -> C:\WINDOWS\system32\browseui.dll [&Address] -> [2008/04/13 19:11:50 | 001,025,024 | ---- | M] (Microsoft Corporation) WebBrowser\\"{0E5CBF21-D15F-11D0-8301-00AA005B4383}" [HKLM] -> C:\WINDOWS\system32\shell32.dll [&Links] -> [2008/06/17 14:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) WebBrowser\\"{472734EA-242A-422B-ADF8-83D1E48CC825}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe ARM" -> C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ["C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] -> [2009/09/04 12:08:30 | 000,935,288 | R--- | M] (Adobe Systems Incorporated) "Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/10/03 04:08:38 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) "avgnt" -> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) "RTHDCPL" -> C:\WINDOWS\RTHDCPL.EXE [RTHDCPL.EXE] -> [2008/11/07 15:40:52 | 017,421,824 | ---- | M] (Realtek Semiconductor Corp.) "SunJavaUpdateSched" -> C:\Program Files\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/07/25 04:23:12 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "ctfmon.exe" -> C:\WINDOWS\system32\ctfmon.exe [C:\WINDOWS\system32\ctfmon.exe] -> [2008/04/13 19:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation) "msnmsgr" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background] -> [2009/07/26 16:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) < All Users.WINDOWS Startup Folder > -> C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup -> < Rebecca Cooper Startup Folder > -> C:\Documents and Settings\Rebecca Cooper\Start Menu\Programs\Startup -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main \Main\\"DisableFirstRunCustomize" -> [1] -> File not found < Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found \\"DisableRegistryTools" -> [0] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 23:23:34 | 000,558,080 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/14 04:42:30 | 001,695,232 | -HS- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/14 04:42:30 | 001,695,232 | -HS- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 23:23:34 | 000,558,080 | ---- | M] (Microsoft Corporation) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:42:30 | 001,695,232 | -HS- | M] (Microsoft Corporation) < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7 domain(s) found. -> 5 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {055B4212-4C81-448E-AFA9-C3CA4AAE8F95} [HKLM] -> http://games.bigfishgames.com/en_dairy-dash-game/online/DairyDashWeb.1.0.0.15.cab [CPlayFirstDairyDashWControl Object] -> {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} [HKLM] -> http://games.bigfishgames.com/en_cooking-dash/online/CookingDashWeb.1.0.0.9.cab [CPlayFirstCookingDasControl Object] -> {1CDFA4E8-3396-439D-8C9D-AD0E32DE94B6} [HKLM] -> http://www.arcadetown.com/swf/tastyplanet.1.0.0.4.cab [CPlayFirsttastyplanetControl Object] -> {8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab [Facebook Photo Uploader 5 Control] -> {8ADC4409-4FBF-4224-B73F-2392C721BCB4} [HKLM] -> http://games.bigfishgames.com/en_butterflyescape/online/GenimoWebGamesControl.cab [GenimoWebGames Control] -> {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} [HKLM] -> http://games.bigfishgames.com/en_burger-shop/online/GoBitGamesPlayer_v4.cab [GoBit Games Player] -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> {E9B80D94-D8BC-43DE-9138-75605A8D9666} [HKLM] -> http://zone.msn.com/bingame/wedd/default/WeddingDash.1.0.0.50.cab [CPlayFirstWeddingDasControl Object] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.2.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {3AB791B3-C287-41A3-97A2-9590EC30B539}\\DhcpNameServer -> 192.168.2.1 (VIA Compatable Fast Ethernet Adapter) -> {3AB791B3-C287-41A3-97A2-9590EC30B539}\\NameServer -> 93.188.162.14,93.188.166.53 (VIA Compatable Fast Ethernet Adapter) -> IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles "MaxScriptStatements" -> Reg Error: Invalid data type. "Use My Stylesheet" -> Reg Error: Invalid data type. < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\WINDOWS\system32\userinit.exe -> C:\WINDOWS\system32\userinit.exe -> [2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> logonui.exe -> C:\WINDOWS\System32\logonui.exe -> [2008/04/13 19:12:24 | 000,514,560 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> C:\WINDOWS\System32\shell32.dll -> [2008/06/17 14:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) Control_RunDLL "sysdm.cpl" -> C:\WINDOWS\System32\sysdm.cpl -> [2008/04/13 19:12:41 | 000,300,544 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> crypt32chain -> C:\WINDOWS\System32\crypt32.dll -> [2008/04/13 19:11:51 | 000,599,040 | ---- | M] (Microsoft Corporation) cryptnet -> C:\WINDOWS\System32\cryptnet.dll -> [2008/04/13 19:11:51 | 000,064,512 | ---- | M] (Microsoft Corporation) cscdll -> C:\WINDOWS\System32\cscdll.dll -> [2008/04/13 19:11:51 | 000,101,888 | ---- | M] (Microsoft Corporation) dimsntfy -> C:\WINDOWS\system32\dimsntfy.dll -> [2008/04/13 19:11:52 | 000,019,456 | ---- | M] (Microsoft Corporation) ScCertProp -> C:\WINDOWS\System32\wlnotify.dll -> [2008/04/13 19:12:09 | 000,092,672 | ---- | M] (Microsoft Corporation) Schedule -> C:\WINDOWS\System32\wlnotify.dll -> [2008/04/13 19:12:09 | 000,092,672 | ---- | M] (Microsoft Corporation) sclgntfy -> C:\WINDOWS\System32\sclgntfy.dll -> [2008/04/13 19:12:05 | 000,020,480 | ---- | M] (Microsoft Corporation) SensLogn -> C:\WINDOWS\System32\wlnotify.dll -> [2008/04/13 19:12:09 | 000,092,672 | ---- | M] (Microsoft Corporation) termsrv -> C:\WINDOWS\System32\wlnotify.dll -> [2008/04/13 19:12:09 | 000,092,672 | ---- | M] (Microsoft Corporation) wlballoon -> C:\WINDOWS\System32\wlnotify.dll -> [2008/04/13 19:12:09 | 000,092,672 | ---- | M] (Microsoft Corporation) < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{fbeb8a05-beee-4442-804e-409d6c4515e9}" [HKLM] -> C:\WINDOWS\system32\shell32.dll [CDBurn] -> [2008/06/17 14:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) "{7849596a-48ea-486e-8937-a2a3009f31a9}" [HKLM] -> C:\WINDOWS\system32\shell32.dll [PostBootReminder] -> [2008/06/17 14:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) "{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKLM] -> C:\WINDOWS\system32\stobject.dll [SysTray] -> [2008/04/13 19:12:07 | 000,121,856 | ---- | M] (Microsoft Corporation) "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> C:\WINDOWS\system32\webcheck.dll [WebCheck] -> [2009/03/08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKLM] -> C:\WINDOWS\system32\WPDShServiceObj.dll [WPDShServiceObj] -> [2006/10/18 20:47:22 | 000,133,632 | ---- | M] (Microsoft Corporation) < SharedTaskScheduler [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler -> "{438755C2-A8BA-11D1-B96B-00A0C90312E1}" [HKLM] -> C:\WINDOWS\system32\browseui.dll [Browseui preloader] -> [2008/04/13 19:11:50 | 001,025,024 | ---- | M] (Microsoft Corporation) "{8C7461EF-2B13-11d2-BE35-3078302C2030}" [HKLM] -> C:\WINDOWS\system32\browseui.dll [Component Categories cache daemon] -> [2008/04/13 19:11:50 | 001,025,024 | ---- | M] (Microsoft Corporation) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> C:\WINDOWS\System32\shell32.dll [] -> [2008/06/17 14:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> *SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> msapsspc.dll -> C:\WINDOWS\System32\msapsspc.dll -> [2008/04/13 19:11:58 | 000,086,016 | ---- | M] (Microsoft Corporation) schannel.dll -> C:\WINDOWS\System32\schannel.dll -> [2009/06/25 03:25:26 | 000,147,456 | ---- | M] (Microsoft Corporation) digest.dll -> C:\WINDOWS\System32\digest.dll -> [2008/04/13 19:11:52 | 000,068,608 | ---- | M] (Microsoft Corporation) msnsspc.dll -> C:\WINDOWS\System32\msnsspc.dll -> [2008/04/13 19:12:00 | 000,290,816 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> *LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> C:\WINDOWS\System32\msv1_0.dll -> [2009/09/11 09:18:39 | 000,136,192 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> *LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> C:\WINDOWS\System32\kerberos.dll -> [2009/06/25 03:25:26 | 000,301,568 | ---- | M] (Microsoft Corporation) msv1_0 -> C:\WINDOWS\System32\msv1_0.dll -> [2009/09/11 09:18:39 | 000,136,192 | ---- | M] (Microsoft Corporation) schannel -> C:\WINDOWS\System32\schannel.dll -> [2009/06/25 03:25:26 | 000,147,456 | ---- | M] (Microsoft Corporation) wdigest -> C:\WINDOWS\System32\wdigest.dll -> [2009/06/25 03:25:26 | 000,054,272 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 23:23:34 | 000,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 000,141,312 | ---- | M] (Microsoft Corporation) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" -> C:\Program Files\Pando Networks\Media Booster\PMB.exe [C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster] -> [2009/07/01 23:21:58 | 002,920,264 | ---- | M] () "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2009/07/26 16:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" -> C:\Program Files\Windows Live\Messenger\wlcsdk.exe [C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 17:21:00 | 000,583,024 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 23:23:34 | 000,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 000,141,312 | ---- | M] (Microsoft Corporation) "C:\Program Files\EA Games\American McGee's Alice Demo\alice.exe" -> C:\Program Files\EA Games\American McGee's Alice Demo\alice.exe [C:\Program Files\EA Games\American McGee's Alice Demo\alice.exe:*:Enabled:American McGee's Alice] -> [2000/11/27 17:07:36 | 001,454,142 | ---- | M] (Rogue Entertainment) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" -> C:\Program Files\Pando Networks\Media Booster\PMB.exe [C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster] -> [2009/07/01 23:21:58 | 002,920,264 | ---- | M] () "C:\Program Files\Vuze\Azureus.exe" -> C:\Program Files\Vuze\Azureus.exe [C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus] -> [2009/06/22 18:45:12 | 000,199,616 | ---- | M] (Vuze Inc.) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2009/07/26 16:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" -> C:\Program Files\Windows Live\Messenger\wlcsdk.exe [C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 17:21:00 | 000,583,024 | ---- | M] (Microsoft Corporation) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> [2009/05/21 21:27:52 | 004,351,216 | ---- | M] (Yahoo! Inc.) "C:\WINDOWS\system32\mmc.exe" -> C:\WINDOWS\System32\mmc.exe [C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console] -> [2008/04/13 19:12:25 | 001,414,656 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\spoolsv.exe" -> C:\WINDOWS\System32\spoolsv.exe [C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv] -> [2008/04/13 19:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\usmt\migwiz.exe" -> C:\WINDOWS\System32\usmt\migwiz.exe [C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard] -> [2008/04/13 19:12:25 | 000,245,248 | ---- | M] (Microsoft Corporation) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/03/29 22:13:24 | 000,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < AppCertDlls [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls -> [Registry - Additional Scans - Safe List] < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = ComFile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .html [@ = htmlfile] -> C:\Program Files\Internet Explorer\IEXPLORE.EXE -> [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKLM] -> No CLSID value msdaipp: [HKLM] -> No CLSID value < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"FirstRunDisabled" -> [1] -> File not found \\"AntiVirusDisableNotify" -> [0] -> File not found \\"FirewallDisableNotify" -> [0] -> File not found \\"AntiVirusOverride" -> [1] -> File not found \\"FirewallOverride" -> [0] -> File not found \\"UpdatesDisableNotify" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 {18D10072035C4515918F7E37EAFAACFC} -> AutoUpdate {205C6BDD-7B73-42DE-8505-9A093F35A238} -> Windows Live Upload Tool {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT {26A24AE4-039D-4CA4-87B4-2F83216013FF} -> Java(TM) 6 Update 15 {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP {3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform {45338B07-A236-4270-9A77-EBB4115517B5} -> Windows Live Sign-in Assistant {6D8D64BE-F500-55B6-705D-DFD08AFE0624} -> Acrobat.com {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 {7B63B2922B174135AFC0E1377DD81EC2} -> DivX {81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} -> Windows Live Essentials {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight {95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting {9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} -> Segoe UI {A2BCA9F1-566C-4805-97D1-7FDC93386723} -> Adobe AIR {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2 {A85FD55B-891B-4314-97A5-EA96C0BD80B5} -> Windows Live Messenger {AC76BA86-7AD7-1033-7B44-A92000000001} -> Adobe Reader 9.2 {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2 {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1 {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver {F6BD194C-4190-4D73-B1B1-C48C99921BFE} -> Windows Live Call 8461-7759-5462-8226 -> Vuze Adobe AIR -> Adobe AIR Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Adobe Shockwave Player -> Adobe Shockwave Player 11.5 Avira AntiVir Desktop -> Avira AntiVir Personal - Free Antivirus BFG-Avenue Flo -> Avenue Flo BFGC -> Big Fish Games: Game Manager BFG-Westward -> Westward BFG-Youda Farmer -> Youda Farmer com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Acrobat.com ie8 -> Windows Internet Explorer 8 Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1 Miss Management -> Miss Management (remove only) Mozilla Firefox (3.5.7) -> Mozilla Firefox (3.5.7) MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP OggDS -> Direct Show Ogg Vorbis Filter (remove only) Wild Tangent - Fate -> Wild Tangent - Fate WildTangent wildgames Master Uninstall -> WildGames Windows Media Format Runtime -> Windows Media Format 11 runtime Windows Media Player -> Windows Media Player 11 Windows XP Service Pack -> Windows XP Service Pack 3 WinLiveSuite_Wave3 -> Windows Live Essentials WMFDist11 -> Windows Media Format 11 runtime wmp11 -> Windows Media Player 11 Yahoo! Messenger -> Yahoo! Messenger < Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 1/2/2010 12:28:53 PM Computer Name = RCOOPER | Source = Application Error | ID = 1000 -> Description = Faulting application msfeedssync.exe, version 8.0.6001.18702, faulting module user32.dll, version 5.1.2600.2180, fault address 0x0000bbcd. Application [ Error ] 1/2/2010 12:33:47 PM Computer Name = RCOOPER | Source = Application Error | ID = 1000 -> Description = Faulting application msfeedssync.exe, version 8.0.6001.18702, faulting module user32.dll, version 5.1.2600.2180, fault address 0x0000bbcd. Application [ Error ] 1/2/2010 12:43:34 PM Computer Name = RCOOPER | Source = Application Error | ID = 1000 -> Description = Faulting application msfeedssync.exe, version 8.0.6001.18702, faulting module user32.dll, version 5.1.2600.2180, fault address 0x0000bbcd. Application [ Error ] 1/2/2010 12:48:28 PM Computer Name = RCOOPER | Source = Application Error | ID = 1000 -> Description = Faulting application msfeedssync.exe, version 8.0.6001.18702, faulting module user32.dll, version 5.1.2600.2180, fault address 0x0000bbcd. Application [ Error ] 1/2/2010 12:53:22 PM Computer Name = RCOOPER | Source = Application Error | ID = 1000 -> Description = Faulting application msfeedssync.exe, version 8.0.6001.18702, faulting module user32.dll, version 5.1.2600.2180, fault address 0x0000bbcd. Application [ Error ] 1/2/2010 12:58:16 PM Computer Name = RCOOPER | Source = Application Error | ID = 1000 -> Description = Faulting application msfeedssync.exe, version 8.0.6001.18702, faulting module user32.dll, version 5.1.2600.2180, fault address 0x0000bbcd. Application [ Error ] 1/2/2010 1:03:10 PM Computer Name = RCOOPER | Source = Application Error | ID = 1000 -> Description = Faulting application msfeedssync.exe, version 8.0.6001.18702, faulting module user32.dll, version 5.1.2600.2180, fault address 0x0000bbcd. Application [ Error ] 1/2/2010 1:08:03 PM Computer Name = RCOOPER | Source = Application Error | ID = 1000 -> Description = Faulting application msfeedssync.exe, version 8.0.6001.18702, faulting module user32.dll, version 5.1.2600.2180, fault address 0x0000bbcd. Application [ Error ] 1/2/2010 1:13:57 PM Computer Name = RCOOPER | Source = Application Error | ID = 1000 -> Description = Faulting application msfeedssync.exe, version 8.0.6001.18702, faulting module user32.dll, version 5.1.2600.2180, fault address 0x0000bbcd. Application [ Error ] 1/2/2010 1:18:51 PM Computer Name = RCOOPER | Source = Application Error | ID = 1000 -> Description = Faulting application msfeedssync.exe, version 8.0.6001.18702, faulting module user32.dll, version 5.1.2600.2180, fault address 0x0000bbcd. System [ Error ] 1/30/2010 2:37:11 AM Computer Name = RCOOPER | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: TfFsMon TfSysMon System [ Error ] 1/30/2010 2:47:48 PM Computer Name = RCOOPER | Source = Service Control Manager | ID = 7034 -> Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 1/30/2010 2:51:03 PM Computer Name = RCOOPER | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: TfFsMon TfSysMon System [ Error ] 1/30/2010 5:49:37 PM Computer Name = RCOOPER | Source = sr | ID = 1 -> Description = The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. System [ Error ] 1/30/2010 5:51:01 PM Computer Name = RCOOPER | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: TfFsMon TfSysMon System [ Error ] 1/30/2010 6:14:57 PM Computer Name = RCOOPER | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: TfFsMon TfSysMon System [ Error ] 1/30/2010 7:17:57 PM Computer Name = RCOOPER | Source = PlugPlayManager | ID = 11 -> Description = The device Root\LEGACY_TFFSMON\0000 disappeared from the system without first being prepared for removal. System [ Error ] 1/30/2010 7:17:57 PM Computer Name = RCOOPER | Source = PlugPlayManager | ID = 11 -> Description = The device Root\LEGACY_TFNETMON\0000 disappeared from the system without first being prepared for removal. System [ Error ] 1/30/2010 7:17:57 PM Computer Name = RCOOPER | Source = PlugPlayManager | ID = 11 -> Description = The device Root\LEGACY_TFSYSMON\0000 disappeared from the system without first being prepared for removal. System [ Error ] 1/30/2010 7:17:57 PM Computer Name = RCOOPER | Source = PlugPlayManager | ID = 11 -> Description = The device Root\LEGACY_TKQTI\0000 disappeared from the system without first being prepared for removal. [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\OTS.exe -> [2010/01/30 23:30:02 | 000,632,320 | ---- | C] (OldTimer Tools) Avenger -> C:\Avenger -> [2010/01/30 22:51:10 | 000,000,000 | ---D | C] avenger -> C:\Documents and Settings\Rebecca Cooper\Desktop\avenger -> [2010/01/30 22:48:31 | 000,000,000 | ---D | C] cmdcons -> C:\cmdcons -> [2010/01/30 17:02:54 | 000,000,000 | RHSD | C] SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/01/30 17:00:31 | 000,212,480 | ---- | C] (SteelWerX) SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/01/30 17:00:31 | 000,161,792 | ---- | C] (SteelWerX) SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/01/30 17:00:31 | 000,136,704 | ---- | C] (SteelWerX) NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/01/30 17:00:31 | 000,031,232 | ---- | C] (NirSoft) ERDNT -> C:\WINDOWS\ERDNT -> [2010/01/30 17:00:25 | 000,000,000 | ---D | C] Qoobox -> C:\Qoobox -> [2010/01/30 16:59:30 | 000,000,000 | ---D | C] _OTL -> C:\_OTL -> [2010/01/30 16:47:25 | 000,000,000 | ---D | C] tdsskiller -> C:\Documents and Settings\Rebecca Cooper\Desktop\tdsskiller -> [2010/01/30 13:55:36 | 000,000,000 | ---D | C] OTL.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\OTL.exe -> [2010/01/30 12:15:34 | 000,548,864 | ---- | C] (OldTimer Tools) gmer -> C:\Documents and Settings\Rebecca Cooper\Desktop\gmer -> [2010/01/29 22:01:23 | 000,000,000 | ---D | C] TFC.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\TFC.exe -> [2010/01/29 19:37:03 | 000,439,808 | ---- | C] (OldTimer Tools) Yahoo! -> C:\Documents and Settings\Rebecca Cooper\Local Settings\Application Data\Yahoo! -> [2010/01/26 18:12:18 | 000,000,000 | ---D | C] spmsg.dll -> C:\WINDOWS\System32\spmsg.dll -> [2010/01/25 21:51:13 | 000,016,760 | ---- | C] (Microsoft Corporation) irishTexting -> C:\Documents and Settings\Rebecca Cooper\Desktop\irishTexting -> [2010/01/22 14:47:27 | 000,000,000 | ---D | C] Avenue Flo -> C:\Program Files\Avenue Flo -> [2010/01/21 18:05:19 | 000,000,000 | ---D | C] Deployment -> C:\Documents and Settings\Rebecca Cooper\Local Settings\Application Data\Deployment -> [2010/01/16 11:45:04 | 000,000,000 | ---D | C] TDSSKiller.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\TDSSKiller.exe -> [2010/01/13 08:44:14 | 000,176,392 | ---- | C] (Kaspersky Lab) aclayers.dll -> C:\WINDOWS\System32\dllcache\aclayers.dll -> [2010/01/12 14:15:26 | 000,471,552 | ---- | C] (Microsoft Corporation) Hot Lava Games -> C:\Documents and Settings\All Users.WINDOWS\Application Data\Hot Lava Games -> [2010/01/11 22:33:29 | 000,000,000 | ---D | C] Genimo -> C:\Documents and Settings\All Users.WINDOWS\Application Data\Genimo -> [2010/01/11 08:43:43 | 000,000,000 | ---D | C] Prefetch -> C:\WINDOWS\Prefetch -> [2010/01/07 10:05:59 | 000,000,000 | ---D | C] $NtServicePackUninstall$ -> C:\WINDOWS\$NtServicePackUninstall$ -> [2010/01/07 09:34:34 | 000,000,000 | -H-D | C] sl_anet.acm -> C:\WINDOWS\System32\dllcache\sl_anet.acm -> [2010/01/05 15:07:52 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) msxml6.dll -> C:\WINDOWS\System32\dllcache\msxml6.dll -> [2010/01/05 15:06:54 | 001,372,672 | ---- | C] (Microsoft Corporation) msxml6r.dll -> C:\WINDOWS\System32\dllcache\msxml6r.dll -> [2010/01/05 15:06:54 | 000,079,872 | ---- | C] (Microsoft Corporation) msaud32.acm -> C:\WINDOWS\System32\dllcache\msaud32.acm -> [2010/01/05 15:06:20 | 000,294,912 | ---- | C] (Microsoft Corporation) l3codeca.acm -> C:\WINDOWS\System32\dllcache\l3codeca.acm -> [2010/01/05 15:05:34 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) ieencode.dll -> C:\WINDOWS\System32\ieencode.dll -> [2010/01/05 15:05:05 | 000,081,920 | ---- | C] (Microsoft Corporation) dlimport.exe -> C:\WINDOWS\System32\dllcache\dlimport.exe -> [2010/01/05 15:04:14 | 000,294,912 | ---- | C] (Microsoft Corporation) avipbb.sys -> C:\WINDOWS\System32\drivers\avipbb.sys -> [2010/01/04 12:39:22 | 000,096,104 | ---- | C] (Avira GmbH) avgntdd.sys -> C:\WINDOWS\System32\drivers\avgntdd.sys -> [2010/01/04 12:39:22 | 000,045,416 | ---- | C] (Avira GmbH) avgntmgr.sys -> C:\WINDOWS\System32\drivers\avgntmgr.sys -> [2010/01/04 12:39:22 | 000,022,360 | ---- | C] (Avira GmbH) ssmdrv.sys -> C:\WINDOWS\System32\drivers\ssmdrv.sys -> [2010/01/04 12:39:18 | 000,028,520 | ---- | C] (Avira GmbH) Avira -> C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira -> [2010/01/04 12:38:54 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/01/02 23:25:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/01/02 23:25:18 | 000,019,160 | ---- | C] (Malwarebytes Corporation) bthport.sys -> C:\WINDOWS\System32\dllcache\bthport.sys -> [2010/01/02 22:38:05 | 000,272,128 | ---- | C] (Microsoft Corporation) lsasrv.dll -> C:\WINDOWS\System32\dllcache\lsasrv.dll -> [2010/01/02 22:34:52 | 000,730,112 | ---- | C] (Microsoft Corporation) msfeeds.dll -> C:\WINDOWS\System32\dllcache\msfeeds.dll -> [2010/01/02 22:33:08 | 000,594,432 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> C:\WINDOWS\System32\dllcache\msfeedsbs.dll -> [2010/01/02 22:33:07 | 000,055,296 | ---- | C] (Microsoft Corporation) iertutil.dll -> C:\WINDOWS\System32\dllcache\iertutil.dll -> [2010/01/02 22:32:56 | 001,985,536 | ---- | C] (Microsoft Corporation) ieframe.dll -> C:\WINDOWS\System32\dllcache\ieframe.dll -> [2010/01/02 22:32:31 | 011,070,464 | ---- | C] (Microsoft Corporation) rmcast.sys -> C:\WINDOWS\System32\dllcache\rmcast.sys -> [2010/01/02 22:28:22 | 000,203,136 | ---- | C] (Microsoft Corporation) mrxsmb.sys -> C:\WINDOWS\System32\dllcache\mrxsmb.sys -> [2010/01/02 22:28:21 | 000,455,296 | ---- | C] (Microsoft Corporation) srv.sys -> C:\WINDOWS\System32\dllcache\srv.sys -> [2010/01/02 22:28:19 | 000,333,952 | ---- | C] (Microsoft Corporation) inetcomm.dll -> C:\WINDOWS\System32\dllcache\inetcomm.dll -> [2010/01/02 22:28:04 | 000,691,712 | ---- | C] (Microsoft Corporation) ntkrnlmp.exe -> C:\WINDOWS\System32\dllcache\ntkrnlmp.exe -> [2010/01/02 22:27:38 | 002,145,280 | ---- | C] (Microsoft Corporation) ntkrpamp.exe -> C:\WINDOWS\System32\dllcache\ntkrpamp.exe -> [2010/01/02 22:27:37 | 002,023,936 | ---- | C] (Microsoft Corporation) ntkrnlpa.exe -> C:\WINDOWS\System32\dllcache\ntkrnlpa.exe -> [2010/01/02 22:27:36 | 002,066,048 | ---- | C] (Microsoft Corporation) netapi32.dll -> C:\WINDOWS\System32\dllcache\netapi32.dll -> [2010/01/02 22:27:21 | 000,337,408 | ---- | C] (Microsoft Corporation) winzm.ime -> C:\WINDOWS\System32\dllcache\winzm.ime -> [2010/01/01 22:47:16 | 000,156,672 | ---- | C] (Microsoft Corporation) winsp.ime -> C:\WINDOWS\System32\dllcache\winsp.ime -> [2010/01/01 22:47:15 | 000,156,672 | ---- | C] (Microsoft Corporation) winpy.ime -> C:\WINDOWS\System32\dllcache\winpy.ime -> [2010/01/01 22:47:15 | 000,156,672 | ---- | C] (Microsoft Corporation) winime.ime -> C:\WINDOWS\System32\dllcache\winime.ime -> [2010/01/01 22:47:15 | 000,065,536 | ---- | C] (Microsoft Corporation) winar30.ime -> C:\WINDOWS\System32\dllcache\winar30.ime -> [2010/01/01 22:47:14 | 000,079,360 | ---- | C] (Microsoft Corporation) wingb.ime -> C:\WINDOWS\System32\dllcache\wingb.ime -> [2010/01/01 22:47:14 | 000,072,704 | ---- | C] (Microsoft Corporation) weitekp9.dll -> C:\WINDOWS\System32\dllcache\weitekp9.dll -> [2010/01/01 22:47:12 | 000,041,600 | ---- | C] (Microsoft Corporation) weitekp9.sys -> C:\WINDOWS\System32\dllcache\weitekp9.sys -> [2010/01/01 22:47:12 | 000,031,232 | ---- | C] (Microsoft Corporation) w32.dll -> C:\WINDOWS\System32\dllcache\w32.dll -> [2010/01/01 22:47:11 | 000,048,256 | ---- | C] (Microsoft Corporation) voicepad.dll -> C:\WINDOWS\System32\dllcache\voicepad.dll -> [2010/01/01 22:47:10 | 000,426,041 | ---- | C] (Microsoft Corporation) voicesub.dll -> C:\WINDOWS\System32\dllcache\voicesub.dll -> [2010/01/01 22:47:10 | 000,086,073 | ---- | C] (Microsoft Corporation) uniime.dll -> C:\WINDOWS\System32\dllcache\uniime.dll -> [2010/01/01 22:47:06 | 000,076,288 | ---- | C] (Microsoft Corporation) unicdime.ime -> C:\WINDOWS\System32\dllcache\unicdime.ime -> [2010/01/01 22:47:06 | 000,065,024 | ---- | C] (Microsoft Corporation) tsprof.exe -> C:\WINDOWS\System32\dllcache\tsprof.exe -> [2010/01/01 22:47:05 | 000,014,336 | ---- | C] (Microsoft Corporation) tintsetp.exe -> C:\WINDOWS\System32\dllcache\tintsetp.exe -> [2010/01/01 22:47:04 | 000,455,168 | ---- | C] (Microsoft Corporation) tintlphr.exe -> C:\WINDOWS\System32\dllcache\tintlphr.exe -> [2010/01/01 22:47:04 | 000,044,032 | ---- | C] (Microsoft Corporation) tmigrate.dll -> C:\WINDOWS\System32\dllcache\tmigrate.dll -> [2010/01/01 22:47:04 | 000,010,240 | ---- | C] (Microsoft Corporation) tintlgnt.ime -> C:\WINDOWS\System32\dllcache\tintlgnt.ime -> [2010/01/01 22:47:03 | 000,571,392 | ---- | C] (Microsoft Corporation) thawbrkr.dll -> C:\WINDOWS\System32\dllcache\thawbrkr.dll -> [2010/01/01 22:47:03 | 000,185,344 | ---- | C] (Microsoft Corporation) tdipx.sys -> C:\WINDOWS\System32\dllcache\tdipx.sys -> [2010/01/01 22:47:02 | 000,021,896 | ---- | C] (Microsoft Corporation) tdspx.sys -> C:\WINDOWS\System32\dllcache\tdspx.sys -> [2010/01/01 22:47:02 | 000,019,464 | ---- | C] (Microsoft Corporation) tdasync.sys -> C:\WINDOWS\System32\dllcache\tdasync.sys -> [2010/01/01 22:47:02 | 000,013,192 | ---- | C] (Microsoft Corporation) srusbusd.dll -> C:\WINDOWS\System32\dllcache\srusbusd.dll -> [2010/01/01 22:46:59 | 000,101,376 | ---- | C] (Microsoft Corporation) softkey.dll -> C:\WINDOWS\System32\dllcache\softkey.dll -> [2010/01/01 22:46:56 | 000,143,422 | ---- | C] (Microsoft Corporation) snmpstup.dll -> C:\WINDOWS\System32\dllcache\snmpstup.dll -> [2010/01/01 22:46:56 | 000,010,240 | ---- | C] (Microsoft Corporation) EXCH_snprfdll.dll -> C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll -> [2010/01/01 22:46:56 | 000,007,168 | ---- | C] (Microsoft Corporation) smierrsm.dll -> C:\WINDOWS\System32\dllcache\smierrsm.dll -> [2010/01/01 22:46:54 | 000,015,872 | ---- | C] (Microsoft Corporation) EXCH_smtpctrs.dll -> C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll -> [2010/01/01 22:46:54 | 000,012,288 | ---- | C] (Microsoft Corporation) smimsgif.dll -> C:\WINDOWS\System32\dllcache\smimsgif.dll -> [2010/01/01 22:46:54 | 000,005,632 | ---- | C] (Microsoft Corporation) smierrsy.dll -> C:\WINDOWS\System32\dllcache\smierrsy.dll -> [2010/01/01 22:46:54 | 000,005,632 | ---- | C] (Microsoft Corporation) sm9aw.dll -> C:\WINDOWS\System32\dllcache\sm9aw.dll -> [2010/01/01 22:46:53 | 000,038,912 | ---- | C] (Microsoft Corporation) smb6w.dll -> C:\WINDOWS\System32\dllcache\smb6w.dll -> [2010/01/01 22:46:53 | 000,031,744 | ---- | C] (Microsoft Corporation) sma3w.dll -> C:\WINDOWS\System32\dllcache\sma3w.dll -> [2010/01/01 22:46:53 | 000,031,744 | ---- | C] (Microsoft Corporation) sm87w.dll -> C:\WINDOWS\System32\dllcache\sm87w.dll -> [2010/01/01 22:46:53 | 000,030,208 | ---- | C] (Microsoft Corporation) sm8cw.dll -> C:\WINDOWS\System32\dllcache\sm8cw.dll -> [2010/01/01 22:46:53 | 000,029,184 | ---- | C] (Microsoft Corporation) sm93w.dll -> C:\WINDOWS\System32\dllcache\sm93w.dll -> [2010/01/01 22:46:53 | 000,026,624 | ---- | C] (Microsoft Corporation) sm92w.dll -> C:\WINDOWS\System32\dllcache\sm92w.dll -> [2010/01/01 22:46:53 | 000,026,624 | ---- | C] (Microsoft Corporation) sm90w.dll -> C:\WINDOWS\System32\dllcache\sm90w.dll -> [2010/01/01 22:46:53 | 000,026,112 | ---- | C] (Microsoft Corporation) sm8dw.dll -> C:\WINDOWS\System32\dllcache\sm8dw.dll -> [2010/01/01 22:46:53 | 000,026,112 | ---- | C] (Microsoft Corporation) sm8aw.dll -> C:\WINDOWS\System32\dllcache\sm8aw.dll -> [2010/01/01 22:46:53 | 000,026,112 | ---- | C] (Microsoft Corporation) sm89w.dll -> C:\WINDOWS\System32\dllcache\sm89w.dll -> [2010/01/01 22:46:53 | 000,026,112 | ---- | C] (Microsoft Corporation) sm81w.dll -> C:\WINDOWS\System32\dllcache\sm81w.dll -> [2010/01/01 22:46:52 | 000,030,208 | ---- | C] (Microsoft Corporation) sm59w.dll -> C:\WINDOWS\System32\dllcache\sm59w.dll -> [2010/01/01 22:46:52 | 000,025,088 | ---- | C] (Microsoft Corporation) simptcp.dll -> C:\WINDOWS\System32\dllcache\simptcp.dll -> [2010/01/01 22:46:52 | 000,018,944 | ---- | C] (Microsoft Corporation) EXCH_seos.dll -> C:\WINDOWS\System32\dllcache\EXCH_seos.dll -> [2010/01/01 22:46:46 | 000,026,112 | ---- | C] (Microsoft Corporation) EXCH_scripto.dll -> C:\WINDOWS\System32\dllcache\EXCH_scripto.dll -> [2010/01/01 22:46:45 | 000,057,856 | ---- | C] (Microsoft Corporation) rwia330.dll -> C:\WINDOWS\System32\dllcache\rwia330.dll -> [2010/01/01 22:46:43 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) rwia001.dll -> C:\WINDOWS\System32\dllcache\rwia001.dll -> [2010/01/01 22:46:43 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) romanime.ime -> C:\WINDOWS\System32\dllcache\romanime.ime -> [2010/01/01 22:46:42 | 000,026,112 | ---- | C] (Microsoft Corporation) EXCH_regtrace.exe -> C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe -> [2010/01/01 22:46:40 | 000,023,040 | ---- | C] (Microsoft Corporation) register.exe -> C:\WINDOWS\System32\dllcache\register.exe -> [2010/01/01 22:46:40 | 000,014,848 | ---- | C] (Microsoft Corporation) quick.ime -> C:\WINDOWS\System32\dllcache\quick.ime -> [2010/01/01 22:46:38 | 000,077,824 | ---- | C] (Microsoft Corporation) quser.exe -> C:\WINDOWS\System32\dllcache\quser.exe -> [2010/01/01 22:46:38 | 000,016,384 | ---- | C] (Microsoft Corporation) query.exe -> C:\WINDOWS\System32\dllcache\query.exe -> [2010/01/01 22:46:37 | 000,009,728 | ---- | C] (Microsoft Corporation) pmxviceo.dll -> C:\WINDOWS\System32\dllcache\pmxviceo.dll -> [2010/01/01 22:46:35 | 000,131,584 | ---- | C] (Microsoft Corporation) pmxmcro.dll -> C:\WINDOWS\System32\dllcache\pmxmcro.dll -> [2010/01/01 22:46:35 | 000,011,264 | ---- | C] (Microsoft Corporation) pmxgl.dll -> C:\WINDOWS\System32\dllcache\pmxgl.dll -> [2010/01/01 22:46:35 | 000,006,144 | ---- | C] (Microsoft Corporation) pintlgnt.ime -> C:\WINDOWS\System32\dllcache\pintlgnt.ime -> [2010/01/01 22:46:34 | 000,482,304 | ---- | C] (Microsoft Corporation) pintlphr.exe -> C:\WINDOWS\System32\dllcache\pintlphr.exe -> [2010/01/01 22:46:34 | 000,070,144 | ---- | C] (Microsoft Corporation) pmigrate.dll -> C:\WINDOWS\System32\dllcache\pmigrate.dll -> [2010/01/01 22:46:34 | 000,067,584 | ---- | C] (Microsoft Corporation) pintlcsd.dll -> C:\WINDOWS\System32\dllcache\pintlcsd.dll -> [2010/01/01 22:46:34 | 000,053,760 | ---- | C] (Microsoft Corporation) phon.ime -> C:\WINDOWS\System32\dllcache\phon.ime -> [2010/01/01 22:46:33 | 000,079,360 | ---- | C] (Microsoft Corporation) padrs411.dll -> C:\WINDOWS\System32\dllcache\padrs411.dll -> [2010/01/01 22:46:32 | 000,036,927 | ---- | C] (Microsoft Corporation) padrs404.dll -> C:\WINDOWS\System32\dllcache\padrs404.dll -> [2010/01/01 22:46:32 | 000,015,872 | ---- | C] (Microsoft Corporation) padrs804.dll -> C:\WINDOWS\System32\dllcache\padrs804.dll -> [2010/01/01 22:46:32 | 000,015,360 | ---- | C] (Microsoft Corporation) padrs412.dll -> C:\WINDOWS\System32\dllcache\padrs412.dll -> [2010/01/01 22:46:32 | 000,014,336 | ---- | C] (Microsoft Corporation) EXCH_ntfsdrv.dll -> C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll -> [2010/01/01 22:46:27 | 000,038,912 | ---- | C] (Microsoft Corporation) multibox.dll -> C:\WINDOWS\System32\dllcache\multibox.dll -> [2010/01/01 22:46:23 | 000,229,439 | ---- | C] (Microsoft Corporation) msir3jp.lex -> C:\WINDOWS\System32\dllcache\msir3jp.lex -> [2010/01/01 22:46:16 | 001,875,968 | ---- | C] (Microsoft Corporation) msir3jp.dll -> C:\WINDOWS\System32\dllcache\msir3jp.dll -> [2010/01/01 22:46:16 | 000,098,304 | ---- | C] (Microsoft Corporation) mga.sys -> C:\WINDOWS\System32\dllcache\mga.sys -> [2010/01/01 22:46:07 | 000,092,416 | ---- | C] (Microsoft Corporation) mga.dll -> C:\WINDOWS\System32\dllcache\mga.dll -> [2010/01/01 22:46:07 | 000,092,032 | ---- | C] (Microsoft Corporation) EXCH_mailmsg.dll -> C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll -> [2010/01/01 22:46:05 | 000,065,536 | ---- | C] (Microsoft Corporation) korwbrkr.dll -> C:\WINDOWS\System32\dllcache\korwbrkr.dll -> [2010/01/01 22:46:02 | 000,070,656 | ---- | C] (Microsoft Corporation) kbdvntc.dll -> C:\WINDOWS\System32\dllcache\kbdvntc.dll -> [2010/01/01 22:46:01 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdusa.dll -> C:\WINDOWS\System32\dllcache\kbdusa.dll -> [2010/01/01 22:46:01 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdurdu.dll -> C:\WINDOWS\System32\dllcache\kbdurdu.dll -> [2010/01/01 22:46:01 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdnecnt.dll -> C:\WINDOWS\System32\dllcache\kbdnecnt.dll -> [2010/01/01 22:46:00 | 000,007,680 | ---- | C] (Microsoft Corporation) kbdth3.dll -> C:\WINDOWS\System32\dllcache\kbdth3.dll -> [2010/01/01 22:46:00 | 000,006,144 | ---- | C] (Microsoft Corporation) kbdth2.dll -> C:\WINDOWS\System32\dllcache\kbdth2.dll -> [2010/01/01 22:46:00 | 000,006,144 | ---- | C] (Microsoft Corporation) kbdth1.dll -> C:\WINDOWS\System32\dllcache\kbdth1.dll -> [2010/01/01 22:46:00 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdth0.dll -> C:\WINDOWS\System32\dllcache\kbdth0.dll -> [2010/01/01 22:46:00 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdsyr2.dll -> C:\WINDOWS\System32\dllcache\kbdsyr2.dll -> [2010/01/01 22:46:00 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdsyr1.dll -> C:\WINDOWS\System32\dllcache\kbdsyr1.dll -> [2010/01/01 22:46:00 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdnecat.dll -> C:\WINDOWS\System32\dllcache\kbdnecat.dll -> [2010/01/01 22:45:59 | 000,009,216 | ---- | C] (Microsoft Corporation) kbdnec95.dll -> C:\WINDOWS\System32\dllcache\kbdnec95.dll -> [2010/01/01 22:45:59 | 000,007,168 | ---- | C] (Microsoft Corporation) kbdinpun.dll -> C:\WINDOWS\System32\dllcache\kbdinpun.dll -> [2010/01/01 22:45:59 | 000,006,144 | ---- | C] (Microsoft Corporation) kbdintel.dll -> C:\WINDOWS\System32\dllcache\kbdintel.dll -> [2010/01/01 22:45:59 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdintam.dll -> C:\WINDOWS\System32\dllcache\kbdintam.dll -> [2010/01/01 22:45:59 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdinmar.dll -> C:\WINDOWS\System32\dllcache\kbdinmar.dll -> [2010/01/01 22:45:58 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdinkan.dll -> C:\WINDOWS\System32\dllcache\kbdinkan.dll -> [2010/01/01 22:45:58 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdinhin.dll -> C:\WINDOWS\System32\dllcache\kbdinhin.dll -> [2010/01/01 22:45:58 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdinguj.dll -> C:\WINDOWS\System32\dllcache\kbdinguj.dll -> [2010/01/01 22:45:58 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdindev.dll -> C:\WINDOWS\System32\dllcache\kbdindev.dll -> [2010/01/01 22:45:58 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdheb.dll -> C:\WINDOWS\System32\dllcache\kbdheb.dll -> [2010/01/01 22:45:58 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdgeo.dll -> C:\WINDOWS\System32\dllcache\kbdgeo.dll -> [2010/01/01 22:45:58 | 000,005,120 | ---- | C] (Microsoft Corporation) kbdfa.dll -> C:\WINDOWS\System32\dllcache\kbdfa.dll -> [2010/01/01 22:45:57 | 000,005,632 | ---- | C] (Microsoft Corporation) kbddiv2.dll -> C:\WINDOWS\System32\dllcache\kbddiv2.dll -> [2010/01/01 22:45:57 | 000,005,632 | ---- | C] (Microsoft Corporation) kbddiv1.dll -> C:\WINDOWS\System32\dllcache\kbddiv1.dll -> [2010/01/01 22:45:57 | 000,005,632 | ---- | C] (Microsoft Corporation) kbda3.dll -> C:\WINDOWS\System32\dllcache\kbda3.dll -> [2010/01/01 22:45:57 | 000,005,632 | ---- | C] (Microsoft Corporation) kbda2.dll -> C:\WINDOWS\System32\dllcache\kbda2.dll -> [2010/01/01 22:45:57 | 000,005,632 | ---- | C] (Microsoft Corporation) kbdarmw.dll -> C:\WINDOWS\System32\dllcache\kbdarmw.dll -> [2010/01/01 22:45:57 | 000,005,120 | ---- | C] (Microsoft Corporation) kbdarme.dll -> C:\WINDOWS\System32\dllcache\kbdarme.dll -> [2010/01/01 22:45:57 | 000,005,120 | ---- | C] (Microsoft Corporation) jupiw.dll -> C:\WINDOWS\System32\dllcache\jupiw.dll -> [2010/01/01 22:45:56 | 000,018,432 | ---- | C] (Microsoft Corporation) kbd101a.dll -> C:\WINDOWS\System32\dllcache\kbd101a.dll -> [2010/01/01 22:45:56 | 000,006,144 | ---- | C] (Microsoft Corporation) kbda1.dll -> C:\WINDOWS\System32\dllcache\kbda1.dll -> [2010/01/01 22:45:56 | 000,005,632 | ---- | C] (Microsoft Corporation) imskdic.dll -> C:\WINDOWS\System32\dllcache\imskdic.dll -> [2010/01/01 22:45:53 | 000,471,102 | ---- | C] (Microsoft Corporation) imskf.dll -> C:\WINDOWS\System32\dllcache\imskf.dll -> [2010/01/01 22:45:53 | 000,315,455 | ---- | C] (Microsoft Corporation) imjputyc.dll -> C:\WINDOWS\System32\dllcache\imjputyc.dll -> [2010/01/01 22:45:52 | 000,274,489 | ---- | C] (Microsoft Corporation) imjputy.exe -> C:\WINDOWS\System32\dllcache\imjputy.exe -> [2010/01/01 22:45:52 | 000,262,200 | ---- | C] (Microsoft Corporation) imjprw.exe -> C:\WINDOWS\System32\dllcache\imjprw.exe -> [2010/01/01 22:45:52 | 000,233,527 | ---- | C] (Microsoft Corporation) imjpmig.exe -> C:\WINDOWS\System32\dllcache\imjpmig.exe -> [2010/01/01 22:45:52 | 000,208,952 | ---- | C] (Microsoft Corporation) imjpdsvr.exe -> C:\WINDOWS\System32\dllcache\imjpdsvr.exe -> [2010/01/01 22:45:52 | 000,155,705 | ---- | C] (Microsoft Corporation) imlang.dll -> C:\WINDOWS\System32\dllcache\imlang.dll -> [2010/01/01 22:45:52 | 000,102,456 | ---- | C] (Microsoft Corporation) imkrinst.exe -> C:\WINDOWS\System32\dllcache\imkrinst.exe -> [2010/01/01 22:45:52 | 000,059,904 | ---- | C] (Microsoft Corporation) imjpuex.exe -> C:\WINDOWS\System32\dllcache\imjpuex.exe -> [2010/01/01 22:45:52 | 000,045,109 | ---- | C] (Microsoft Corporation) imjp81k.dll -> C:\WINDOWS\System32\dllcache\imjp81k.dll -> [2010/01/01 22:45:51 | 000,811,064 | ---- | C] (Microsoft Corporation) imjpcus.dll -> C:\WINDOWS\System32\dllcache\imjpcus.dll -> [2010/01/01 22:45:51 | 000,716,856 | ---- | C] (Microsoft Corporation) imjpcic.dll -> C:\WINDOWS\System32\dllcache\imjpcic.dll -> [2010/01/01 22:45:51 | 000,368,696 | ---- | C] (Microsoft Corporation) imjp81.ime -> C:\WINDOWS\System32\dllcache\imjp81.ime -> [2010/01/01 22:45:51 | 000,340,023 | ---- | C] (Microsoft Corporation) imjpdct.exe -> C:\WINDOWS\System32\dllcache\imjpdct.exe -> [2010/01/01 22:45:51 | 000,307,257 | ---- | C] (Microsoft Corporation) imjpdct.dll -> C:\WINDOWS\System32\dllcache\imjpdct.dll -> [2010/01/01 22:45:51 | 000,081,976 | ---- | C] (Microsoft Corporation) imjpdadm.exe -> C:\WINDOWS\System32\dllcache\imjpdadm.exe -> [2010/01/01 22:45:51 | 000,057,398 | ---- | C] (Microsoft Corporation) imepadsv.exe -> C:\WINDOWS\System32\dllcache\imepadsv.exe -> [2010/01/01 22:45:50 | 000,311,359 | ---- | C] (Microsoft Corporation) imekrcic.dll -> C:\WINDOWS\System32\dllcache\imekrcic.dll -> [2010/01/01 22:45:50 | 000,106,496 | ---- | C] (Microsoft Corporation) imepadsm.dll -> C:\WINDOWS\System32\dllcache\imepadsm.dll -> [2010/01/01 22:45:50 | 000,102,463 | ---- | C] (Microsoft Corporation) imekr61.ime -> C:\WINDOWS\System32\dllcache\imekr61.ime -> [2010/01/01 22:45:50 | 000,094,720 | ---- | C] (Microsoft Corporation) imekrmbx.dll -> C:\WINDOWS\System32\dllcache\imekrmbx.dll -> [2010/01/01 22:45:50 | 000,086,016 | ---- | C] (Microsoft Corporation) imekrmig.exe -> C:\WINDOWS\System32\dllcache\imekrmig.exe -> [2010/01/01 22:45:50 | 000,044,032 | ---- | C] (Microsoft Corporation) hwxkor.dll -> C:\WINDOWS\System32\dllcache\hwxkor.dll -> [2010/01/01 22:45:44 | 010,129,408 | ---- | C] (Microsoft Corporation) hwxcht.dll -> C:\WINDOWS\System32\dllcache\hwxcht.dll -> [2010/01/01 22:45:38 | 010,096,640 | ---- | C] (Microsoft Corporation) hanjadic.dll -> C:\WINDOWS\System32\dllcache\hanjadic.dll -> [2010/01/01 22:45:35 | 000,036,864 | ---- | C] (Microsoft Corporation) fxsroute.dll -> C:\WINDOWS\System32\dllcache\fxsroute.dll -> [2010/01/01 22:45:33 | 000,031,744 | ---- | C] (Microsoft Corporation) fxssend.exe -> C:\WINDOWS\System32\dllcache\fxssend.exe -> [2010/01/01 22:45:33 | 000,011,264 | ---- | C] (Microsoft Corporation) fxsclntr.dll -> C:\WINDOWS\System32\dllcache\fxsclntr.dll -> [2010/01/01 22:45:32 | 000,132,608 | ---- | C] (Microsoft Corporation) fxscfgwz.dll -> C:\WINDOWS\System32\dllcache\fxscfgwz.dll -> [2010/01/01 22:45:32 | 000,111,104 | ---- | C] (Microsoft Corporation) ftlx041e.dll -> C:\WINDOWS\System32\dllcache\ftlx041e.dll -> [2010/01/01 22:45:31 | 000,006,144 | ---- | C] (Microsoft Corporation) flattemp.exe -> C:\WINDOWS\System32\dllcache\flattemp.exe -> [2010/01/01 22:45:29 | 000,014,848 | ---- | C] (Microsoft Corporation) EXCH_fcachdll.dll -> C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll -> [2010/01/01 22:45:28 | 000,043,520 | ---- | C] (Microsoft Corporation) esuimgd.dll -> C:\WINDOWS\System32\dllcache\esuimgd.dll -> [2010/01/01 22:45:27 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) esunid.dll -> C:\WINDOWS\System32\dllcache\esunid.dll -> [2010/01/01 22:45:27 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) esucmd.dll -> C:\WINDOWS\System32\dllcache\esucmd.dll -> [2010/01/01 22:45:27 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) et4000.sys -> C:\WINDOWS\System32\dllcache\et4000.sys -> [2010/01/01 22:45:27 | 000,025,856 | ---- | C] (Microsoft Corporation) dayi.ime -> C:\WINDOWS\System32\dllcache\dayi.ime -> [2010/01/01 22:45:17 | 000,078,848 | ---- | C] (Microsoft Corporation) cplexe.exe -> C:\WINDOWS\System32\dllcache\cplexe.exe -> [2010/01/01 22:45:14 | 000,057,399 | ---- | C] (Microsoft Corporation) cprofile.exe -> C:\WINDOWS\System32\dllcache\cprofile.exe -> [2010/01/01 22:45:14 | 000,018,944 | ---- | C] (Microsoft Corporation) cintsetp.exe -> C:\WINDOWS\System32\dllcache\cintsetp.exe -> [2010/01/01 22:45:11 | 000,480,256 | ---- | C] (Microsoft Corporation) cintime.dll -> C:\WINDOWS\System32\dllcache\cintime.dll -> [2010/01/01 22:45:11 | 000,198,656 | ---- | C] (Microsoft Corporation) chtmbx.dll -> C:\WINDOWS\System32\dllcache\chtmbx.dll -> [2010/01/01 22:45:11 | 000,097,792 | ---- | C] (Microsoft Corporation) chtskdic.dll -> C:\WINDOWS\System32\dllcache\chtskdic.dll -> [2010/01/01 22:45:11 | 000,056,320 | ---- | C] (Microsoft Corporation) cintlgnt.ime -> C:\WINDOWS\System32\dllcache\cintlgnt.ime -> [2010/01/01 22:45:11 | 000,021,504 | ---- | C] (Microsoft Corporation) chsbrkr.dll -> C:\WINDOWS\System32\dllcache\chsbrkr.dll -> [2010/01/01 22:45:10 | 001,677,824 | ---- | C] (Microsoft Corporation) chtbrkr.dll -> C:\WINDOWS\System32\dllcache\chtbrkr.dll -> [2010/01/01 22:45:10 | 000,838,144 | ---- | C] (Microsoft Corporation) chgusr.exe -> C:\WINDOWS\System32\dllcache\chgusr.exe -> [2010/01/01 22:45:10 | 000,014,336 | ---- | C] (Microsoft Corporation) chajei.ime -> C:\WINDOWS\System32\dllcache\chajei.ime -> [2010/01/01 22:45:09 | 000,078,336 | ---- | C] (Microsoft Corporation) chgport.exe -> C:\WINDOWS\System32\dllcache\chgport.exe -> [2010/01/01 22:45:09 | 000,015,872 | ---- | C] (Microsoft Corporation) chglogon.exe -> C:\WINDOWS\System32\dllcache\chglogon.exe -> [2010/01/01 22:45:09 | 000,013,312 | ---- | C] (Microsoft Corporation) change.exe -> C:\WINDOWS\System32\dllcache\change.exe -> [2010/01/01 22:45:09 | 000,009,728 | ---- | C] (Microsoft Corporation) cap7146.sys -> C:\WINDOWS\System32\dllcache\cap7146.sys -> [2010/01/01 22:45:07 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) c_iscii.dll -> C:\WINDOWS\System32\dllcache\c_iscii.dll -> [2010/01/01 22:45:07 | 000,010,752 | ---- | C] (Microsoft Corporation) c_is2022.dll -> C:\WINDOWS\System32\dllcache\c_is2022.dll -> [2010/01/01 22:45:07 | 000,006,656 | ---- | C] (Microsoft Corporation) EXCH_aqadmin.dll -> C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll -> [2010/01/01 22:44:55 | 000,045,056 | ---- | C] (Microsoft Corporation) EXCH_adsiisex.dll -> C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll -> [2010/01/01 22:44:52 | 000,005,632 | ---- | C] (Microsoft Corporation) fetnd5.sys -> C:\WINDOWS\System32\drivers\fetnd5.sys -> [2010/01/01 22:34:50 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) spxcoins.dll -> C:\WINDOWS\System32\spxcoins.dll -> [2010/01/01 22:31:04 | 000,024,661 | ---- | C] (Perle Systems Ltd.) spxcoins.dll -> C:\WINDOWS\System32\dllcache\spxcoins.dll -> [2010/01/01 22:31:04 | 000,024,661 | ---- | C] (Perle Systems Ltd.) irclass.dll -> C:\WINDOWS\System32\irclass.dll -> [2010/01/01 22:31:04 | 000,013,312 | ---- | C] (Microsoft Corporation) irclass.dll -> C:\WINDOWS\System32\dllcache\irclass.dll -> [2010/01/01 22:31:04 | 000,013,312 | ---- | C] (Microsoft Corporation) Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2009/03/29 22:36:34 | 000,000,000 | --SD | M] Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2009/03/29 22:36:34 | 000,000,000 | --SD | M] Microsoft -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft -> [2009/03/29 22:36:34 | 000,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft -> [2009/03/29 22:36:33 | 000,000,000 | ---D | M] [Files/Folders - Modified Within 30 Days] OTS.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\OTS.exe -> [2010/01/30 23:30:05 | 000,632,320 | ---- | M] (OldTimer Tools) wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/01/30 22:51:33 | 000,013,740 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/01/30 22:51:32 | 000,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/01/30 22:51:30 | 000,002,048 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/01/30 22:51:29 | 401,068,032 | -HS- | M] () ntuser.ini -> C:\Documents and Settings\Rebecca Cooper\ntuser.ini -> [2010/01/30 22:50:24 | 000,000,178 | -HS- | M] () ntuser.dat -> C:\Documents and Settings\Rebecca Cooper\ntuser.dat -> [2010/01/30 22:50:23 | 002,621,440 | ---- | M] () avenger.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\avenger.exe -> [2010/01/30 22:48:31 | 000,731,136 | ---- | M] () avenger.zip -> C:\Documents and Settings\Rebecca Cooper\Desktop\avenger.zip -> [2010/01/30 22:48:08 | 000,724,952 | ---- | M] () SystemLook.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\SystemLook.exe -> [2010/01/30 22:00:44 | 000,100,908 | ---- | M] () User_Feed_Synchronization-{EC79BCE9-184A-4DA4-9F19-ABE785C004AC}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{EC79BCE9-184A-4DA4-9F19-ABE785C004AC}.job -> [2010/01/30 19:43:56 | 000,000,440 | -H-- | M] () system.ini -> C:\WINDOWS\system.ini -> [2010/01/30 19:35:53 | 000,000,227 | ---- | M] () hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2010/01/30 18:19:44 | 000,000,027 | ---- | M] () boot.ini -> C:\boot.ini -> [2010/01/30 17:03:05 | 000,000,281 | RHS- | M] () ComboFix.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\ComboFix.exe -> [2010/01/30 16:57:11 | 003,840,721 | R--- | M] () TDSSKiller.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\TDSSKiller.exe -> [2010/01/30 13:55:37 | 000,176,392 | ---- | M] (Kaspersky Lab) OTL.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\OTL.exe -> [2010/01/30 12:15:37 | 000,548,864 | ---- | M] (OldTimer Tools) mbam-log-2010-01-29 (19-57-10).zip -> C:\Documents and Settings\Rebecca Cooper\Desktop\mbam-log-2010-01-29 (19-57-10).zip -> [2010/01/30 00:22:49 | 000,008,468 | ---- | M] () gmer.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\gmer.exe -> [2010/01/29 22:01:23 | 000,293,376 | ---- | M] () Attach.zip -> C:\Documents and Settings\Rebecca Cooper\Desktop\Attach.zip -> [2010/01/29 22:01:05 | 000,002,610 | ---- | M] () dds.scr -> C:\Documents and Settings\Rebecca Cooper\Desktop\dds.scr -> [2010/01/29 21:59:16 | 000,524,288 | ---- | M] () defogger_reenable -> C:\Documents and Settings\Rebecca Cooper\defogger_reenable -> [2010/01/29 21:53:38 | 000,000,000 | ---- | M] () Defogger.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\Defogger.exe -> [2010/01/29 21:52:49 | 000,050,477 | ---- | M] () MEMORY.DMP -> C:\WINDOWS\MEMORY.DMP -> [2010/01/29 20:13:00 | 401,096,704 | ---- | M] () gmer.zip -> C:\Documents and Settings\Rebecca Cooper\Desktop\gmer.zip -> [2010/01/29 19:58:27 | 000,284,915 | ---- | M] () TFC.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\TFC.exe -> [2010/01/29 19:37:04 | 000,439,808 | ---- | M] (OldTimer Tools) imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/01/25 21:51:19 | 000,001,374 | ---- | M] () nscompat.tlb -> C:\WINDOWS\System32\nscompat.tlb -> [2010/01/25 21:51:03 | 000,023,392 | ---- | M] () amcompat.tlb -> C:\WINDOWS\System32\amcompat.tlb -> [2010/01/25 21:51:03 | 000,016,832 | ---- | M] () WMSysPr9.prx -> C:\WINDOWS\WMSysPr9.prx -> [2010/01/25 21:49:52 | 000,316,640 | ---- | M] () sysReserve.ini -> C:\Documents and Settings\All Users.WINDOWS\Application Data\sysReserve.ini -> [2010/01/23 20:13:13 | 000,000,008 | ---- | M] () Play Avenue Flo.lnk -> C:\Documents and Settings\All Users.WINDOWS\Desktop\Play Avenue Flo.lnk -> [2010/01/21 18:05:54 | 000,001,572 | ---- | M] () Game Manager.lnk -> C:\Documents and Settings\All Users.WINDOWS\Desktop\Game Manager.lnk -> [2010/01/21 18:02:45 | 000,001,578 | ---- | M] () JonaieResume.rtf -> C:\Documents and Settings\Rebecca Cooper\Desktop\JonaieResume.rtf -> [2010/01/19 23:58:06 | 000,001,255 | ---- | M] () Becka - Extra Shifts.pdf -> C:\Documents and Settings\Rebecca Cooper\Desktop\Becka - Extra Shifts.pdf -> [2010/01/13 18:15:36 | 000,013,446 | ---- | M] () mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/01/07 16:07:04 | 000,019,160 | ---- | M] (Malwarebytes Corporation) PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2010/01/07 12:34:06 | 000,508,956 | ---- | M] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/01/07 12:34:06 | 000,432,356 | ---- | M] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/01/07 12:34:06 | 000,067,312 | ---- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/01/07 12:32:11 | 000,098,256 | ---- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/01/02 23:25:22 | 000,000,696 | ---- | M] () CONFIG.NT -> C:\WINDOWS\System32\CONFIG.NT -> [2010/01/01 23:07:55 | 000,002,577 | ---- | M] () win.ini -> C:\WINDOWS\win.ini -> [2010/01/01 22:59:39 | 000,000,516 | ---- | M] () Boot.bak -> C:\Boot.bak -> [2010/01/01 22:59:39 | 000,000,211 | ---- | M] () $winnt$.inf -> C:\WINDOWS\System32\$winnt$.inf -> [2010/01/01 22:47:55 | 000,000,288 | ---- | M] () ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2010/01/01 22:44:04 | 000,004,161 | ---- | M] () WindowsLogon.manifest -> C:\WINDOWS\System32\WindowsLogon.manifest -> [2010/01/01 22:43:05 | 000,000,488 | RH-- | M] () logonui.exe.manifest -> C:\WINDOWS\System32\logonui.exe.manifest -> [2010/01/01 22:43:05 | 000,000,488 | RH-- | M] () wuaucpl.cpl.manifest -> C:\WINDOWS\System32\wuaucpl.cpl.manifest -> [2010/01/01 22:42:58 | 000,000,749 | RH-- | M] () WindowsShell.Manifest -> C:\WINDOWS\WindowsShell.Manifest -> [2010/01/01 22:42:58 | 000,000,749 | RH-- | M] () sapi.cpl.manifest -> C:\WINDOWS\System32\sapi.cpl.manifest -> [2010/01/01 22:42:58 | 000,000,749 | RH-- | M] () nwc.cpl.manifest -> C:\WINDOWS\System32\nwc.cpl.manifest -> [2010/01/01 22:42:58 | 000,000,749 | RH-- | M] () ncpa.cpl.manifest -> C:\WINDOWS\System32\ncpa.cpl.manifest -> [2010/01/01 22:42:58 | 000,000,749 | RH-- | M] () cdplayer.exe.manifest -> C:\WINDOWS\System32\cdplayer.exe.manifest -> [2010/01/01 22:42:58 | 000,000,749 | RH-- | M] () emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2010/01/01 22:42:09 | 000,022,720 | ---- | M] () [Files - No Company Name] avenger.zip -> C:\Documents and Settings\Rebecca Cooper\Desktop\avenger.zip -> [2010/01/30 22:48:07 | 000,724,952 | ---- | C] () SystemLook.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\SystemLook.exe -> [2010/01/30 22:00:44 | 000,100,908 | ---- | C] () Boot.bak -> C:\Boot.bak -> [2010/01/30 17:03:05 | 000,000,211 | ---- | C] () cmldr -> C:\cmldr -> [2010/01/30 17:03:00 | 000,260,272 | ---- | C] () PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/01/30 17:00:31 | 000,261,632 | ---- | C] () sed.exe -> C:\WINDOWS\sed.exe -> [2010/01/30 17:00:31 | 000,098,816 | ---- | C] () grep.exe -> C:\WINDOWS\grep.exe -> [2010/01/30 17:00:31 | 000,080,412 | ---- | C] () MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/01/30 17:00:31 | 000,077,312 | ---- | C] () zip.exe -> C:\WINDOWS\zip.exe -> [2010/01/30 17:00:31 | 000,068,096 | ---- | C] () ComboFix.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\ComboFix.exe -> [2010/01/30 16:56:59 | 003,840,721 | R--- | C] () mbam-log-2010-01-29 (19-57-10).zip -> C:\Documents and Settings\Rebecca Cooper\Desktop\mbam-log-2010-01-29 (19-57-10).zip -> [2010/01/30 00:22:49 | 000,008,468 | ---- | C] () Attach.zip -> C:\Documents and Settings\Rebecca Cooper\Desktop\Attach.zip -> [2010/01/29 22:01:05 | 000,002,610 | ---- | C] () dds.scr -> C:\Documents and Settings\Rebecca Cooper\Desktop\dds.scr -> [2010/01/29 21:59:14 | 000,524,288 | ---- | C] () defogger_reenable -> C:\Documents and Settings\Rebecca Cooper\defogger_reenable -> [2010/01/29 21:53:38 | 000,000,000 | ---- | C] () Defogger.exe -> C:\Documents and Settings\Rebecca Cooper\Desktop\Defogger.exe -> [2010/01/29 21:52:48 | 000,050,477 | ---- | C] () User_Feed_Synchronization-{EC79BCE9-184A-4DA4-9F19-ABE785C004AC}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{EC79BCE9-184A-4DA4-9F19-ABE785C004AC}.job -> [2010/01/29 20:25:25 | 000,000,440 | -H-- | C] () gmer.zip -> C:\Documents and Settings\Rebecca Cooper\Desktop\gmer.zip -> [2010/01/29 19:58:25 | 000,284,915 | ---- | C] () sysReserve.ini -> C:\Documents and Settings\All Users.WINDOWS\Application Data\sysReserve.ini -> [2010/01/23 20:13:13 | 000,000,008 | ---- | C] () Play Avenue Flo.lnk -> C:\Documents and Settings\All Users.WINDOWS\Desktop\Play Avenue Flo.lnk -> [2010/01/21 18:05:54 | 000,001,572 | ---- | C] () Game Manager.lnk -> C:\Documents and Settings\All Users.WINDOWS\Desktop\Game Manager.lnk -> [2010/01/21 18:02:45 | 000,001,578 | ---- | C] () JonaieResume.rtf -> C:\Documents and Settings\Rebecca Cooper\Desktop\JonaieResume.rtf -> [2010/01/19 23:58:06 | 000,001,255 | ---- | C] () Becka - Extra Shifts.pdf -> C:\Documents and Settings\Rebecca Cooper\Desktop\Becka - Extra Shifts.pdf -> [2010/01/13 18:15:32 | 000,013,446 | ---- | C] () wmplayer.chm -> C:\WINDOWS\System32\dllcache\wmplayer.chm -> [2010/01/05 15:08:24 | 000,613,334 | ---- | C] () wmptour.hta -> C:\WINDOWS\System32\dllcache\wmptour.hta -> [2010/01/05 15:08:24 | 000,010,457 | ---- | C] () wmptour.css -> C:\WINDOWS\System32\dllcache\wmptour.css -> [2010/01/05 15:08:24 | 000,001,771 | ---- | C] () wmpocm.inf -> C:\WINDOWS\System32\dllcache\wmpocm.inf -> [2010/01/05 15:08:24 | 000,000,855 | ---- | C] () wmploc.js -> C:\WINDOWS\System32\dllcache\wmploc.js -> [2010/01/05 15:08:24 | 000,000,420 | ---- | C] () wmpaud7.wav -> C:\WINDOWS\System32\dllcache\wmpaud7.wav -> [2010/01/05 15:08:23 | 000,343,204 | ---- | C] () wmpaud6.wav -> C:\WINDOWS\System32\dllcache\wmpaud6.wav -> [2010/01/05 15:08:23 | 000,343,204 | ---- | C] () wmpaud9.wav -> C:\WINDOWS\System32\dllcache\wmpaud9.wav -> [2010/01/05 15:08:23 | 000,172,196 | ---- | C] () wmpaud8.wav -> C:\WINDOWS\System32\dllcache\wmpaud8.wav -> [2010/01/05 15:08:23 | 000,172,196 | ---- | C] () wmpaud5.wav -> C:\WINDOWS\System32\dllcache\wmpaud5.wav -> [2010/01/05 15:08:23 | 000,086,196 | ---- | C] () wmpaud4.wav -> C:\WINDOWS\System32\dllcache\wmpaud4.wav -> [2010/01/05 15:08:23 | 000,086,180 | ---- | C] () wmplayer.adm -> C:\WINDOWS\System32\dllcache\wmplayer.adm -> [2010/01/05 15:08:23 | 000,069,612 | ---- | C] () wmplay.chm -> C:\WINDOWS\System32\dllcache\wmplay.chm -> [2010/01/05 15:08:23 | 000,023,195 | ---- | C] () wmpaud1.wav -> C:\WINDOWS\System32\dllcache\wmpaud1.wav -> [2010/01/05 15:08:22 | 000,354,468 | ---- | C] () wmpaud3.wav -> C:\WINDOWS\System32\dllcache\wmpaud3.wav -> [2010/01/05 15:08:22 | 000,172,196 | ---- | C] () wmpaud2.wav -> C:\WINDOWS\System32\dllcache\wmpaud2.wav -> [2010/01/05 15:08:22 | 000,086,180 | ---- | C] () wmp.inf -> C:\WINDOWS\System32\dllcache\wmp.inf -> [2010/01/05 15:08:22 | 000,029,070 | ---- | C] () wmdm.inf -> C:\WINDOWS\System32\dllcache\wmdm.inf -> [2010/01/05 15:08:19 | 000,017,272 | ---- | C] () wmfsdk.inf -> C:\WINDOWS\System32\dllcache\wmfsdk.inf -> [2010/01/05 15:08:19 | 000,006,769 | ---- | C] () wm7.gif -> C:\WINDOWS\System32\dllcache\wm7.gif -> [2010/01/05 15:08:18 | 000,008,677 | ---- | C] () wm9.gif -> C:\WINDOWS\System32\dllcache\wm9.gif -> [2010/01/05 15:08:18 | 000,007,892 | ---- | C] () wm2.gif -> C:\WINDOWS\System32\dllcache\wm2.gif -> [2010/01/05 15:08:18 | 000,007,636 | ---- | C] () wm4.gif -> C:\WINDOWS\System32\dllcache\wm4.gif -> [2010/01/05 15:08:18 | 000,007,369 | ---- | C] () wm3.gif -> C:\WINDOWS\System32\dllcache\wm3.gif -> [2010/01/05 15:08:18 | 000,006,241 | ---- | C] () wm6.gif -> C:\WINDOWS\System32\dllcache\wm6.gif -> [2010/01/05 15:08:18 | 000,006,060 | ---- | C] () wm1.gif -> C:\WINDOWS\System32\dllcache\wm1.gif -> [2010/01/05 15:08:18 | 000,005,789 | ---- | C] () wm8.gif -> C:\WINDOWS\System32\dllcache\wm8.gif -> [2010/01/05 15:08:18 | 000,004,193 | ---- | C] () wm5.gif -> C:\WINDOWS\System32\dllcache\wm5.gif -> [2010/01/05 15:08:18 | 000,002,477 | ---- | C] () viz.wmv -> C:\WINDOWS\System32\dllcache\viz.wmv -> [2010/01/05 15:08:11 | 000,300,969 | ---- | C] () videobg.gif -> C:\WINDOWS\System32\dllcache\videobg.gif -> [2010/01/05 15:08:11 | 000,017,489 | ---- | C] () vidsamp.gif -> C:\WINDOWS\System32\dllcache\vidsamp.gif -> [2010/01/05 15:08:11 | 000,005,290 | ---- | C] () tourbg.gif -> C:\WINDOWS\System32\dllcache\tourbg.gif -> [2010/01/05 15:08:03 | 000,023,829 | ---- | C] () tour.js -> C:\WINDOWS\System32\dllcache\tour.js -> [2010/01/05 15:08:03 | 000,003,187 | ---- | C] () tplay.gif -> C:\WINDOWS\System32\dllcache\tplay.gif -> [2010/01/05 15:08:03 | 000,002,469 | ---- | C] () tpause.gif -> C:\WINDOWS\System32\dllcache\tpause.gif -> [2010/01/05 15:08:03 | 000,002,450 | ---- | C] () tplayh.gif -> C:\WINDOWS\System32\dllcache\tplayh.gif -> [2010/01/05 15:08:03 | 000,002,375 | ---- | C] () tpauseh.gif -> C:\WINDOWS\System32\dllcache\tpauseh.gif -> [2010/01/05 15:08:03 | 000,002,371 | ---- | C] () taon.gif -> C:\WINDOWS\System32\dllcache\taon.gif -> [2010/01/05 15:08:01 | 000,001,398 | ---- | C] () taonh.gif -> C:\WINDOWS\System32\dllcache\taonh.gif -> [2010/01/05 15:08:01 | 000,001,380 | ---- | C] () taoff.gif -> C:\WINDOWS\System32\dllcache\taoff.gif -> [2010/01/05 15:08:01 | 000,001,380 | ---- | C] () taoffh.gif -> C:\WINDOWS\System32\dllcache\taoffh.gif -> [2010/01/05 15:08:01 | 000,001,367 | ---- | C] () snd.htm -> C:\WINDOWS\System32\dllcache\snd.htm -> [2010/01/05 15:07:53 | 000,001,148 | ---- | C] () skins.inf -> C:\WINDOWS\System32\dllcache\skins.inf -> [2010/01/05 15:07:51 | 000,000,908 | ---- | C] () rtuner.wmv -> C:\WINDOWS\System32\dllcache\rtuner.wmv -> [2010/01/05 15:07:42 | 000,572,557 | ---- | C] () revert.wmz -> C:\WINDOWS\System32\dllcache\revert.wmz -> [2010/01/05 15:07:39 | 000,066,725 | ---- | C] () plyr_err.chm -> C:\WINDOWS\System32\dllcache\plyr_err.chm -> [2010/01/05 15:07:28 | 000,077,307 | ---- | C] () plylst6.wpl -> C:\WINDOWS\System32\dllcache\plylst6.wpl -> [2010/01/05 15:07:28 | 000,001,477 | ---- | C] () plylst7.wpl -> C:\WINDOWS\System32\dllcache\plylst7.wpl -> [2010/01/05 15:07:28 | 000,001,046 | ---- | C] () plylst8.wpl -> C:\WINDOWS\System32\dllcache\plylst8.wpl -> [2010/01/05 15:07:28 | 000,001,036 | ---- | C] () plylst9.wpl -> C:\WINDOWS\System32\dllcache\plylst9.wpl -> [2010/01/05 15:07:28 | 000,000,784 | ---- | C] () plylst5.wpl -> C:\WINDOWS\System32\dllcache\plylst5.wpl -> [2010/01/05 15:07:27 | 000,001,477 | ---- | C] () plylst3.wpl -> C:\WINDOWS\System32\dllcache\plylst3.wpl -> [2010/01/05 15:07:27 | 000,001,474 | ---- | C] () plylst12.wpl -> C:\WINDOWS\System32\dllcache\plylst12.wpl -> [2010/01/05 15:07:27 | 000,001,451 | ---- | C] () plylst4.wpl -> C:\WINDOWS\System32\dllcache\plylst4.wpl -> [2010/01/05 15:07:27 | 000,001,448 | ---- | C] () plylst1.wpl -> C:\WINDOWS\System32\dllcache\plylst1.wpl -> [2010/01/05 15:07:27 | 000,001,250 | ---- | C] () plylst2.wpl -> C:\WINDOWS\System32\dllcache\plylst2.wpl -> [2010/01/05 15:07:27 | 000,001,049 | ---- | C] () plylst11.wpl -> C:\WINDOWS\System32\dllcache\plylst11.wpl -> [2010/01/05 15:07:27 | 000,000,789 | ---- | C] () plylst10.wpl -> C:\WINDOWS\System32\dllcache\plylst10.wpl -> [2010/01/05 15:07:27 | 000,000,787 | ---- | C] () plylst13.wpl -> C:\WINDOWS\System32\dllcache\plylst13.wpl -> [2010/01/05 15:07:27 | 000,000,783 | ---- | C] () plylst14.wpl -> C:\WINDOWS\System32\dllcache\plylst14.wpl -> [2010/01/05 15:07:27 | 000,000,775 | ---- | C] () plylst15.wpl -> C:\WINDOWS\System32\dllcache\plylst15.wpl -> [2010/01/05 15:07:27 | 000,000,733 | ---- | C] () nuskin.wmv -> C:\WINDOWS\System32\dllcache\nuskin.wmv -> [2010/01/05 15:07:14 | 000,375,519 | ---- | C] () npds.zip -> C:\WINDOWS\System32\dllcache\npds.zip -> [2010/01/05 15:07:05 | 000,022,060 | ---- | C] () npdrmv2.zip -> C:\WINDOWS\System32\dllcache\npdrmv2.zip -> [2010/01/05 15:07:05 | 000,000,403 | ---- | C] () mplayer2.hlp -> C:\WINDOWS\System32\dllcache\mplayer2.hlp -> [2010/01/05 15:06:15 | 000,097,117 | ---- | C] () mplayer2.inf -> C:\WINDOWS\System32\dllcache\mplayer2.inf -> [2010/01/05 15:06:15 | 000,018,286 | ---- | C] () mplogoh.gif -> C:\WINDOWS\System32\dllcache\mplogoh.gif -> [2010/01/05 15:06:15 | 000,002,778 | ---- | C] () mplogo.gif -> C:\WINDOWS\System32\dllcache\mplogo.gif -> [2010/01/05 15:06:15 | 000,002,545 | ---- | C] () mplayer2.cnt -> C:\WINDOWS\System32\dllcache\mplayer2.cnt -> [2010/01/05 15:06:15 | 000,001,885 | ---- | C] () mdlib.wmv -> C:\WINDOWS\System32\dllcache\mdlib.wmv -> [2010/01/05 15:05:58 | 000,457,607 | ---- | C] () events.js -> C:\WINDOWS\System32\dllcache\events.js -> [2010/01/05 15:04:31 | 000,005,971 | ---- | C] () copycd.wmv -> C:\WINDOWS\System32\dllcache\copycd.wmv -> [2010/01/05 15:04:02 | 000,381,425 | ---- | C] () controls.css -> C:\WINDOWS\System32\dllcache\controls.css -> [2010/01/05 15:04:02 | 000,009,585 | ---- | C] () contents.htm -> C:\WINDOWS\System32\dllcache\contents.htm -> [2010/01/05 15:04:02 | 000,008,298 | ---- | C] () controls.js -> C:\WINDOWS\System32\dllcache\controls.js -> [2010/01/05 15:04:02 | 000,006,878 | ---- | C] () compact.wmz -> C:\WINDOWS\System32\dllcache\compact.wmz -> [2010/01/05 15:03:59 | 000,184,959 | ---- | C] () cnth.gif -> C:\WINDOWS\System32\dllcache\cnth.gif -> [2010/01/05 15:03:57 | 000,000,773 | ---- | C] () cnt.gif -> C:\WINDOWS\System32\dllcache\cnt.gif -> [2010/01/05 15:03:57 | 000,000,773 | ---- | C] () cntd.gif -> C:\WINDOWS\System32\dllcache\cntd.gif -> [2010/01/05 15:03:57 | 000,000,772 | ---- | C] () cloapph.gif -> C:\WINDOWS\System32\dllcache\cloapph.gif -> [2010/01/05 15:03:56 | 000,000,760 | ---- | C] () cloapp.gif -> C:\WINDOWS\System32\dllcache\cloapp.gif -> [2010/01/05 15:03:56 | 000,000,717 | ---- | C] () bktrh.gif -> C:\WINDOWS\System32\dllcache\bktrh.gif -> [2010/01/05 15:03:43 | 000,000,999 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/01/02 23:25:22 | 000,000,696 | ---- | C] () hiberfil.sys -> C:\hiberfil.sys -> [2010/01/01 22:49:05 | 401,068,032 | -HS- | C] () xjis.nls -> C:\WINDOWS\System32\dllcache\xjis.nls -> [2010/01/01 22:47:26 | 000,028,288 | ---- | C] () prcp.nls -> C:\WINDOWS\System32\dllcache\prcp.nls -> [2010/01/01 22:46:35 | 000,083,748 | ---- | C] () prc.nls -> C:\WINDOWS\System32\dllcache\prc.nls -> [2010/01/01 22:46:35 | 000,083,748 | ---- | C] () pintlcsa.dll -> C:\WINDOWS\System32\dllcache\pintlcsa.dll -> [2010/01/01 22:46:34 | 000,175,104 | ---- | C] () korwbrkr.lex -> C:\WINDOWS\System32\dllcache\korwbrkr.lex -> [2010/01/01 22:46:02 | 001,158,818 | ---- | C] () ksc.nls -> C:\WINDOWS\System32\dllcache\ksc.nls -> [2010/01/01 22:46:02 | 000,047,066 | ---- | C] () imscinst.exe -> C:\WINDOWS\System32\dllcache\imscinst.exe -> [2010/01/01 22:45:53 | 000,059,392 | ---- | C] () imjpinst.exe -> C:\WINDOWS\System32\dllcache\imjpinst.exe -> [2010/01/01 22:45:52 | 000,196,665 | ---- | C] () imekr.lex -> C:\WINDOWS\System32\dllcache\imekr.lex -> [2010/01/01 22:45:50 | 000,134,339 | ---- | C] () hwxjpn.dll -> C:\WINDOWS\System32\dllcache\hwxjpn.dll -> [2010/01/01 22:45:40 | 013,463,552 | ---- | C] () hanja.lex -> C:\WINDOWS\System32\dllcache\hanja.lex -> [2010/01/01 22:45:35 | 000,108,827 | ---- | C] () chtskf.dll -> C:\WINDOWS\System32\dllcache\chtskf.dll -> [2010/01/01 22:45:11 | 000,173,568 | ---- | C] () c_864.nls -> C:\WINDOWS\System32\dllcache\c_864.nls -> [2010/01/01 22:45:06 | 000,066,594 | ---- | C] () c_862.nls -> C:\WINDOWS\System32\dllcache\c_862.nls -> [2010/01/01 22:45:06 | 000,066,594 | ---- | C] () c_858.nls -> C:\WINDOWS\System32\dllcache\c_858.nls -> [2010/01/01 22:45:06 | 000,066,594 | ---- | C] () c_720.nls -> C:\WINDOWS\System32\dllcache\c_720.nls -> [2010/01/01 22:45:06 | 000,066,594 | ---- | C] () c_870.nls -> C:\WINDOWS\System32\dllcache\c_870.nls -> [2010/01/01 22:45:06 | 000,066,082 | ---- | C] () c_708.nls -> C:\WINDOWS\System32\dllcache\c_708.nls -> [2010/01/01 22:45:06 | 000,066,082 | ---- | C] () c_20932.nls -> C:\WINDOWS\System32\dllcache\c_20932.nls -> [2010/01/01 22:45:05 | 000,180,770 | ---- | C] () c_20949.nls -> C:\WINDOWS\System32\dllcache\c_20949.nls -> [2010/01/01 22:45:05 | 000,177,698 | ---- | C] () c_20936.nls -> C:\WINDOWS\System32\dllcache\c_20936.nls -> [2010/01/01 22:45:05 | 000,173,602 | ---- | C] () c_28596.nls -> C:\WINDOWS\System32\dllcache\c_28596.nls -> [2010/01/01 22:45:05 | 000,066,082 | ---- | C] () c_21027.nls -> C:\WINDOWS\System32\dllcache\c_21027.nls -> [2010/01/01 22:45:05 | 000,066,082 | ---- | C] () c_21025.nls -> C:\WINDOWS\System32\dllcache\c_21025.nls -> [2010/01/01 22:45:05 | 000,066,082 | ---- | C] () c_20924.nls -> C:\WINDOWS\System32\dllcache\c_20924.nls -> [2010/01/01 22:45:05 | 000,066,082 | ---- | C] () c_20880.nls -> C:\WINDOWS\System32\dllcache\c_20880.nls -> [2010/01/01 22:45:05 | 000,066,082 | ---- | C] () c_20871.nls -> C:\WINDOWS\System32\dllcache\c_20871.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20838.nls -> C:\WINDOWS\System32\dllcache\c_20838.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20833.nls -> C:\WINDOWS\System32\dllcache\c_20833.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20424.nls -> C:\WINDOWS\System32\dllcache\c_20424.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20423.nls -> C:\WINDOWS\System32\dllcache\c_20423.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20420.nls -> C:\WINDOWS\System32\dllcache\c_20420.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20297.nls -> C:\WINDOWS\System32\dllcache\c_20297.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20290.nls -> C:\WINDOWS\System32\dllcache\c_20290.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20285.nls -> C:\WINDOWS\System32\dllcache\c_20285.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20284.nls -> C:\WINDOWS\System32\dllcache\c_20284.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20280.nls -> C:\WINDOWS\System32\dllcache\c_20280.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20278.nls -> C:\WINDOWS\System32\dllcache\c_20278.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20277.nls -> C:\WINDOWS\System32\dllcache\c_20277.nls -> [2010/01/01 22:45:04 | 000,066,082 | ---- | C] () c_20005.nls -> C:\WINDOWS\System32\dllcache\c_20005.nls -> [2010/01/01 22:45:03 | 000,187,938 | ---- | C] () c_20001.nls -> C:\WINDOWS\System32\dllcache\c_20001.nls -> [2010/01/01 22:45:03 | 000,186,402 | ---- | C] () c_20003.nls -> C:\WINDOWS\System32\dllcache\c_20003.nls -> [2010/01/01 22:45:03 | 000,185,378 | ---- | C] () c_20004.nls -> C:\WINDOWS\System32\dllcache\c_20004.nls -> [2010/01/01 22:45:03 | 000,180,258 | ---- | C] () c_20002.nls -> C:\WINDOWS\System32\dllcache\c_20002.nls -> [2010/01/01 22:45:03 | 000,173,602 | ---- | C] () c_20273.nls -> C:\WINDOWS\System32\dllcache\c_20273.nls -> [2010/01/01 22:45:03 | 000,066,082 | ---- | C] () c_20269.nls -> C:\WINDOWS\System32\dllcache\c_20269.nls -> [2010/01/01 22:45:03 | 000,066,082 | ---- | C] () c_20108.nls -> C:\WINDOWS\System32\dllcache\c_20108.nls -> [2010/01/01 22:45:03 | 000,066,082 | ---- | C] () c_20107.nls -> C:\WINDOWS\System32\dllcache\c_20107.nls -> [2010/01/01 22:45:03 | 000,066,082 | ---- | C] () c_20106.nls -> C:\WINDOWS\System32\dllcache\c_20106.nls -> [2010/01/01 22:45:03 | 000,066,082 | ---- | C] () c_20105.nls -> C:\WINDOWS\System32\dllcache\c_20105.nls -> [2010/01/01 22:45:03 | 000,066,082 | ---- | C] () c_1361.nls -> C:\WINDOWS\System32\dllcache\c_1361.nls -> [2010/01/01 22:45:02 | 000,189,986 | ---- | C] () c_20000.nls -> C:\WINDOWS\System32\dllcache\c_20000.nls -> [2010/01/01 22:45:02 | 000,180,258 | ---- | C] () c_1149.nls -> C:\WINDOWS\System32\dllcache\c_1149.nls -> [2010/01/01 22:45:02 | 000,066,082 | ---- | C] () c_1148.nls -> C:\WINDOWS\System32\dllcache\c_1148.nls -> [2010/01/01 22:45:02 | 000,066,082 | ---- | C] () c_1147.nls -> C:\WINDOWS\System32\dllcache\c_1147.nls -> [2010/01/01 22:45:02 | 000,066,082 | ---- | C] () c_1146.nls -> C:\WINDOWS\System32\dllcache\c_1146.nls -> [2010/01/01 22:45:02 | 000,066,082 | ---- | C] () c_1145.nls -> C:\WINDOWS\System32\dllcache\c_1145.nls -> [2010/01/01 22:45:02 | 000,066,082 | ---- | C] () c_10008.nls -> C:\WINDOWS\System32\dllcache\c_10008.nls -> [2010/01/01 22:45:01 | 000,173,602 | ---- | C] () c_1144.nls -> C:\WINDOWS\System32\dllcache\c_1144.nls -> [2010/01/01 22:45:01 | 000,066,082 | ---- | C] () c_1143.nls -> C:\WINDOWS\System32\dllcache\c_1143.nls -> [2010/01/01 22:45:01 | 000,066,082 | ---- | C] () c_1142.nls -> C:\WINDOWS\System32\dllcache\c_1142.nls -> [2010/01/01 22:45:01 | 000,066,082 | ---- | C] () c_1141.nls -> C:\WINDOWS\System32\dllcache\c_1141.nls -> [2010/01/01 22:45:01 | 000,066,082 | ---- | C] () c_1140.nls -> C:\WINDOWS\System32\dllcache\c_1140.nls -> [2010/01/01 22:45:01 | 000,066,082 | ---- | C] () c_1047.nls -> C:\WINDOWS\System32\dllcache\c_1047.nls -> [2010/01/01 22:45:01 | 000,066,082 | ---- | C] () c_10021.nls -> C:\WINDOWS\System32\dllcache\c_10021.nls -> [2010/01/01 22:45:01 | 000,066,082 | ---- | C] () c_10002.nls -> C:\WINDOWS\System32\dllcache\c_10002.nls -> [2010/01/01 22:45:00 | 000,195,618 | ---- | C] () c_10003.nls -> C:\WINDOWS\System32\dllcache\c_10003.nls -> [2010/01/01 22:45:00 | 000,177,698 | ---- | C] () c_10001.nls -> C:\WINDOWS\System32\dllcache\c_10001.nls -> [2010/01/01 22:45:00 | 000,162,850 | ---- | C] () c_10005.nls -> C:\WINDOWS\System32\dllcache\c_10005.nls -> [2010/01/01 22:45:00 | 000,066,082 | ---- | C] () c_10004.nls -> C:\WINDOWS\System32\dllcache\c_10004.nls -> [2010/01/01 22:45:00 | 000,066,082 | ---- | C] () bopomofo.nls -> C:\WINDOWS\System32\dllcache\bopomofo.nls -> [2010/01/01 22:44:59 | 000,082,172 | ---- | C] () big5.nls -> C:\WINDOWS\System32\dllcache\big5.nls -> [2010/01/01 22:44:59 | 000,066,728 | ---- | C] () logonui.exe.manifest -> C:\WINDOWS\System32\logonui.exe.manifest -> [2010/01/01 22:43:05 | 000,000,488 | RH-- | C] () wuaucpl.cpl.manifest -> C:\WINDOWS\System32\wuaucpl.cpl.manifest -> [2010/01/01 22:42:58 | 000,000,749 | RH-- | C] () WindowsShell.Manifest -> C:\WINDOWS\WindowsShell.Manifest -> [2010/01/01 22:42:58 | 000,000,749 | RH-- | C] () sapi.cpl.manifest -> C:\WINDOWS\System32\sapi.cpl.manifest -> [2010/01/01 22:42:58 | 000,000,749 | RH-- | C] () ncpa.cpl.manifest -> C:\WINDOWS\System32\ncpa.cpl.manifest -> [2010/01/01 22:42:58 | 000,000,749 | RH-- | C] () IASNT4.CAT -> C:\WINDOWS\System32\dllcache\IASNT4.CAT -> [2010/01/01 22:30:51 | 000,008,574 | ---- | C] () OEMBIOS.CAT -> C:\WINDOWS\System32\dllcache\OEMBIOS.CAT -> [2010/01/01 22:30:51 | 000,007,382 | ---- | C] () NT5IIS.CAT -> C:\WINDOWS\System32\dllcache\NT5IIS.CAT -> [2010/01/01 22:30:50 | 000,797,189 | ---- | C] () MAPIMIG.CAT -> C:\WINDOWS\System32\dllcache\MAPIMIG.CAT -> [2010/01/01 22:30:50 | 000,399,645 | ---- | C] () MW770.CAT -> C:\WINDOWS\System32\dllcache\MW770.CAT -> [2010/01/01 22:30:50 | 000,037,484 | ---- | C] () HPCRDP.CAT -> C:\WINDOWS\System32\dllcache\HPCRDP.CAT -> [2010/01/01 22:30:50 | 000,013,472 | ---- | C] () MEMORY.DMP -> C:\WINDOWS\MEMORY.DMP -> [2010/01/01 16:55:34 | 401,096,704 | ---- | C] () wivrs.ini -> C:\WINDOWS\wivrs.ini -> [2009/12/27 20:37:36 | 000,000,024 | ---- | C] () iexplore.ini -> C:\WINDOWS\iexplore.ini -> [2009/11/04 13:05:52 | 000,000,022 | ---- | C] () UCharger.sys -> C:\WINDOWS\System32\drivers\UCharger.sys -> [2007/05/15 06:43:50 | 000,013,765 | ---- | C] () SP207.ini -> C:\WINDOWS\System32\SP207.ini -> [2006/11/02 08:27:46 | 000,000,518 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006/06/29 13:58:52 | 000,030,808 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006/06/29 13:53:56 | 000,026,489 | ---- | C] () GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006/04/18 14:39:28 | 000,029,779 | ---- | C] () GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006/04/18 14:39:28 | 000,026,040 | ---- | C] () qt-mt331.dll -> C:\WINDOWS\System32\qt-mt331.dll -> [2004/09/01 10:49:17 | 003,375,104 | ---- | C] () OggDS.dll -> C:\WINDOWS\System32\OggDS.dll -> [2002/10/06 13:42:57 | 000,237,568 | ---- | C] () vorbisenc.dll -> C:\WINDOWS\System32\vorbisenc.dll -> [2002/10/04 18:04:25 | 000,921,600 | ---- | C] () vorbis.dll -> C:\WINDOWS\System32\vorbis.dll -> [2002/10/04 18:04:24 | 000,188,416 | ---- | C] () ogg.dll -> C:\WINDOWS\System32\ogg.dll -> [2002/10/04 18:04:17 | 000,045,056 | ---- | C] () < End of report > [/code]