[code] OTS logfile created on: 3/7/2010 6:49:04 PM - Run 2 OTS by OldTimer - Version 3.1.25.0 Folder = C:\Documents and Settings\User\Desktop\virus tools Windows XP Professional Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2800.1106) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 503.00 Mb Total Physical Memory | 318.00 Mb Available Physical Memory | 63.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 91.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 28.42 Gb Total Space | 22.85 Gb Free Space | 80.41% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: IBM-D0360C6B369 Current User Name: User Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\User\Desktop\virus tools\OTS.exe -> [2010/03/07 01:50:14 | 000,636,928 | ---- | M] (OldTimer Tools) win32bootcfg.exe -> C:\WINDOWS\system32\win32bootcfg.exe -> [2006/08/21 17:20:55 | 000,015,360 | ---- | M] () kybrdff_12.exe -> C:\kybrdff_12.exe -> [2006/08/21 14:41:01 | 000,098,304 | ---- | M] (*&&*#&$*#RU*#Y&*#YR&Y#&RY#R) zgtfxcob.exe -> C:\WINDOWS\system32\zgtfxcob.exe -> [2006/03/16 21:04:15 | 000,075,264 | -H-- | M] () nwnmfg_8.exe -> C:\nwnmfg_8.exe -> [2006/03/05 21:57:31 | 000,032,768 | ---- | M] (rew9q8er3289374823748782474723842) sqlmanagement.exe -> C:\WINDOWS\sqlmanagement.exe -> [2006/02/24 06:44:28 | 000,189,952 | RHS- | M] () win32host.exe -> C:\WINDOWS\win32host.exe -> [2006/02/18 03:46:46 | 000,039,936 | ---- | M] () updmgr.exe -> C:\WINDOWS\update\updmgr.exe -> [2006/02/07 08:11:34 | 000,023,040 | ---- | M] () vcshost.exe -> C:\WINDOWS\system32\vcshost.exe -> [2006/02/07 03:48:19 | 000,091,484 | RHS- | M] () xpagent.exe -> C:\Program Files\Xpoint\agent\Xpagent.exe -> [2003/04/25 16:59:00 | 000,098,304 | ---- | M] () xpclient.exe -> C:\Program Files\Xpoint\EEClient\Xpclient.exe -> [2003/04/25 16:58:06 | 000,831,551 | ---- | M] (Xpoint Technologies) xpadmin.exe -> C:\Program Files\Xpoint\xpadmin\xpadmin.exe -> [2003/04/25 16:56:48 | 000,028,672 | ---- | M] () rrpcsb.exe -> C:\Program Files\Xpoint\PE\Skin\RRPCSB.EXE -> [2003/04/16 00:17:16 | 000,167,936 | ---- | M] () pcrecsa.exe -> C:\Program Files\Xpoint\PE\PCRecSA.exe -> [2003/04/15 17:52:46 | 002,702,336 | ---- | M] () javaw.exe -> C:\Program Files\Xpoint\SAS\JRE\bin\javaw.exe -> [2003/04/11 16:43:00 | 000,020,549 | ---- | M] () ibmmessages.exe -> C:\Program Files\IBM\Messages By IBM\ibmmessages.exe -> [2003/04/10 03:03:10 | 000,532,480 | ---- | M] (IBM) smagent.exe -> C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -> [2002/09/21 00:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) explorer.exe -> C:\WINDOWS\explorer.exe -> [2002/08/29 11:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) msnmsgsm.exe -> C:\WINDOWS\system32\msnmsgsm.exe -> [2002/08/29 11:41:24 | 000,196,096 | RHS- | M] () ddosygate.exe -> C:\WINDOWS\system32\ddoSygate.exe -> [2002/08/29 11:41:24 | 000,144,896 | RHS- | M] () cmd.exe -> C:\WINDOWS\system32\cmd.exe -> [2001/08/18 10:00:00 | 000,375,808 | ---- | M] (Microsoft Corporation) [Modules - Safe List] ots.exe -> C:\Documents and Settings\User\Desktop\virus tools\OTS.exe -> [2010/03/07 01:50:14 | 000,636,928 | ---- | M] (OldTimer Tools) syncor11.dll -> C:\WINDOWS\system32\Syncor11.dll -> [2002/11/07 03:00:38 | 000,040,820 | ---- | M] (SoundMAX) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll -> [2002/08/29 11:41:32 | 000,921,600 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (€? ) ¾2:¡/ wù:GŸ·siÖ [Disabled | Stopped] -> C:\WINDOWS\mnsmsgr.exe -> [2006/03/05 23:09:40 | 000,053,760 | RHS- | M] () (sqlmanagement) sqlmanagement [Auto | Running] -> C:\WINDOWS\sqlmanagement.exe -> [2006/02/24 06:44:28 | 000,189,952 | RHS- | M] () (Win32Kernel) Win32 Kernel Update [Auto | Running] -> C:\WINDOWS\win32host.exe -> [2006/02/18 03:46:46 | 000,039,936 | ---- | M] () (UpdateManager) Windows Update Manager [Auto | Running] -> C:\WINDOWS\update\updmgr.exe -> [2006/02/07 08:11:34 | 000,023,040 | ---- | M] () (lxce_device) lxce_device [On_Demand | Stopped] -> C:\WINDOWS\System32\lxcecoms.exe -> [2005/07/06 10:14:12 | 000,471,040 | ---- | M] (Lexmark International, Inc.) (SNDSrvc) Symantec Network Drivers Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -> [2005/04/05 19:17:22 | 000,206,552 | ---- | M] (Symantec Corporation) (PCRadminServer) Xpoint PCRadmin Server [Auto | Stopped] -> C:\Program Files\Xpoint\PE\pcradmin.exe -> [2003/04/25 17:01:34 | 000,040,960 | ---- | M] () (xpAgentServer) Xpoint Agent Server [Auto | Running] -> C:\Program Files\Xpoint\agent\Xpagent.exe -> [2003/04/25 16:59:00 | 000,098,304 | ---- | M] () (XPadminServer) Xpoint Admin Server [Auto | Running] -> C:\Program Files\Xpoint\xpadmin\xpadmin.exe -> [2003/04/25 16:56:48 | 000,028,672 | ---- | M] () (NetSvc) Intel NCS NetService [On_Demand | Stopped] -> C:\Program Files\Intel\NCS\Sync\NetSvc.exe -> [2003/03/03 21:33:40 | 000,143,360 | ---- | M] (Intel(R) Corporation) (SoundMAX Agent Service (default)) SoundMAX Agent Service [Auto | Running] -> C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -> [2002/09/21 00:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) (PsaSrv) IBM PSA Access Driver Control [On_Demand | Stopped] -> C:\WINDOWS\system32\Psasrv.exe -> [2002/08/12 02:17:04 | 000,026,624 | R--- | M] () (LPDSVC) TCP/IP Print Server [On_Demand | Stopped] -> C:\WINDOWS\system32\tcpsvcs.exe -> [2001/08/18 10:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (rdriv) rdriv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\rdriv.sys -> [2006/03/05 01:12:09 | 000,007,168 | ---- | M] () (SG760_XP) EDUP 802.11g XG760 1211 Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\WlanUZXP.sys -> [2005/05/14 08:37:42 | 000,260,608 | R--- | M] (ZyDAS Technology Corporation) (SYMTDI) SYMTDI [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\SYMTDI.SYS -> [2005/04/05 19:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) (SYMREDRV) SYMREDRV [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -> [2005/04/05 19:17:00 | 000,017,976 | ---- | M] (Symantec Corporation) (psadd) IBM PSA Access Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\psadd.sys -> [2003/04/14 22:31:34 | 000,006,272 | ---- | M] (Windows (R) 2000 DDK provider) (SRFilter) SRFilter [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\srntflt.sys -> [2003/04/11 16:43:18 | 000,084,224 | ---- | M] (Xpoint Technologies, Inc.) (nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2002/08/29 07:16:30 | 000,891,711 | ---- | M] (NVIDIA Corporation) (pelmouse) Mouse Suite Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\PELMOUSE.SYS -> [2002/06/29 02:21:40 | 000,017,251 | ---- | M] (Primax Electronics Ltd.) (pelps2m) PS/2 Mouse Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\PELPS2M.SYS -> [2002/04/12 21:49:40 | 000,029,329 | ---- | M] (Primax Electronics Ltd.) (PMEM) PMEM [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\PMEMNT.SYS -> [2001/09/13 15:58:02 | 000,007,012 | ---- | M] (Microsoft Corporation) (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sparrow.sys -> [2001/08/17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sym_u3.sys -> [2001/08/17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sym_hi.sys -> [2001/08/17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\symc8xx.sys -> [2001/08/17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) (symc810) symc810 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\symc810.sys -> [2001/08/17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) (amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\amdagp.sys -> [2001/08/17 21:58:02 | 000,027,648 | ---- | M] (Advanced Micro Devices, Inc.) (sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sisagp.sys -> [2001/08/17 21:58:02 | 000,026,112 | ---- | M] (Silicon Integrated Systems Corporation) (ultra) ultra [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ultra.sys -> [2001/08/17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) (ql12160) ql12160 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ql12160.sys -> [2001/08/17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) (ql1080) ql1080 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ql1080.sys -> [2001/08/17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) (ql1280) ql1280 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ql1280.sys -> [2001/08/17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) (dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -> [2001/08/17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\mraid35x.sys -> [2001/08/17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) (asc) asc [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\asc.sys -> [2001/08/17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) (asc3550) asc3550 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\asc3550.sys -> [2001/08/17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) (AliIde) AliIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\aliide.sys -> [2001/08/17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\cmdide.sys -> [2001/08/17 21:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ac97intc.sys -> [2001/08/17 20:20:04 | 000,096,256 | ---- | M] (Intel Corporation) (Aspi32) Aspi32 [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\aspi32.sys -> [1999/09/10 11:06:00 | 000,025,244 | ---- | M] (Adaptec) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> c:\secure32.html -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> c:\secure32.html -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://searchbar.findthewebsiteyouneed.com -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> c:\secure32.html -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://searchbar.findthewebsiteyouneed.com -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> c:\secure32.html -> HKEY_USERS\.DEFAULT\: Main\\"Default_Search_URL" -> http://searchbar.findthewebsiteyouneed.com -> HKEY_USERS\.DEFAULT\: Main\\"Local Page" -> c:\secure32.html -> HKEY_USERS\.DEFAULT\: Main\\"Search Page" -> http://searchbar.findthewebsiteyouneed.com -> HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.findthewebsiteyouneed.com -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> c:\secure32.html -> HKEY_USERS\S-1-5-18\: Main\\"Default_Search_URL" -> http://searchbar.findthewebsiteyouneed.com -> HKEY_USERS\S-1-5-18\: Main\\"Local Page" -> c:\secure32.html -> HKEY_USERS\S-1-5-18\: Main\\"Search Page" -> http://searchbar.findthewebsiteyouneed.com -> HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.findthewebsiteyouneed.com -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\] > -> -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\: SearchURL\\"provider" -> -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\: "ProxyEnable" -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla < FireFox Extensions [User Folders] > -> < HOSTS File > ([2010/01/23 15:22:08 | 000,000,000 | ---- | M] - 0 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{8E718888-423F-11D2-876E-00A0C9082467}" [HKLM] -> C:\WINDOWS\system32\msdxm.ocx [&Radio] -> [2002/08/29 11:40:12 | 000,842,268 | ---- | M] () "{CBCC61FA-0221-4ccc-B409-CEE865CACA3A}" [HKLM] -> C:\Program Files\ToolBar888\MyToolBar.dll [ToolBar888] -> File not found "{EA0D26BD-9029-431A-86E0-83152D67828A}" [HKLM] -> C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll [Zango Toolbar] -> File not found < Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{CBCC61FA-0221-4CCC-B409-CEE865CACA3A}" [HKLM] -> C:\Program Files\ToolBar888\MyToolBar.dll [ToolBar888] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{CBCC61FA-0221-4CCC-B409-CEE865CACA3A}" [HKLM] -> C:\Program Files\ToolBar888\MyToolBar.dll [ToolBar888] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "defender" -> C:\dfndrff_12.exe [C:\\dfndrff_12.exe] -> File not found "KernelFaultCheck" -> [%systemroot%\system32\dumprep 0 -k] -> File not found "keyboard" -> C:\\kybrdff_12.exe [C:\\kybrdff_12.exe] -> [2006/08/21 14:41:01 | 000,098,304 | ---- | M] () "LXCECATS" -> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.DLL [rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16] -> [2005/07/20 13:46:26 | 000,073,728 | ---- | M] () "MDM" -> [MDN.exe] -> File not found "Microsoft (R) Windows Update Manager" -> C:\WINDOWS\update\updmgr.exe [C:\WINDOWS\update\updmgr.exe] -> [2006/02/07 08:11:34 | 000,023,040 | ---- | M] () "Microsoft Windows Update 32" -> [svchost32.exe] -> File not found "MSN messanger" -> C:\WINDOWS\System32\msnmsgsm.exe [msnmsgsm.exe] -> [2002/08/29 11:41:24 | 000,196,096 | RHS- | M] () "newname" -> C:\\nwnmfg_8.exe [C:\\nwnmfg_8.exe] -> [2006/03/05 21:57:31 | 000,032,768 | ---- | M] () "Rapid Restore" -> C:\Program Files\Xpoint\PE\Skin\RRPCSB.EXE [C:\Program Files\Xpoint\PE\Skin\rrpcsb.exe] -> [2003/04/16 00:17:16 | 000,167,936 | ---- | M] () "Real0ne" -> C:\WINDOWS\system32\boys.exe [C:\WINDOWS\System32\boys.exe] -> [2004/11/15 23:06:14 | 000,574,464 | ---- | M] () "REGEDIT" -> C:\Program Files\My App\zlip.exe [C:\Program Files\My App\zlip.exe] -> File not found "SIX" -> [SIX.exe] -> File not found "Sygatedsa Personal Firewall" -> C:\WINDOWS\System32\ddoSygate.exe [ddoSygate.exe] -> [2002/08/29 11:41:24 | 000,144,896 | RHS- | M] () "VCS Host" -> C:\WINDOWS\System32\vcshost.exe [vcshost.exe] -> [2006/02/07 03:48:19 | 000,091,484 | RHS- | M] () "Windows Core Kernel Update" -> C:\WINDOWS\system32\win32bootcfg.exe [C:\WINDOWS\System32\win32bootcfg.exe] -> [2006/08/21 17:20:55 | 000,015,360 | ---- | M] () "Winsock2 wqr1s" -> C:\WINDOWS\System32\zgtfxcob.exe [ZGTFXCOB.EXE] -> [2006/03/16 21:04:15 | 000,075,264 | -H-- | M] () < RunOnceEx [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx -> "RRPC-nls" -> [] -> File not found < RunServices [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices -> "MDM" -> [MDN.exe] -> File not found "MSN messanger" -> C:\WINDOWS\System32\msnmsgsm.exe [msnmsgsm.exe] -> [2002/08/29 11:41:24 | 000,196,096 | RHS- | M] () "SIX" -> [SIX.exe] -> File not found "Sygatedsa Personal Firewall" -> C:\WINDOWS\System32\ddoSygate.exe [ddoSygate.exe] -> [2002/08/29 11:41:24 | 000,144,896 | RHS- | M] () "System Update" -> [mssetupconf.exe] -> File not found "tutcdchk2" -> C:\WINDOWS\System32\tutcdchk2.exe [c:\windows\system32\tutcdchk2.exe] -> File not found "updwebmin" -> C:\WINDOWS\System32\updwebmin.exe [c:\windows\system32\updwebmin.exe] -> File not found "VCS Host" -> C:\WINDOWS\System32\vcshost.exe [vcshost.exe] -> [2006/02/07 03:48:19 | 000,091,484 | RHS- | M] () < Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "MDM" -> [MDN.exe] -> File not found "Microsoft Windows Update 32" -> [svchost32.exe] -> File not found "Routing" -> [win2k.exe] -> File not found "SIX" -> [SIX.exe] -> File not found < RunOnce [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "MDM" -> [MDN.exe] -> File not found "Microsoft Windows Update 32" -> [svchost32.exe] -> File not found "Routing" -> [win2k.exe] -> File not found "SIX" -> [SIX.exe] -> File not found "Winsock2 wqr1s" -> [] -> File not found < Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "MDM" -> [MDN.exe] -> File not found "Microsoft Windows Update 32" -> [svchost32.exe] -> File not found "Routing" -> [win2k.exe] -> File not found "SIX" -> [SIX.exe] -> File not found < RunOnce [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "MDM" -> [MDN.exe] -> File not found "Microsoft Windows Update 32" -> [svchost32.exe] -> File not found "Routing" -> [win2k.exe] -> File not found "SIX" -> [SIX.exe] -> File not found "Winsock2 wqr1s" -> [] -> File not found < Run [HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\] > -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "ibmmessages" -> C:\Program Files\IBM\Messages By IBM\ibmmessages.exe [C:\Program Files\IBM\Messages By IBM\ibmmessages.exe] -> [2003/04/10 03:03:10 | 000,532,480 | ---- | M] (IBM) "MDM" -> [MDN.exe] -> File not found "Microsoft Windows Update 32" -> [svchost32.exe] -> File not found "SIX" -> [SIX.exe] -> File not found "Sygatedsa Personal Firewall" -> C:\WINDOWS\System32\ddoSygate.exe [ddoSygate.exe] -> [2002/08/29 11:41:24 | 000,144,896 | RHS- | M] () "VCS Host" -> C:\WINDOWS\System32\vcshost.exe [vcshost.exe] -> [2006/02/07 03:48:19 | 000,091,484 | RHS- | M] () < RunOnce [HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\] > -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "Winsock2 wqr1s" -> C:\WINDOWS\System32\zgtfxcob.exe [ZGTFXCOB.EXE] -> [2006/03/16 21:04:15 | 000,075,264 | -H-- | M] () < RunServices [HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\] > -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices -> "System Update" -> [mssetupconf.exe] -> File not found < WinNT Load [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load -> *load* -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load -> C:\WINDOWS\NT\nrcs.exe -> C:\WINDOWS\NT\nrcs.exe -> File not found *MultiFile Done* -> -> < WinNT Load [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load -> *load* -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load -> C:\WINDOWS\NT\nrcs.exe -> C:\WINDOWS\NT\nrcs.exe -> File not found *MultiFile Done* -> -> < Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < User Startup Folder > -> C:\Documents and Settings\User\Start Menu\Programs\Startup -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDrives" -> [8] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run \Run\\"{1C030238-0A64-1033-0905-030313200001}" -> C:\Program Files\Common Files\{1C030238-0A64-1033-0905-030313200001}\Update.exe ["C:\Program Files\Common Files\{1C030238-0A64-1033-0905-030313200001}\Update.exe" mc-110-12-0000144] -> [2006/07/05 09:11:56 | 000,131,072 | ---- | M] () < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableTaskMgr" -> [1] -> File not found \\"DisableRegistryTools" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run \Run\\"{1C030238-0A64-1033-0905-030313200001}" -> C:\Program Files\Common Files\{1C030238-0A64-1033-0905-030313200001}\Update.exe ["C:\Program Files\Common Files\{1C030238-0A64-1033-0905-030313200001}\Update.exe" mc-110-12-0000144] -> [2006/07/05 09:11:56 | 000,131,072 | ---- | M] () < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableTaskMgr" -> [1] -> File not found \\"DisableRegistryTools" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009] > -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009] > -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll [Menu: Sun Java Console] -> [2005/11/10 21:22:12 | 000,069,746 | ---- | M] (Sun Microsystems, Inc.) {c95fe080-8f5d-11d2-a20b-00aa003c157a}:%SystemRoot%\web\related.htm [HKLM] -> C:\WINDOWS\Web\related.htm [Button: @shdoclc.dll,-866] -> [2001/08/18 10:00:00 | 000,000,654 | ---- | M] () {c95fe080-8f5d-11d2-a20b-00aa003c157a}:%SystemRoot%\web\related.htm [HKLM] -> C:\WINDOWS\Web\related.htm [Menu: @shdoclc.dll,-864] -> [2001/08/18 10:00:00 | 000,000,654 | ---- | M] () < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll [Sun Java Console] -> [2005/11/10 21:22:12 | 000,069,746 | ---- | M] (Sun Microsystems, Inc.) CmdMapping\\"{c95fe080-8f5d-11d2-a20b-00aa003c157a}" [HKLM] -> [@shdoclc.dll,-866] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll [Sun Java Console] -> [2005/11/10 21:22:12 | 000,069,746 | ---- | M] (Sun Microsystems, Inc.) CmdMapping\\"{c95fe080-8f5d-11d2-a20b-00aa003c157a}" [HKLM] -> [@shdoclc.dll,-866] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\] > -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll [Sun Java Console] -> [2005/11/10 21:22:12 | 000,069,746 | ---- | M] (Sun Microsystems, Inc.) CmdMapping\\"{c95fe080-8f5d-11d2-a20b-00aa003c157a}" [HKLM] -> [@shdoclc.dll,-866] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> Extension\.spop -> C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Error: Value error.] -> [2001/01/30 21:56:24 | 000,225,280 | ---- | M] (InterTrust Technologies Corporation, Inc.) < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\] > -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\] > -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-800510298-1726393949-3671347744-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1139340454234 [WUWebControl Class] -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156174650718 [MUWebControl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Java Plug-in 1.5.0_06] -> {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Java Plug-in 1.5.0_06] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Java Plug-in 1.5.0_06] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.137.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {00405577-376D-4245-9881-E5877022DDE4}\\DhcpNameServer -> 192.168.137.1 (EDUP Wi-Fi 11g USB adapter) -> {713D59EA-D2F0-41E8-8321-2EFA6C9D9340}\\NameServer -> 62.231.32.10,62.231.32.11 (Intel(R) PRO/100 VE Network Connection) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2002/08/29 11:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> Control Panel -> C:\WINDOWS\System32\guard.tmp -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [System32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2006/01/07 02:07:08 | 000,000,000 | -H-- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> [Registry - Additional Scans - Safe List] < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> 6to4 -> -> File not found Ias -> C:\WINDOWS\system32\ias -> [2003/02/19 21:16:04 | 000,000,000 | ---D | M] Iprip -> -> File not found Irmon -> -> File not found NWCWorkstation -> -> File not found Nwsapagent -> -> File not found WmdmPmSp -> -> File not found *MultiFile Done* -> -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> htmlfile [edit] -> Reg Error: Key error. http [open] -> C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1" -> File not found https [open] -> C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1" -> File not found piffile [open] -> "%1" %* -> regfile [merge] -> Reg Error: Key error. scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2002/08/29 11:41:28 | 000,129,024 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> txtfile [edit] -> Reg Error: Key error. Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [find] -> %SystemRoot%\Explorer.exe -> [2002/08/29 11:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2002/08/29 11:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2002/08/29 11:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2002/08/29 11:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 8/18/2006 9:05:29 AM Computer Name = IBM-D0360C6B369 | Source = Application Error | ID = 1000 -> Description = Faulting application firefox.exe, version 1.8.20060.7278, faulting module nss3.dll, version 3.10.2.0, fault address 0x0002f7ff. Application [ Error ] 8/18/2006 9:11:35 AM Computer Name = IBM-D0360C6B369 | Source = Application Error | ID = 1001 -> Description = Fault bucket 313736036. Application [ Error ] 8/18/2006 9:45:25 AM Computer Name = IBM-D0360C6B369 | Source = Application Error | ID = 1000 -> Description = Faulting application tutcdchk2.exe, version 0.0.0.0, faulting module kernel32.dll, version 5.1.2600.1106, fault address 0x0001650d. Application [ Error ] 8/18/2006 9:45:46 AM Computer Name = IBM-D0360C6B369 | Source = Application Error | ID = 1001 -> Description = Fault bucket 316551620. Application [ Error ] 8/18/2006 11:45:20 AM Computer Name = IBM-D0360C6B369 | Source = MsiInstaller | ID = 10000 -> Description = Application [ Error ] 8/18/2006 11:46:28 AM Computer Name = IBM-D0360C6B369 | Source = Application Error | ID = 1000 -> Description = Faulting application tutcdchk2.exe, version 0.0.0.0, faulting module kernel32.dll, version 5.1.2600.1106, fault address 0x0001650d. Application [ Error ] 8/18/2006 11:47:08 AM Computer Name = IBM-D0360C6B369 | Source = Application Error | ID = 1001 -> Description = Fault bucket 316551620. Application [ Error ] 8/18/2006 5:14:20 PM Computer Name = IBM-D0360C6B369 | Source = Application Error | ID = 1000 -> Description = Faulting application tutcdchk2.exe, version 0.0.0.0, faulting module kernel32.dll, version 5.1.2600.1106, fault address 0x0001650d. Application [ Error ] 8/18/2006 5:20:49 PM Computer Name = IBM-D0360C6B369 | Source = Application Error | ID = 1001 -> Description = Fault bucket 316551620. Application [ Error ] 8/20/2006 9:51:27 AM Computer Name = IBM-D0360C6B369 | Source = Application Error | ID = 1000 -> Description = Faulting application tutcdchk2.exe, version 0.0.0.0, faulting module kernel32.dll, version 5.1.2600.1106, fault address 0x0001650d. System [ Error ] 3/7/2010 2:43:32 PM Computer Name = IBM-D0360C6B369 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} System [ Error ] 3/7/2010 2:43:32 PM Computer Name = IBM-D0360C6B369 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} System [ Error ] 3/7/2010 2:43:32 PM Computer Name = IBM-D0360C6B369 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} System [ Error ] 3/7/2010 2:43:32 PM Computer Name = IBM-D0360C6B369 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} System [ Error ] 3/7/2010 2:43:32 PM Computer Name = IBM-D0360C6B369 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} System [ Error ] 3/7/2010 2:43:32 PM Computer Name = IBM-D0360C6B369 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} System [ Error ] 3/7/2010 2:43:32 PM Computer Name = IBM-D0360C6B369 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} System [ Error ] 3/7/2010 2:44:54 PM Computer Name = IBM-D0360C6B369 | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: vspf vspf_hk System [ Error ] 3/7/2010 2:46:13 PM Computer Name = IBM-D0360C6B369 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} System [ Error ] 3/7/2010 2:46:15 PM Computer Name = IBM-D0360C6B369 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} [Files/Folders - Created Within 30 Days] _OTL -> C:\_OTL -> [2010/03/07 17:01:54 | 000,000,000 | ---D | C] Avenger -> C:\Avenger -> [2010/03/07 16:58:02 | 000,000,000 | ---D | C] virus tools -> C:\Documents and Settings\User\Desktop\virus tools -> [2010/03/07 16:54:19 | 000,000,000 | ---D | C] IBM -> C:\Documents and Settings\User\Application Data\IBM -> [2010/03/07 04:54:28 | 000,000,000 | ---D | C] Macromedia -> C:\Documents and Settings\User\Application Data\Macromedia -> [2010/03/07 04:41:43 | 000,000,000 | ---D | C] WlanUZXP.sys -> C:\WINDOWS\System32\drivers\WlanUZXP.sys -> [2010/03/07 04:38:42 | 000,260,608 | R--- | C] (ZyDAS Technology Corporation) LastGood.Tmp -> C:\WINDOWS\LastGood.Tmp -> [2010/03/07 04:38:41 | 000,000,000 | ---D | C] ERDNT -> C:\WINDOWS\ERDNT -> [2010/03/07 02:56:21 | 000,000,000 | ---D | C] ERUNT -> C:\Program Files\ERUNT -> [2010/03/07 02:55:34 | 000,000,000 | ---D | C] GroupPolicy -> C:\WINDOWS\System32\GroupPolicy -> [2010/03/07 02:08:51 | 000,000,000 | -H-D | C] Malwarebytes -> C:\Documents and Settings\User\Application Data\Malwarebytes -> [2010/03/06 23:21:50 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/03/06 23:21:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/03/06 23:21:37 | 000,018,520 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/03/06 23:21:37 | 000,000,000 | ---D | C] Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/03/06 23:21:37 | 000,000,000 | ---D | C] Mozilla -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla -> [2006/03/10 02:51:16 | 000,000,000 | ---D | M] Mozilla -> C:\Documents and Settings\LocalService\Application Data\Mozilla -> [2006/03/10 02:51:16 | 000,000,000 | ---D | M] Help -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Help -> [2006/03/05 23:16:47 | 000,000,000 | ---D | M] Help -> C:\Documents and Settings\LocalService\Application Data\Help -> [2006/03/05 23:16:47 | 000,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft -> [2003/02/19 21:34:20 | 000,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft -> [2003/02/19 21:34:20 | 000,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2003/02/19 21:19:10 | 000,000,000 | --SD | M] Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2003/02/19 21:19:10 | 000,000,000 | --SD | M] 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> [Files/Folders - Modified Within 30 Days] xt34mxxx -> C:\WINDOWS\System32\xt34mxxx -> [2010/03/07 18:46:15 | 000,002,730 | ---- | M] () IBMVPD.INI -> C:\WINDOWS\IBMVPD.INI -> [2010/03/07 18:46:15 | 000,000,104 | ---- | M] () keyboard1.dat -> C:\WINDOWS\keyboard1.dat -> [2010/03/07 18:46:12 | 000,000,000 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/03/07 18:43:09 | 000,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/03/07 18:43:03 | 000,002,048 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/03/07 18:42:59 | 527,486,976 | -HS- | M] () ntuser.ini -> C:\Documents and Settings\User\ntuser.ini -> [2010/03/07 18:42:37 | 000,000,180 | -HS- | M] () NTUSER.DAT -> C:\Documents and Settings\User\NTUSER.DAT -> [2010/03/07 18:42:36 | 000,786,432 | -H-- | M] () IconCache.db -> C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db -> [2010/03/07 04:56:35 | 004,829,106 | -H-- | M] () ERUNT.lnk -> C:\Documents and Settings\User\Desktop\ERUNT.lnk -> [2010/03/07 02:55:34 | 000,000,603 | ---- | M] () ntuser.pol -> C:\Documents and Settings\User\ntuser.pol -> [2010/03/07 02:09:44 | 000,000,396 | RHS- | M] () 987.reg -> C:\WINDOWS\System32\987.reg -> [2010/03/07 01:42:15 | 000,000,123 | ---- | M] () 376.reg -> C:\WINDOWS\System32\376.reg -> [2010/03/07 01:42:12 | 000,000,123 | ---- | M] () 535.reg -> C:\WINDOWS\System32\535.reg -> [2010/03/06 23:36:57 | 000,000,123 | ---- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/03/06 23:21:42 | 000,000,707 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/03/06 23:13:33 | 000,002,278 | ---- | M] () 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> [Files - No Company Name] ERUNT.lnk -> C:\Documents and Settings\User\Desktop\ERUNT.lnk -> [2010/03/07 02:55:34 | 000,000,603 | ---- | C] () ntuser.pol -> C:\Documents and Settings\User\ntuser.pol -> [2010/03/07 02:09:44 | 000,000,396 | RHS- | C] () hiberfil.sys -> C:\hiberfil.sys -> [2010/03/07 02:03:35 | 527,486,976 | -HS- | C] () 987.reg -> C:\WINDOWS\System32\987.reg -> [2010/03/07 01:42:15 | 000,000,123 | ---- | C] () 376.reg -> C:\WINDOWS\System32\376.reg -> [2010/03/07 01:42:12 | 000,000,123 | ---- | C] () 535.reg -> C:\WINDOWS\System32\535.reg -> [2010/03/06 23:36:57 | 000,000,123 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/03/06 23:21:42 | 000,000,707 | ---- | C] () wininit.ini -> C:\WINDOWS\wininit.ini -> [2010/01/23 15:30:55 | 000,000,164 | ---- | C] () fpr8039ue.dll -> C:\WINDOWS\System32\fpr8039ue.dll -> [2010/01/23 15:27:13 | 000,235,721 | R-S- | C] () sye.dll -> C:\WINDOWS\System32\sye.dll -> [2010/01/23 15:22:03 | 000,235,721 | R-S- | C] () nmocod.dll -> C:\WINDOWS\System32\nmocod.dll -> [2006/08/21 15:24:27 | 000,240,640 | ---- | C] () IBMVPD.INI -> C:\WINDOWS\IBMVPD.INI -> [2006/08/21 15:22:26 | 000,000,104 | ---- | C] () pmemw.dll -> C:\WINDOWS\System32\pmemw.dll -> [2006/08/21 15:22:25 | 000,028,672 | ---- | C] () mv0ml9d11.dll -> C:\WINDOWS\System32\mv0ml9d11.dll -> [2006/08/21 15:21:07 | 000,236,830 | R-S- | C] () hI0q0cd5ef0.dll -> C:\WINDOWS\System32\hI0q0cd5ef0.dll -> [2006/08/21 15:15:04 | 000,234,903 | R-S- | C] () sfi.dll -> C:\WINDOWS\System32\sfi.dll -> [2006/08/21 15:11:30 | 000,233,526 | R-S- | C] () eV02ledo1h0c.dll -> C:\WINDOWS\System32\eV02ledo1h0c.dll -> [2006/08/21 14:48:47 | 000,233,526 | R-S- | C] () jt6007jme.dll -> C:\WINDOWS\System32\jt6007jme.dll -> [2006/08/21 14:48:45 | 000,233,593 | R-S- | C] () azaolc131f.dll -> C:\WINDOWS\System32\azaolc131f.dll -> [2006/08/21 14:45:54 | 000,235,154 | R-S- | C] () eucbbbc.dll -> C:\WINDOWS\System32\eucbbbc.dll -> [2006/08/21 14:40:08 | 000,233,526 | R-S- | C] () e402ledo1h0c.dll -> C:\WINDOWS\System32\e402ledo1h0c.dll -> [2006/08/21 14:40:07 | 000,234,730 | R-S- | C] () l44qleh51h4.dll -> C:\WINDOWS\System32\l44qleh51h4.dll -> [2006/08/20 11:42:34 | 000,233,526 | R-S- | C] () azam0cf1ef2.dll -> C:\WINDOWS\System32\azam0cf1ef2.dll -> [2006/08/19 00:06:57 | 000,233,526 | R-S- | C] () s2rslc971f.dll -> C:\WINDOWS\System32\s2rslc971f.dll -> [2006/08/18 20:32:17 | 000,233,526 | R-S- | C] () lv4o09h3e.dll -> C:\WINDOWS\System32\lv4o09h3e.dll -> [2006/08/18 14:12:40 | 000,233,539 | R-S- | C] () azam09d1e.dll -> C:\WINDOWS\System32\azam09d1e.dll -> [2006/08/18 12:47:50 | 000,233,526 | R-S- | C] () l20u0cd9ef0.dll -> C:\WINDOWS\System32\l20u0cd9ef0.dll -> [2006/08/18 12:44:42 | 000,234,428 | R-S- | C] () irnml5511.dll -> C:\WINDOWS\System32\irnml5511.dll -> [2006/08/18 12:44:38 | 000,235,118 | R-S- | C] () s4rs0e97eh.dll -> C:\WINDOWS\System32\s4rs0e97eh.dll -> [2006/08/18 12:37:48 | 000,234,320 | R-S- | C] () n6r20g9oe6.dll -> C:\WINDOWS\System32\n6r20g9oe6.dll -> [2006/08/18 12:37:43 | 000,233,526 | R-S- | C] () kbfcaww.dll -> C:\WINDOWS\System32\kbfcaww.dll -> [2006/08/18 12:25:18 | 000,233,526 | R-S- | C] () o4pq0e75eh.dll -> C:\WINDOWS\System32\o4pq0e75eh.dll -> [2006/08/18 12:25:17 | 000,234,100 | R-S- | C] () ktl4l73q1.dll -> C:\WINDOWS\System32\ktl4l73q1.dll -> [2006/08/18 12:25:12 | 000,233,526 | R-S- | C] () ktlml7311.dll -> C:\WINDOWS\System32\ktlml7311.dll -> [2006/08/18 12:20:15 | 000,234,663 | R-S- | C] () fpnm0351e.dll -> C:\WINDOWS\System32\fpnm0351e.dll -> [2006/08/18 12:20:12 | 000,233,526 | R-S- | C] () f22m0cf1ef2.dll -> C:\WINDOWS\System32\f22m0cf1ef2.dll -> [2006/08/18 05:19:41 | 000,233,526 | R-S- | C] () ennul1591.dll -> C:\WINDOWS\System32\ennul1591.dll -> [2006/08/17 23:47:32 | 000,235,477 | R-S- | C] () ukildll.dll -> C:\WINDOWS\System32\ukildll.dll -> [2006/08/17 23:47:32 | 000,233,526 | ---- | C] () unrsdpia.dll -> C:\WINDOWS\System32\unrsdpia.dll -> [2006/08/17 23:47:29 | 000,233,526 | ---- | C] () lv0m09d1e.dll -> C:\WINDOWS\System32\lv0m09d1e.dll -> [2006/08/17 23:47:28 | 000,233,635 | R-S- | C] () mvi.dll -> C:\WINDOWS\System32\mvi.dll -> [2006/08/17 23:44:37 | 000,233,526 | R-S- | C] () hr4s05h7e.dll -> C:\WINDOWS\System32\hr4s05h7e.dll -> [2006/08/17 23:44:32 | 000,234,271 | R-S- | C] () wbecedit.dll -> C:\WINDOWS\System32\wbecedit.dll -> [2006/08/17 23:39:47 | 000,233,526 | R-S- | C] () o8lu0i39e8.dll -> C:\WINDOWS\System32\o8lu0i39e8.dll -> [2006/08/17 23:31:13 | 000,234,464 | R-S- | C] () k626lgfs1626.dll -> C:\WINDOWS\System32\k626lgfs1626.dll -> [2006/08/17 23:28:00 | 000,235,152 | R-S- | C] () nL6qlgj516o.dll -> C:\WINDOWS\System32\nL6qlgj516o.dll -> [2006/03/17 05:36:53 | 000,233,526 | R-S- | C] () l84q0ih5e84.dll -> C:\WINDOWS\System32\l84q0ih5e84.dll -> [2006/03/17 05:22:47 | 000,234,074 | R-S- | C] () lzasrv.dll -> C:\WINDOWS\System32\lzasrv.dll -> [2006/03/17 04:52:45 | 000,237,158 | R-S- | C] () mvn2l95o1.dll -> C:\WINDOWS\System32\mvn2l95o1.dll -> [2006/03/17 04:52:44 | 000,233,877 | R-S- | C] () g2220cfoef2c0.dll -> C:\WINDOWS\System32\g2220cfoef2c0.dll -> [2006/03/17 00:05:42 | 000,235,739 | R-S- | C] () aza2le5o1h.dll -> C:\WINDOWS\System32\aza2le5o1h.dll -> [2006/03/16 20:06:32 | 000,235,446 | R-S- | C] () m4nq0e55eh.dll -> C:\WINDOWS\System32\m4nq0e55eh.dll -> [2006/03/16 09:53:10 | 000,234,888 | R-S- | C] () azaq01j5e.dll -> C:\WINDOWS\System32\azaq01j5e.dll -> [2006/03/16 08:07:18 | 000,235,211 | R-S- | C] () cubcatq.dll -> C:\WINDOWS\System32\cubcatq.dll -> [2006/03/16 05:15:55 | 000,234,334 | R-S- | C] () enj6l11s1.dll -> C:\WINDOWS\System32\enj6l11s1.dll -> [2006/03/15 06:36:32 | 000,234,334 | R-S- | C] () aza2059oe.dll -> C:\WINDOWS\System32\aza2059oe.dll -> [2006/03/15 04:49:39 | 000,234,334 | R-S- | C] () ir6ql5j51.dll -> C:\WINDOWS\System32\ir6ql5j51.dll -> [2006/03/15 02:08:12 | 000,235,899 | R-S- | C] () l64q0gh5e64.dll -> C:\WINDOWS\System32\l64q0gh5e64.dll -> [2006/03/15 01:58:04 | 000,234,880 | R-S- | C] () yVyyxwt.dll -> C:\WINDOWS\System32\yVyyxwt.dll -> [2006/03/14 07:20:32 | 000,234,021 | R-S- | C] () lovely.sys -> C:\WINDOWS\System32\lovely.sys -> [2006/03/11 09:23:57 | 000,036,527 | ---- | C] () msn.dll -> C:\WINDOWS\System32\msn.dll -> [2006/03/11 09:23:57 | 000,018,432 | ---- | C] () knlps.sys -> C:\WINDOWS\System32\knlps.sys -> [2006/03/11 09:23:57 | 000,003,072 | ---- | C] () aliases.ini -> C:\WINDOWS\System32\aliases.ini -> [2006/03/11 09:23:56 | 000,006,192 | ---- | C] () ktn0l75m1.dll -> C:\WINDOWS\System32\ktn0l75m1.dll -> [2006/03/10 02:42:49 | 000,234,241 | R-S- | C] () kvdindev.dll -> C:\WINDOWS\System32\kvdindev.dll -> [2006/03/09 07:05:05 | 000,234,241 | R-S- | C] () mvnol9531.dll -> C:\WINDOWS\System32\mvnol9531.dll -> [2006/03/09 02:57:11 | 000,235,533 | R-S- | C] () p04ulah91d4.dll -> C:\WINDOWS\System32\p04ulah91d4.dll -> [2006/03/09 00:17:08 | 000,235,533 | R-S- | C] () hrrq0595e.dll -> C:\WINDOWS\System32\hrrq0595e.dll -> [2006/03/09 00:07:27 | 000,235,469 | R-S- | C] () kxdycl.dll -> C:\WINDOWS\System32\kxdycl.dll -> [2006/03/08 21:24:16 | 000,235,469 | R-S- | C] () c200lcdm1f0a.dll -> C:\WINDOWS\System32\c200lcdm1f0a.dll -> [2006/03/08 06:00:46 | 000,235,469 | R-S- | C] () jtjq0715e.dll -> C:\WINDOWS\System32\jtjq0715e.dll -> [2006/03/08 00:51:49 | 000,234,249 | R-S- | C] () h0n00a5med.dll -> C:\WINDOWS\System32\h0n00a5med.dll -> [2006/03/07 21:24:07 | 000,234,299 | R-S- | C] () dn8q01l5e.dll -> C:\WINDOWS\System32\dn8q01l5e.dll -> [2006/03/07 06:17:08 | 000,237,054 | R-S- | C] () o2nslc571f.dll -> C:\WINDOWS\System32\o2nslc571f.dll -> [2006/03/07 05:49:47 | 000,234,124 | R-S- | C] () jcmd400.dll -> C:\WINDOWS\System32\jcmd400.dll -> [2006/03/07 05:43:01 | 000,237,054 | R-S- | C] () hrn4055qe.dll -> C:\WINDOWS\System32\hrn4055qe.dll -> [2006/03/07 05:43:01 | 000,237,054 | R-S- | C] () lvp0097me.dll -> C:\WINDOWS\System32\lvp0097me.dll -> [2006/03/07 01:17:50 | 000,235,087 | R-S- | C] () gp04l3dq1.dll -> C:\WINDOWS\System32\gp04l3dq1.dll -> [2006/03/06 23:13:35 | 000,237,145 | R-S- | C] () mh43dmod.dll -> C:\WINDOWS\System32\mh43dmod.dll -> [2006/03/06 23:10:45 | 000,235,087 | R-S- | C] () kt8ol7l31.dll -> C:\WINDOWS\System32\kt8ol7l31.dll -> [2006/03/06 21:41:50 | 000,236,745 | R-S- | C] () enr8l19u1.dll -> C:\WINDOWS\System32\enr8l19u1.dll -> [2006/03/06 21:26:02 | 000,234,193 | R-S- | C] () kmdhu1.dll -> C:\WINDOWS\System32\kmdhu1.dll -> [2006/03/06 19:43:41 | 000,236,745 | R-S- | C] () q6860glse6q60.dll -> C:\WINDOWS\System32\q6860glse6q60.dll -> [2006/03/06 19:02:18 | 000,235,087 | R-S- | C] () lxcevs.dll -> C:\WINDOWS\System32\lxcevs.dll -> [2006/03/06 03:44:30 | 000,040,960 | ---- | C] () r48slel71hq.dll -> C:\WINDOWS\System32\r48slel71hq.dll -> [2006/03/06 03:38:19 | 000,235,087 | R-S- | C] () g4jole131h.dll -> C:\WINDOWS\System32\g4jole131h.dll -> [2006/03/05 23:03:44 | 000,235,087 | R-S- | C] () hrls0537e.dll -> C:\WINDOWS\System32\hrls0537e.dll -> [2006/03/05 22:47:35 | 000,235,087 | R-S- | C] () mvlol9331.dll -> C:\WINDOWS\System32\mvlol9331.dll -> [2006/03/05 22:39:28 | 000,234,027 | R-S- | C] () lxvely.dll -> C:\WINDOWS\System32\lxvely.dll -> [2006/03/05 13:03:11 | 000,234,027 | R-S- | C] () mvl4l93q1.dll -> C:\WINDOWS\System32\mvl4l93q1.dll -> [2006/03/05 12:50:42 | 000,235,466 | R-S- | C] () r46u0ej9eho.dll -> C:\WINDOWS\System32\r46u0ej9eho.dll -> [2006/03/05 09:18:18 | 000,234,991 | R-S- | C] () lvlo0933e.dll -> C:\WINDOWS\System32\lvlo0933e.dll -> [2006/03/05 09:02:14 | 000,234,584 | R-S- | C] () frdrclnr.dll -> C:\WINDOWS\System32\frdrclnr.dll -> [2006/03/05 00:09:12 | 000,236,184 | R-S- | C] () f00olad31d0.dll -> C:\WINDOWS\System32\f00olad31d0.dll -> [2006/03/05 00:09:12 | 000,233,898 | R-S- | C] () lz8609lse.dll -> C:\WINDOWS\System32\lz8609lse.dll -> [2006/03/04 23:56:05 | 000,236,184 | R-S- | C] () mologmgr.dll -> C:\WINDOWS\System32\mologmgr.dll -> [2006/03/04 23:41:28 | 000,236,184 | R-S- | C] () m8juli1918.dll -> C:\WINDOWS\System32\m8juli1918.dll -> [2006/03/04 22:05:44 | 000,234,207 | R-S- | C] () mfsip32.dll -> C:\WINDOWS\System32\mfsip32.dll -> [2006/03/04 21:51:55 | 000,236,184 | R-S- | C] () dzcpmon.dll -> C:\WINDOWS\System32\dzcpmon.dll -> [2006/03/04 21:27:28 | 000,234,022 | R-S- | C] () bZtt.dll -> C:\WINDOWS\System32\bZtt.dll -> [2006/03/04 20:13:37 | 000,236,115 | R-S- | C] () lv0209doe.dll -> C:\WINDOWS\System32\lv0209doe.dll -> [2006/03/04 19:28:43 | 000,236,324 | R-S- | C] () i0lola331d.dll -> C:\WINDOWS\System32\i0lola331d.dll -> [2006/03/04 19:25:19 | 000,233,913 | R-S- | C] () l02slaf71d2.dll -> C:\WINDOWS\System32\l02slaf71d2.dll -> [2006/03/04 19:23:40 | 000,234,108 | R-S- | C] () snarddlg.dll -> C:\WINDOWS\System32\snarddlg.dll -> [2006/03/04 19:20:38 | 000,236,115 | R-S- | C] () fpju0319e.dll -> C:\WINDOWS\System32\fpju0319e.dll -> [2006/03/04 18:17:21 | 000,237,097 | R-S- | C] () dwdmo.dll -> C:\WINDOWS\System32\dwdmo.dll -> [2006/03/04 18:17:21 | 000,236,184 | ---- | C] () cgbcatex.dll -> C:\WINDOWS\System32\cgbcatex.dll -> [2006/03/04 18:09:11 | 000,236,184 | R-S- | C] () esp0l17m1.dll -> C:\WINDOWS\System32\esp0l17m1.dll -> [2006/03/04 17:55:35 | 000,236,184 | ---- | C] () fp0403dqe.dll -> C:\WINDOWS\System32\fp0403dqe.dll -> [2006/03/04 17:55:33 | 000,236,587 | R-S- | C] () f2l02c3mgf.dll -> C:\WINDOWS\System32\f2l02c3mgf.dll -> [2006/03/04 17:44:04 | 000,234,264 | R-S- | C] () akctres.dll -> C:\WINDOWS\System32\akctres.dll -> [2006/03/04 06:16:09 | 000,236,184 | R-S- | C] () mv2ol9f31.dll -> C:\WINDOWS\System32\mv2ol9f31.dll -> [2006/03/04 04:02:14 | 000,233,912 | R-S- | C] () g2jolc131f.dll -> C:\WINDOWS\System32\g2jolc131f.dll -> [2006/03/04 04:00:20 | 000,233,904 | R-S- | C] () mvp0l97m1.dll -> C:\WINDOWS\System32\mvp0l97m1.dll -> [2006/03/04 03:57:31 | 000,237,263 | R-S- | C] () k0lqla351d.dll -> C:\WINDOWS\System32\k0lqla351d.dll -> [2006/03/04 01:08:33 | 000,234,197 | R-S- | C] () hrr2059oe.dll -> C:\WINDOWS\System32\hrr2059oe.dll -> [2006/03/03 23:06:04 | 000,236,184 | R-S- | C] () libprm.dll -> C:\WINDOWS\System32\libprm.dll -> [2006/03/03 20:08:54 | 000,540,672 | -HS- | C] () mvl2l93o1.dll -> C:\WINDOWS\System32\mvl2l93o1.dll -> [2006/03/02 22:44:59 | 000,233,521 | R-S- | C] () rzfsaps.dll -> C:\WINDOWS\System32\rzfsaps.dll -> [2006/03/02 22:30:06 | 000,233,497 | R-S- | C] () j0n20a5oed.dll -> C:\WINDOWS\System32\j0n20a5oed.dll -> [2006/03/02 22:30:06 | 000,233,497 | R-S- | C] () kqdsl1.dll -> C:\WINDOWS\System32\kqdsl1.dll -> [2006/03/02 21:40:32 | 000,233,497 | R-S- | C] () p46slej71ho.dll -> C:\WINDOWS\System32\p46slej71ho.dll -> [2006/03/02 21:40:31 | 000,237,291 | R-S- | C] () rdriv.sys -> C:\WINDOWS\System32\rdriv.sys -> [2006/03/02 09:00:57 | 000,007,168 | ---- | C] () o866lijs18o6.dll -> C:\WINDOWS\System32\o866lijs18o6.dll -> [2006/03/02 08:36:26 | 000,237,291 | R-S- | C] () k0pm0a71ed.dll -> C:\WINDOWS\System32\k0pm0a71ed.dll -> [2006/03/02 06:50:30 | 000,237,291 | R-S- | C] () pzflbmsg.dll -> C:\WINDOWS\System32\pzflbmsg.dll -> [2006/03/01 07:07:54 | 000,237,291 | R-S- | C] () dlcpmon.dll -> C:\WINDOWS\System32\dlcpmon.dll -> [2006/03/01 07:03:48 | 000,237,291 | R-S- | C] () ir06l5ds1.dll -> C:\WINDOWS\System32\ir06l5ds1.dll -> [2006/02/28 21:03:24 | 000,236,115 | R-S- | C] () OpPrintServer.INI -> C:\WINDOWS\OpPrintServer.INI -> [2006/02/27 22:05:37 | 000,000,000 | ---- | C] () i842liho184c.dll -> C:\WINDOWS\System32\i842liho184c.dll -> [2006/02/27 21:33:40 | 000,233,872 | R-S- | C] () ggjql3151.dll -> C:\WINDOWS\System32\ggjql3151.dll -> [2006/02/26 06:01:00 | 000,236,115 | R-S- | C] () fR2mlef11h2.dll -> C:\WINDOWS\System32\fR2mlef11h2.dll -> [2006/02/26 06:00:44 | 000,236,115 | R-S- | C] () n82u0if9e82.dll -> C:\WINDOWS\System32\n82u0if9e82.dll -> [2006/02/26 05:24:16 | 000,237,043 | R-S- | C] () uxrfaxa.dll -> C:\WINDOWS\System32\uxrfaxa.dll -> [2006/02/25 22:11:25 | 000,236,115 | R-S- | C] () l8l60i3se8.dll -> C:\WINDOWS\System32\l8l60i3se8.dll -> [2006/02/25 22:11:23 | 000,236,753 | R-S- | C] () hr2q05f5e.dll -> C:\WINDOWS\System32\hr2q05f5e.dll -> [2006/02/25 18:50:41 | 000,236,115 | R-S- | C] () r2r6lc9s1f.dll -> C:\WINDOWS\System32\r2r6lc9s1f.dll -> [2006/02/25 18:45:42 | 000,234,094 | R-S- | C] () veoy.dll -> C:\WINDOWS\System32\veoy.dll -> [2006/02/24 06:42:19 | 000,236,115 | R-S- | C] () wbpcore.dll -> C:\WINDOWS\System32\wbpcore.dll -> [2006/02/24 05:40:04 | 000,236,115 | R-S- | C] () o0ro0a93ed.dll -> C:\WINDOWS\System32\o0ro0a93ed.dll -> [2006/02/24 05:40:03 | 000,236,020 | R-S- | C] () lovely.dll -> C:\WINDOWS\System32\lovely.dll -> [2006/02/23 22:37:14 | 000,064,512 | ---- | C] () mirc.ini -> C:\WINDOWS\System32\mirc.ini -> [2006/02/23 22:37:14 | 000,003,162 | ---- | C] () remote.ini -> C:\WINDOWS\System32\remote.ini -> [2006/02/23 22:37:14 | 000,000,127 | ---- | C] () emcdec.dll -> C:\WINDOWS\System32\emcdec.dll -> [2006/02/23 22:08:23 | 000,236,020 | R-S- | C] () wussvc.dll -> C:\WINDOWS\System32\wussvc.dll -> [2006/02/23 20:29:41 | 000,236,115 | R-S- | C] () tvm1eb79.sys -> C:\WINDOWS\System32\tvm1eb79.sys -> [2006/02/23 19:29:59 | 000,001,167 | ---- | C] () tvm1eb79.dll -> C:\WINDOWS\System32\tvm1eb79.dll -> [2006/02/23 19:29:56 | 000,061,952 | ---- | C] () w001c02e.dll -> C:\WINDOWS\System32\w001c02e.dll -> [2006/02/23 19:29:35 | 000,029,696 | ---- | C] () lv2809fue.dll -> C:\WINDOWS\System32\lv2809fue.dll -> [2006/02/22 02:05:57 | 000,236,020 | R-S- | C] () lv8609lse.dll -> C:\WINDOWS\System32\lv8609lse.dll -> [2006/02/22 00:52:13 | 000,236,709 | R-S- | C] () r8p80i7ue8.dll -> C:\WINDOWS\System32\r8p80i7ue8.dll -> [2006/02/22 00:48:27 | 000,236,898 | R-S- | C] () kt02l7do1.dll -> C:\WINDOWS\System32\kt02l7do1.dll -> [2006/02/22 00:30:28 | 000,237,227 | R-S- | C] () mv6ol9j31.dll -> C:\WINDOWS\System32\mv6ol9j31.dll -> [2006/02/22 00:24:23 | 000,233,932 | R-S- | C] () fpl0033me.dll -> C:\WINDOWS\System32\fpl0033me.dll -> [2006/02/22 00:19:18 | 000,236,053 | R-S- | C] () uzerenv.dll -> C:\WINDOWS\System32\uzerenv.dll -> [2006/02/22 00:13:59 | 000,236,020 | R-S- | C] () mCg_hook.dll -> C:\WINDOWS\System32\mCg_hook.dll -> [2006/02/22 00:11:00 | 000,236,020 | R-S- | C] () lzx32.sys -> C:\WINDOWS\System32\lzx32.sys -> [2006/02/21 21:04:55 | 000,064,472 | ---- | C] () ntio256.sys -> C:\WINDOWS\System32\ntio256.sys -> [2006/02/21 20:50:28 | 000,019,840 | ---- | C] () Install.dat -> C:\Documents and Settings\LocalService\Application Data\Install.dat -> [2006/02/21 20:47:53 | 001,426,193 | ---- | C] () f42mlef11h2.dll -> C:\WINDOWS\System32\f42mlef11h2.dll -> [2006/02/21 20:21:24 | 000,236,020 | R-S- | C] () dDdrm.dll -> C:\WINDOWS\System32\dDdrm.dll -> [2006/02/21 20:09:49 | 000,236,020 | R-S- | C] () asmfd.dll -> C:\WINDOWS\System32\asmfd.dll -> [2006/02/21 19:55:29 | 000,236,020 | ---- | C] () dn6q01j5e.dll -> C:\WINDOWS\System32\dn6q01j5e.dll -> [2006/02/21 19:55:25 | 000,236,581 | R-S- | C] () h20q0cd5ef0.dll -> C:\WINDOWS\System32\h20q0cd5ef0.dll -> [2006/02/21 19:45:19 | 000,236,522 | R-S- | C] () gpjql3151.dll -> C:\WINDOWS\System32\gpjql3151.dll -> [2006/02/21 19:37:53 | 000,234,004 | R-S- | C] () dnjm0111e.dll -> C:\WINDOWS\System32\dnjm0111e.dll -> [2006/02/21 19:23:30 | 000,236,131 | R-S- | C] () l80ulid9180.dll -> C:\WINDOWS\System32\l80ulid9180.dll -> [2006/02/21 19:19:20 | 000,234,202 | R-S- | C] () hqghumea.dll -> C:\WINDOWS\System32\hqghumea.dll -> [2006/02/21 05:53:28 | 000,540,672 | ---- | C] () k8440ihqe84e0.dll -> C:\WINDOWS\System32\k8440ihqe84e0.dll -> [2006/02/21 05:48:21 | 000,236,468 | R-S- | C] () i2060cdsef060.dll -> C:\WINDOWS\System32\i2060cdsef060.dll -> [2006/02/21 05:44:12 | 000,236,622 | R-S- | C] () qghumeay.dll -> C:\WINDOWS\System32\qghumeay.dll -> [2006/02/21 05:22:32 | 000,540,672 | ---- | C] () q4nu0e59eh.dll -> C:\WINDOWS\System32\q4nu0e59eh.dll -> [2006/02/21 05:21:27 | 000,236,974 | R-S- | C] () s2pu0c79ef.dll -> C:\WINDOWS\System32\s2pu0c79ef.dll -> [2006/02/21 05:03:56 | 000,236,992 | R-S- | C] () lv4009hme.dll -> C:\WINDOWS\System32\lv4009hme.dll -> [2006/02/21 05:00:22 | 000,236,069 | R-S- | C] () fp6203joe.dll -> C:\WINDOWS\System32\fp6203joe.dll -> [2006/02/21 04:29:19 | 000,236,020 | R-S- | C] () dn0q01d5e.dll -> C:\WINDOWS\System32\dn0q01d5e.dll -> [2006/02/21 00:09:07 | 000,234,178 | R-S- | C] () o248lchu1f48.dll -> C:\WINDOWS\System32\o248lchu1f48.dll -> [2006/02/20 19:43:52 | 000,236,020 | R-S- | C] () k026lafs1d26.dll -> C:\WINDOWS\System32\k026lafs1d26.dll -> [2006/02/20 04:01:13 | 000,234,614 | R-S- | C] () gp2ol3f31.dll -> C:\WINDOWS\System32\gp2ol3f31.dll -> [2006/02/19 09:09:08 | 000,236,991 | R-S- | C] () h60q0gd5e60.dll -> C:\WINDOWS\System32\h60q0gd5e60.dll -> [2006/02/19 09:01:10 | 000,233,473 | R-S- | C] () tgpmon.dll -> C:\WINDOWS\System32\tgpmon.dll -> [2006/02/19 07:26:56 | 000,233,473 | R-S- | C] () pwh.dll -> C:\WINDOWS\System32\pwh.dll -> [2006/02/18 08:54:27 | 000,235,085 | R-S- | C] () hrn6055se.dll -> C:\WINDOWS\System32\hrn6055se.dll -> [2006/02/18 06:26:01 | 000,237,011 | R-S- | C] () ddband.dll -> C:\WINDOWS\System32\ddband.dll -> [2006/02/17 05:51:30 | 000,234,272 | ---- | C] () azpmgr.dll -> C:\WINDOWS\System32\azpmgr.dll -> [2006/02/17 05:50:39 | 000,235,085 | R-S- | C] () ktl2l73o1.dll -> C:\WINDOWS\System32\ktl2l73o1.dll -> [2006/02/15 05:09:57 | 000,235,259 | R-S- | C] () gp0ul3d91.dll -> C:\WINDOWS\System32\gp0ul3d91.dll -> [2006/02/15 05:08:01 | 000,235,925 | R-S- | C] () irl2l53o1.dll -> C:\WINDOWS\System32\irl2l53o1.dll -> [2006/02/14 23:36:20 | 000,235,257 | R-S- | C] () fpn6035se.dll -> C:\WINDOWS\System32\fpn6035se.dll -> [2006/02/13 08:57:07 | 000,237,071 | R-S- | C] () dimrtp.dll -> C:\WINDOWS\System32\dimrtp.dll -> [2006/02/13 03:29:55 | 000,237,071 | R-S- | C] () fp0u03d9e.dll -> C:\WINDOWS\System32\fp0u03d9e.dll -> [2006/02/13 00:46:41 | 000,233,699 | R-S- | C] () s0pu0a79ed.dll -> C:\WINDOWS\System32\s0pu0a79ed.dll -> [2006/02/13 00:30:46 | 000,233,733 | R-S- | C] () h2j4lc1q1f.dll -> C:\WINDOWS\System32\h2j4lc1q1f.dll -> [2006/02/12 20:30:58 | 000,237,071 | R-S- | C] () mxc42u.dll -> C:\WINDOWS\System32\mxc42u.dll -> [2006/02/12 06:15:10 | 000,234,272 | ---- | C] () ior8l59u1.dll -> C:\WINDOWS\System32\ior8l59u1.dll -> [2006/02/12 06:14:12 | 000,237,071 | R-S- | C] () k6js0g17e6.dll -> C:\WINDOWS\System32\k6js0g17e6.dll -> [2006/02/12 06:14:11 | 000,235,895 | R-S- | C] () nutevent.dll -> C:\WINDOWS\System32\nutevent.dll -> [2006/02/12 01:47:20 | 000,234,272 | ---- | C] () mhlogmgr.dll -> C:\WINDOWS\System32\mhlogmgr.dll -> [2006/02/12 00:34:12 | 000,235,895 | R-S- | C] () nelanman.dll -> C:\WINDOWS\System32\nelanman.dll -> [2006/02/12 00:21:56 | 000,235,895 | R-S- | C] () j4n2le5o1h.dll -> C:\WINDOWS\System32\j4n2le5o1h.dll -> [2006/02/11 19:17:15 | 000,235,895 | R-S- | C] () mv46l9hs1.dll -> C:\WINDOWS\System32\mv46l9hs1.dll -> [2006/02/11 08:25:58 | 000,234,072 | R-S- | C] () uyat.dll -> C:\WINDOWS\System32\uyat.dll -> [2006/02/11 08:19:17 | 000,235,895 | R-S- | C] () wsync32.dll -> C:\WINDOWS\System32\wsync32.dll -> [2006/02/11 07:53:40 | 000,095,744 | -HS- | C] () fp6603jse.dll -> C:\WINDOWS\System32\fp6603jse.dll -> [2006/02/11 07:52:37 | 000,236,558 | R-S- | C] () enp0l17m1.dll -> C:\WINDOWS\System32\enp0l17m1.dll -> [2006/02/11 06:04:51 | 000,233,712 | R-S- | C] () hrp6057se.dll -> C:\WINDOWS\System32\hrp6057se.dll -> [2006/02/10 09:26:33 | 000,236,648 | R-S- | C] () l00ulad91d0.dll -> C:\WINDOWS\System32\l00ulad91d0.dll -> [2006/02/10 08:04:59 | 000,234,198 | R-S- | C] () fplo0333e.dll -> C:\WINDOWS\System32\fplo0333e.dll -> [2006/02/10 08:03:05 | 000,235,068 | R-S- | C] () mpefjgcn.dll -> C:\WINDOWS\System32\mpefjgcn.dll -> [2006/02/09 07:45:06 | 000,098,324 | ---- | C] () hr2u05f9e.dll -> C:\WINDOWS\System32\hr2u05f9e.dll -> [2006/02/09 04:52:14 | 000,235,102 | R-S- | C] () csmctl32.dll -> C:\WINDOWS\System32\csmctl32.dll -> [2006/02/09 03:08:42 | 000,235,102 | R-S- | C] () q0psla771d.dll -> C:\WINDOWS\System32\q0psla771d.dll -> [2006/02/09 02:05:25 | 000,236,872 | R-S- | C] () n66qlgj516o.dll -> C:\WINDOWS\System32\n66qlgj516o.dll -> [2006/02/08 23:34:53 | 000,236,668 | R-S- | C] () f02mlaf11d2.dll -> C:\WINDOWS\System32\f02mlaf11d2.dll -> [2006/02/08 21:45:11 | 000,236,188 | ---- | C] () en4ul1h91.dll -> C:\WINDOWS\System32\en4ul1h91.dll -> [2006/02/08 21:38:31 | 000,237,009 | R-S- | C] () irr8l59u1.dll -> C:\WINDOWS\System32\irr8l59u1.dll -> [2006/02/08 21:36:05 | 000,235,123 | R-S- | C] () kpdth3.dll -> C:\WINDOWS\System32\kpdth3.dll -> [2006/02/08 21:36:05 | 000,235,068 | R-S- | C] () ic41_qcx.dll -> C:\WINDOWS\System32\ic41_qcx.dll -> [2006/02/08 07:45:24 | 000,235,068 | R-S- | C] () mypmsp.dll -> C:\WINDOWS\System32\mypmsp.dll -> [2006/02/08 06:39:48 | 000,235,123 | R-S- | C] () p04u0ah9ed4.dll -> C:\WINDOWS\System32\p04u0ah9ed4.dll -> [2006/02/07 19:48:27 | 000,235,123 | R-S- | C] () okedlg.dll -> C:\WINDOWS\System32\okedlg.dll -> [2006/02/07 06:10:36 | 000,235,068 | R-S- | C] () d8j00i1me8.dll -> C:\WINDOWS\System32\d8j00i1me8.dll -> [2006/02/07 06:07:18 | 000,235,068 | R-S- | C] () k2lq0c35ef.dll -> C:\WINDOWS\System32\k2lq0c35ef.dll -> [2006/02/07 05:35:42 | 000,235,600 | R-S- | C] () mvpql9751.dll -> C:\WINDOWS\System32\mvpql9751.dll -> [2006/02/07 04:26:37 | 000,234,272 | R-S- | C] () en4ml1h11.dll -> C:\WINDOWS\System32\en4ml1h11.dll -> [2006/02/07 03:58:32 | 000,235,413 | R-S- | C] () utalaek.dll -> C:\WINDOWS\System32\utalaek.dll -> [2006/02/07 03:53:59 | 000,139,264 | ---- | C] () SMWizard.INI -> C:\WINDOWS\SMWizard.INI -> [2006/01/08 21:30:06 | 000,000,044 | ---- | C] () iPlayer.INI -> C:\WINDOWS\iPlayer.INI -> [2006/01/08 21:11:03 | 000,000,000 | ---- | C] () smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2006/01/07 01:51:29 | 000,000,061 | ---- | C] () PCDrSystemInformation.dll -> C:\WINDOWS\System32\PCDrSystemInformation.dll -> [2006/01/07 01:50:20 | 000,282,624 | ---- | C] () PcdrKernelModeServices.dll -> C:\WINDOWS\System32\PcdrKernelModeServices.dll -> [2006/01/07 01:50:16 | 000,094,208 | ---- | C] () ProgressTrace.dll -> C:\WINDOWS\System32\ProgressTrace.dll -> [2006/01/07 01:50:16 | 000,077,824 | ---- | C] () Welcome.ini -> C:\WINDOWS\Welcome.ini -> [2006/01/07 01:44:36 | 000,000,023 | ---- | C] () msssc.dll -> C:\WINDOWS\System32\msssc.dll -> [2006/01/07 01:38:37 | 000,000,044 | ---- | C] () psisdecd.dll -> C:\WINDOWS\System32\psisdecd.dll -> [2006/01/07 01:35:10 | 000,354,816 | ---- | C] () OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2006/01/07 01:31:12 | 000,002,481 | ---- | C] () orun32.ini -> C:\WINDOWS\orun32.ini -> [2003/02/19 21:39:14 | 000,000,791 | ---- | C] () AIBMRUNL.dll -> C:\WINDOWS\System32\AIBMRUNL.dll -> [2002/11/15 10:14:26 | 000,143,360 | ---- | C] () secdrv.sys -> C:\WINDOWS\System32\drivers\secdrv.sys -> [1980/01/01 08:00:00 | 000,027,440 | ---- | C] () e100bmsg.dll -> C:\WINDOWS\System32\e100bmsg.dll -> [1980/01/01 08:00:00 | 000,012,288 | ---- | C] () [File - Lop Check] IBM -> C:\Documents and Settings\All Users\Application Data\IBM -> [2006/02/16 00:39:28 | 000,000,000 | ---D | M] IBM -> C:\Documents and Settings\User\Application Data\IBM -> [2010/03/07 04:54:28 | 000,000,000 | ---D | M] [File - Purity Scan] [Custom Scans] < %SYSTEMDRIVE%\*.* > 1x.exe -> C:\1x.exe -> [2006/03/05 23:34:01 | 000,028,160 | ---- | M] () 777.htm -> C:\777.htm -> [2006/02/12 10:08:54 | 000,000,254 | ---- | M] () ac3_0010.exe -> C:\ac3_0010.exe -> [2006/02/23 19:29:30 | 000,002,560 | ---- | M] () AUTOEXEC.BAT -> C:\AUTOEXEC.BAT -> [2006/01/07 02:07:08 | 000,000,000 | -H-- | M] () avenger.txt -> C:\avenger.txt -> [2010/03/07 16:58:04 | 000,007,834 | ---- | M] () beti.exe -> C:\beti.exe -> [2006/02/15 01:36:38 | 001,175,664 | ---- | M] (instyler installation software) bhowvt.exe -> C:\bhowvt.exe -> [2006/02/21 21:04:55 | 000,070,144 | ---- | M] () BOOT.INI -> C:\BOOT.INI -> [2006/01/07 02:05:59 | 000,000,194 | RHS- | M] () BOOTLOG.PRV -> C:\BOOTLOG.PRV -> [2006/01/07 01:47:52 | 000,000,000 | -H-- | M] () BOOTLOG.TXT -> C:\BOOTLOG.TXT -> [2006/01/07 01:51:50 | 000,000,000 | -H-- | M] () BOOTSECT.DOS -> C:\BOOTSECT.DOS -> [2003/02/19 21:11:06 | 000,000,512 | -HS- | M] () c0p.exe -> C:\c0p.exe -> [2006/03/09 00:30:14 | 000,956,300 | ---- | M] () CDFE.log -> C:\CDFE.log -> [2006/03/06 03:43:01 | 000,000,242 | ---- | M] () cf.exe -> C:\cf.exe -> [2006/03/10 22:09:14 | 000,146,944 | ---- | M] () cold.exe -> C:\cold.exe -> [2006/03/08 00:34:33 | 000,020,062 | ---- | M] () CONFIG.SYS -> C:\CONFIG.SYS -> [2006/01/07 02:07:08 | 000,000,000 | -H-- | M] () ddi.exe -> C:\ddi.exe -> [2006/03/10 06:49:42 | 000,004,948 | ---- | M] (.) deskbar.exe -> C:\deskbar.exe -> [2006/03/14 20:18:03 | 000,251,262 | ---- | M] () do.exe -> C:\do.exe -> [2006/02/16 00:46:54 | 000,004,948 | ---- | M] (.) dodi.exe -> C:\dodi.exe -> [2006/02/26 06:00:38 | 000,004,948 | ---- | M] (.) dotdr.exe -> C:\dotdr.exe -> [2006/06/22 08:25:34 | 000,016,384 | ---- | M] (.) dotrm.dll -> C:\dotrm.dll -> [2006/06/22 08:37:31 | 000,039,437 | ---- | M] () dr.exe -> C:\dr.exe -> [2006/02/09 07:35:40 | 000,006,144 | ---- | M] () drivez.log -> C:\drivez.log -> [2006/01/07 01:47:02 | 000,000,845 | ---- | M] () drmy.exe -> C:\drmy.exe -> [2006/02/20 04:01:21 | 000,016,157 | ---- | M] () dwin.exe -> C:\dwin.exe -> [2006/08/21 15:28:54 | 000,004,940 | ---- | M] (.) gdiplus.dll -> C:\gdiplus.dll -> [2001/09/06 05:00:58 | 001,700,352 | ---- | M] (Microsoft Corporation) gqyqhf.exe -> C:\gqyqhf.exe -> [2006/02/21 21:05:32 | 000,001,024 | ---- | M] () gt.exe -> C:\gt.exe -> [2006/02/15 05:27:28 | 000,827,613 | ---- | M] (instyler installation software) hiberfil.sys -> C:\hiberfil.sys -> [2010/03/07 18:42:59 | 527,486,976 | -HS- | M] () IO.SYS -> C:\IO.SYS -> [2006/01/07 02:07:09 | 000,000,000 | -H-- | M] () kybrdff_12.exe -> C:\kybrdff_12.exe -> [2006/08/21 14:41:01 | 000,098,304 | ---- | M] (*&&*#&$*#RU*#Y&*#YR&Y#&RY#R) lemj.exe -> C:\lemj.exe -> [2006/02/21 21:05:31 | 000,001,024 | ---- | M] () lips.exe -> C:\lips.exe -> [2006/03/12 07:56:01 | 001,014,304 | ---- | M] () LOGFILE.txt -> C:\LOGFILE.txt -> [2006/01/07 01:44:26 | 000,000,155 | ---- | M] () lxce.log -> C:\lxce.log -> [2006/03/13 07:50:45 | 000,013,162 | ---- | M] () lxcefire.csv -> C:\lxcefire.csv -> [2006/03/06 03:42:34 | 000,000,000 | ---- | M] () LXCEINST.csv -> C:\LXCEINST.csv -> [2006/03/06 03:44:55 | 000,000,867 | ---- | M] () lxcescan.log -> C:\lxcescan.log -> [2006/03/11 21:34:49 | 000,001,771 | ---- | M] () lxceunst.csv -> C:\lxceunst.csv -> [2006/03/06 03:36:20 | 000,342,528 | ---- | M] () MSDOS.SYS -> C:\MSDOS.SYS -> [2006/01/26 23:49:50 | 000,000,000 | RHS- | M] () navy.exe -> C:\navy.exe -> [2006/08/21 14:57:45 | 000,016,384 | ---- | M] (.) NTDETECT.COM -> C:\NTDETECT.COM -> [2002/08/29 05:08:54 | 000,047,580 | RHS- | M] () ntldr -> C:\ntldr -> [2002/08/29 09:05:20 | 000,233,632 | RHS- | M] () nwnmff_12.exe -> C:\nwnmff_12.exe -> [2006/08/21 14:41:04 | 000,032,768 | ---- | M] (04399289e8uwhru243y5r78f73yh3t7y3) nwnmfg_8.exe -> C:\nwnmfg_8.exe -> [2006/03/05 21:57:31 | 000,032,768 | ---- | M] (rew9q8er3289374823748782474723842) outwin1.exe -> C:\outwin1.exe -> [2006/03/03 23:10:22 | 000,000,371 | ---- | M] () pagefile.sys -> C:\pagefile.sys -> [2010/03/07 18:42:59 | 1598,029,824 | -HS- | M] () qjmm.exe -> C:\qjmm.exe -> [2006/02/21 21:04:49 | 000,072,704 | ---- | M] () qmekimic.exe -> C:\qmekimic.exe -> [2006/03/11 22:31:01 | 000,678,344 | ---- | M] (Administrator) qo.exe -> C:\qo.exe -> [2006/03/16 23:10:49 | 000,692,606 | ---- | M] () ret.exe -> C:\ret.exe -> [2006/03/03 23:35:08 | 000,869,995 | ---- | M] (smart) rftojhv.exe -> C:\rftojhv.exe -> [2006/02/21 21:04:50 | 000,032,768 | ---- | M] () scan.exe -> C:\scan.exe -> [2006/03/12 06:03:50 | 000,159,744 | ---- | M] () schmblack.exe -> C:\schmblack.exe -> [2006/03/12 22:13:00 | 000,678,344 | ---- | M] (Administrator) secure32.html -> C:\secure32.html -> [2006/02/21 21:04:55 | 000,003,066 | ---- | M] () setup.log -> C:\setup.log -> [2006/01/07 01:41:14 | 000,000,090 | ---- | M] () spam.exe -> C:\spam.exe -> [2006/03/08 21:42:09 | 000,148,992 | ---- | M] () SRCLIENT.LOG -> C:\SRCLIENT.LOG -> [2006/08/21 17:22:27 | 000,000,161 | ---- | M] () ssssdefr.exe -> C:\ssssdefr.exe -> [2006/03/12 22:19:14 | 000,678,344 | ---- | M] (Administrator) SYSLEVEL.IBM -> C:\SYSLEVEL.IBM -> [2006/01/07 01:38:08 | 000,000,481 | ---- | M] () tam32.exe -> C:\tam32.exe -> [2006/03/05 23:34:55 | 000,151,112 | ---- | M] () TCPACHIP.LOG -> C:\TCPACHIP.LOG -> [2006/01/07 01:31:08 | 000,000,044 | ---- | M] () tm -> C:\tm -> [2004/08/03 23:29:00 | 000,009,735 | ---- | M] () tm2 -> C:\tm2 -> [2004/11/18 00:03:32 | 000,000,321 | ---- | M] () toislf.exe -> C:\toislf.exe -> [2006/02/10 09:35:16 | 000,004,956 | ---- | M] (..) tu.exe -> C:\tu.exe -> [2006/03/12 06:03:59 | 000,000,236 | ---- | M] () ucmoreiex.exe -> C:\ucmoreiex.exe -> [2006/02/21 19:20:33 | 000,517,168 | ---- | M] () uhytr.exe -> C:\uhytr.exe -> [2006/03/10 22:07:05 | 000,678,344 | ---- | M] (Administrator) unaerror.log -> C:\unaerror.log -> [2006/02/22 00:56:56 | 000,002,671 | ---- | M] () uniq -> C:\uniq -> [2006/02/21 20:47:45 | 000,000,000 | ---- | M] () ux.exe -> C:\ux.exe -> [2006/03/09 00:24:52 | 000,858,144 | ---- | M] () vbsys2.dll -> C:\vbsys2.dll -> [2006/02/12 10:08:54 | 000,090,112 | ---- | M] () viobqsd.exe -> C:\viobqsd.exe -> [2006/02/21 21:05:31 | 000,005,632 | ---- | M] () w33d.exe -> C:\w33d.exe -> [2006/03/10 02:50:42 | 000,858,144 | ---- | M] () wdb.exe -> C:\wdb.exe -> [2006/02/22 02:06:45 | 000,016,157 | ---- | M] () wdl.exe -> C:\wdl.exe -> [2006/02/21 05:51:18 | 000,016,157 | ---- | M] () wew.exe -> C:\wew.exe -> [2006/03/09 07:33:01 | 000,161,740 | ---- | M] () winpatch.exe -> C:\winpatch.exe -> [2006/02/26 05:25:21 | 000,006,131 | ---- | M] () winquidsaan.exe -> C:\winquidsaan.exe -> [2006/03/17 04:55:45 | 000,066,745 | ---- | M] () winsdl.exe -> C:\winsdl.exe -> [2006/02/17 06:39:09 | 000,020,480 | ---- | M] (.) winsystesm.exe -> C:\winsystesm.exe -> [2006/03/15 02:49:18 | 000,135,680 | ---- | M] () winzdl.exe -> C:\winzdl.exe -> [2006/02/18 06:26:32 | 000,020,480 | ---- | M] (.) wksv.exe -> C:\wksv.exe -> [2006/03/07 02:14:32 | 000,020,480 | ---- | M] (*$(*$#*$#&$&*$&*#&&$##&&$*#) woa32.exe -> C:\woa32.exe -> [2006/03/05 23:34:52 | 000,130,558 | ---- | M] () ww32.exe -> C:\ww32.exe -> [2006/03/02 23:55:41 | 000,130,558 | ---- | M] () Xpadmin.log -> C:\Xpadmin.log -> [2010/03/07 18:43:17 | 000,003,020 | ---- | M] () yhaaa.exe -> C:\yhaaa.exe -> [2006/03/10 21:50:19 | 000,682,150 | ---- | M] (Instyler® Software) [Files/Folders - Unicode - All] C:\WINDOWS\System32\?ymantec -> C:\WINDOWS\System32\Ѕymantec -> [2006/02/07 03:52:39 | 000,000,000 | ---D | C] C:\WINDOWS\System32\?ymantec -> C:\WINDOWS\System32\Ѕymantec -> [2006/02/07 03:53:00 | 000,000,000 | ---D | M] C:\WINDOWS\?icrosoft -> C:\WINDOWS\Μicrosoft -> [2006/02/07 03:54:00 | 000,000,000 | ---D | C] C:\WINDOWS\?icrosoft -> C:\WINDOWS\Μicrosoft -> [2006/02/07 03:54:00 | 000,000,000 | ---D | M] C:\WINDOWS\System32\?ymantec\YMANTE~1 -> C:\WINDOWS\system32\Ѕymantec\YMANTE~1 -> [2006/02/07 03:54:01 | 000,000,000 | ---D | M] < End of report > [/code]