Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

been hijacked

Started by be_here_now , Nov 24 2009 02:18 AM

  • Please log in to reply

#1
be_here_now
Posted 24 November 2009 - 02:18 AM

be_here_now

    New Member

  • Member
  • Pip
  • 9 posts
something's gone awry. rorsarch was a big help last time, so here's hoping.

symptoms:

- a window appeared with web addresses and my login and pws for the sites. very concerning.
- after reboots, a window of backup docs with gibberish names opens up. strange.
- SLOOOOWness, i ran adaware's quick scan and it took 3 hours. tasks and programs take forever to load and operate very slowly once loaded.

thanks in advance for your help!
  • 0

Advertisements

#2
be_here_now
Posted 25 November 2009 - 12:08 AM

be_here_now

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
sorry i couldnt post these results before. it took me awhile to run them.

malwarebytes came up with nothing.

rootrepeal report:

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/24 16:42
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF8437000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: ACPIEC.sys
Image Path: ACPIEC.sys
Address: 0xF8982000 Size: 11648 File Visible: - Signed: -
Status: -

Name: aeaudio.sys
Image Path: C:\WINDOWS\system32\drivers\aeaudio.sys
Address: 0xF47C6000 Size: 127808 File Visible: - Signed: -
Status: -

Name: AegisP.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AegisP.sys
Address: 0xF896E000 Size: 19232 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xB72D9000 Size: 138496 File Visible: - Signed: -
Status: -

Name: ANC.SYS
Image Path: C:\WINDOWS\System32\drivers\ANC.SYS
Address: 0xEC982000 Size: 11520 File Visible: - Signed: -
Status: -

Name: ApsHM86.sys
Image Path: ApsHM86.sys
Address: 0xF87F6000 Size: 32768 File Visible: - Signed: -
Status: -

Name: Apsx86.sys
Image Path: Apsx86.sys
Address: 0xF829C000 Size: 114688 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF83D1000 Size: 96512 File Visible: - Signed: -
Status: -

Name: ati2cqag.dll
Image Path: C:\WINDOWS\System32\ati2cqag.dll
Address: 0xBFA1A000 Size: 368640 File Visible: - Signed: -
Status: -

Name: ati2dvag.dll
Image Path: C:\WINDOWS\System32\ati2dvag.dll
Address: 0xBF9D5000 Size: 282624 File Visible: - Signed: -
Status: -

Name: ati2mtag.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Address: 0xF4AEC000 Size: 2363392 File Visible: - Signed: -
Status: -

Name: ati3duag.dll
Image Path: C:\WINDOWS\System32\ati3duag.dll
Address: 0xBFAD6000 Size: 2924544 File Visible: - Signed: -
Status: -

Name: atikvmag.dll
Image Path: C:\WINDOWS\System32\atikvmag.dll
Address: 0xBFA74000 Size: 327680 File Visible: - Signed: -
Status: -

Name: atiok3x2.dll
Image Path: C:\WINDOWS\System32\atiok3x2.dll
Address: 0xBFAC4000 Size: 73728 File Visible: - Signed: -
Status: -

Name: ativvaxx.dll
Image Path: C:\WINDOWS\System32\ativvaxx.dll
Address: 0xBFDA0000 Size: 1515520 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF8BFC000 Size: 3072 File Visible: - Signed: -
Status: -

Name: b57xp32.sys
Image Path: C:\WINDOWS\system32\DRIVERS\b57xp32.sys
Address: 0xF4AAD000 Size: 176128 File Visible: - Signed: -
Status: -

Name: BATTC.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\BATTC.SYS
Address: 0xF897E000 Size: 16384 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF8AF4000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF8976000 Size: 12288 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF8696000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF8716000 Size: 62976 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF85A6000 Size: 53248 File Visible: - Signed: -
Status: -

Name: CmBatt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Address: 0xF8201000 Size: 13952 File Visible: - Signed: -
Status: -

Name: compbatt.sys
Image Path: compbatt.sys
Address: 0xF897A000 Size: 10240 File Visible: - Signed: -
Status: -

Name: CVPNDRVA.sys
Image Path: C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
Address: 0xB37A5000 Size: 544768 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF8596000 Size: 36352 File Visible: - Signed: -
Status: -

Name: DLABOIOM.SYS
Image Path: C:\WINDOWS\System32\DLA\DLABOIOM.SYS
Address: 0xF8966000 Size: 25568 File Visible: - Signed: -
Status: -

Name: DLACDBHM.SYS
Image Path: C:\WINDOWS\System32\Drivers\DLACDBHM.SYS
Address: 0xF8AD0000 Size: 5568 File Visible: - Signed: -
Status: -

Name: DLADResN.SYS
Image Path: C:\WINDOWS\System32\DLA\DLADResN.SYS
Address: 0xF8C08000 Size: 2432 File Visible: - Signed: -
Status: -

Name: DLAIFS_M.SYS
Image Path: C:\WINDOWS\System32\DLA\DLAIFS_M.SYS
Address: 0xB3ACB000 Size: 86464 File Visible: - Signed: -
Status: -

Name: DLAOPIOM.SYS
Image Path: C:\WINDOWS\System32\DLA\DLAOPIOM.SYS
Address: 0xF6CCF000 Size: 14624 File Visible: - Signed: -
Status: -

Name: DLAPoolM.SYS
Image Path: C:\WINDOWS\System32\DLA\DLAPoolM.SYS
Address: 0xF8B0E000 Size: 6304 File Visible: - Signed: -
Status: -

Name: DLARTL_N.SYS
Image Path: C:\WINDOWS\System32\Drivers\DLARTL_N.SYS
Address: 0xED917000 Size: 22624 File Visible: - Signed: -
Status: -

Name: DLAUDF_M.SYS
Image Path: C:\WINDOWS\System32\DLA\DLAUDF_M.SYS
Address: 0xB3A9D000 Size: 86976 File Visible: - Signed: -
Status: -

Name: DLAUDFAM.SYS
Image Path: C:\WINDOWS\System32\DLA\DLAUDFAM.SYS
Address: 0xB3AB3000 Size: 94272 File Visible: - Signed: -
Status: -

Name: dne2000.sys
Image Path: C:\WINDOWS\system32\DRIVERS\dne2000.sys
Address: 0xF458A000 Size: 110080 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF86D6000 Size: 61440 File Visible: - Signed: -
Status: -

Name: DRVMCDB.SYS
Image Path: DRVMCDB.SYS
Address: 0xF8389000 Size: 87104 File Visible: - Signed: -
Status: -

Name: DRVNDDM.SYS
Image Path: C:\WINDOWS\System32\Drivers\DRVNDDM.SYS
Address: 0xF3CD3000 Size: 38304 File Visible: - Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xF706E000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF9C3000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xB7411000 Size: 4096 File Visible: - Signed: -
Status: -

Name: eeCtrl.sys
Image Path: C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Address: 0xB71C0000 Size: 385024 File Visible: - Signed: -
Status: -

Name: EraserUtilRebootDrv.sys
Image Path: C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
Address: 0xB71A3000 Size: 118784 File Visible: - Signed: -
Status: -

Name: fdc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\fdc.sys
Address: 0xF884E000 Size: 27392 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF8686000 Size: 44544 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF83B1000 Size: 129792 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF8AF2000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF83E9000 Size: 125056 File Visible: - Signed: -
Status: -

Name: GEARAspiWDM.sys
Image Path: C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
Address: 0xF8856000 Size: 21120 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806D0000 Size: 131840 File Visible: - Signed: -
Status: -

Name: HSF_CNXT.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
Address: 0xF45E5000 Size: 721280 File Visible: - Signed: -
Status: -

Name: HSF_DPV.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
Address: 0xF4696000 Size: 998656 File Visible: - Signed: -
Status: -

Name: HSFHWICH.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
Address: 0xF478A000 Size: 242304 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xB373C000 Size: 264832 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF86E6000 Size: 52480 File Visible: - Signed: -
Status: -

Name: IBMBLDID.sys
Image Path: C:\WINDOWS\system32\Drivers\IBMBLDID.sys
Address: 0xF8B26000 Size: 6016 File Visible: - Signed: -
Status: -

Name: ibmpmdrv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
Address: 0xF8A22000 Size: 15104 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF8706000 Size: 42112 File Visible: - Signed: -
Status: -

Name: intelide.sys
Image Path: intelide.sys
Address: 0xF8A6A000 Size: 5504 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xF86A6000 Size: 36352 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xB7323000 Size: 152832 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xB73DD000 Size: 75264 File Visible: - Signed: -
Status: -

Name: irda.sys
Image Path: C:\WINDOWS\system32\DRIVERS\irda.sys
Address: 0xB3A0F000 Size: 88192 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF8566000 Size: 37248 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF8836000 Size: 24576 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF8A66000 Size: 8192 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\drivers\ks.sys
Address: 0xF47E6000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF8372000 Size: 92288 File Visible: - Signed: -
Status: -

Name: Lbd.sys
Image Path: Lbd.sys
Address: 0xF85B6000 Size: 57600 File Visible: - Signed: -
Status: -

Name: mdmxsdk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
Address: 0xB390B000 Size: 12544 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF8AF6000 Size: 4224 File Visible: - Signed: -
Status: -

Name: Modem.SYS
Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS
Address: 0xF882E000 Size: 30080 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF883E000 Size: 23040 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF8576000 Size: 42368 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xB38A2000 Size: 180608 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xB721E000 Size: 455296 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xED395000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF87B6000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF4D2D000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xF8282000 Size: 105344 File Visible: - Signed: -
Status: -

Name: naveng.sys
Image Path: C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20091024.005\naveng.sys
Address: 0xEBF1D000 Size: 78208 File Visible: - Signed: -
Status: -

Name: navex15.sys
Image Path: C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20091024.005\navex15.sys
Address: 0xEBF31000 Size: 1316864 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF82B8000 Size: 182656 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xF8A3E000 Size: 10112 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xB39CF000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xF41A0000 Size: 91520 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF4122000 Size: 40576 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF8676000 Size: 34688 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xB72FB000 Size: 162816 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xED38D000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF82E5000 Size: 574976 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF8B93000 Size: 2944 File Visible: - Signed: -
Status: -

Name: OPRGHDLR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Address: 0xF8B2F000 Size: 4096 File Visible: - Signed: -
Status: -

Name: parport.sys
Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys
Address: 0xF45A5000 Size: 80128 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF87EE000 Size: 19712 File Visible: - Signed: -
Status: -

Name: ParVdm.SYS
Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS
Address: 0xF8B16000 Size: 6784 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF8426000 Size: 68224 File Visible: - Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF8B2E000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF87E6000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pcmcia.sys
Image Path: pcmcia.sys
Address: 0xF8408000 Size: 120192 File Visible: - Signed: -
Status: -

Name: pmemnt.sys
Image Path: C:\WINDOWS\System32\drivers\pmemnt.sys
Address: 0xF8AA6000 Size: 5120 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xF4809000 Size: 147456 File Visible: - Signed: -
Status: -

Name: psadd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psadd.sys
Address: 0xF88DE000 Size: 21376 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xF418F000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF88CE000 Size: 17792 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF85C6000 Size: 35680 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF824D000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasirda.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasirda.sys
Address: 0xF888E000 Size: 19584 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF8786000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF8796000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF87A6000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF88D6000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xB728E000 Size: 175744 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF8AF8000 Size: 4224 File Visible: - Signed: -
Status: -

Name: rdpdr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Address: 0xF25DF000 Size: 196224 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF7A5A000 Size: 57600 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB29CF000 Size: 49152 File Visible: No Signed: -
Status: -

Name: s24trans.sys
Image Path: C:\WINDOWS\system32\DRIVERS\s24trans.sys
Address: 0xB3A91000 Size: 13568 File Visible: - Signed: -
Status: -

Name: savrt.sys
Image Path: C:\Program Files\Symantec AntiVirus\savrt.sys
Address: 0xEC161000 Size: 360448 File Visible: - Signed: -
Status: -

Name: Savrtpel.sys
Image Path: C:\Program Files\Symantec AntiVirus\Savrtpel.sys
Address: 0xEC12B000 Size: 81920 File Visible: - Signed: -
Status: -

Name: serenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys
Address: 0xF8205000 Size: 15744 File Visible: - Signed: -
Status: -

Name: serial.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys
Address: 0xF86F6000 Size: 64512 File Visible: - Signed: -
Status: -

Name: Smapint.sys
Image Path: C:\WINDOWS\System32\drivers\Smapint.sys
Address: 0xF5349000 Size: 32768 File Visible: - Signed: -
Status: -

Name: smwdm.sys
Image Path: C:\WINDOWS\system32\drivers\smwdm.sys
Address: 0xF482D000 Size: 260224 File Visible: - Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xF839F000 Size: 73472 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xB213B000 Size: 333824 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF8AE0000 Size: 4352 File Visible: - Signed: -
Status: -

Name: SYMEVENT.SYS
Image Path: C:\Program Files\Symantec\SYMEVENT.SYS
Address: 0xEC13F000 Size: 139264 File Visible: - Signed: -
Status: -

Name: SYMTDI.SYS
Image Path: C:\WINDOWS\System32\Drivers\SYMTDI.SYS
Address: 0xB7349000 Size: 241664 File Visible: - Signed: -
Status: -

Name: SynTP.sys
Image Path: C:\WINDOWS\system32\DRIVERS\SynTP.sys
Address: 0xF45B9000 Size: 177664 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xB35EA000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xB7384000 Size: 361600 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF8896000 Size: 20480 File Visible: - Signed: -
Status: -

Name: TDSMAPI.SYS
Image Path: C:\WINDOWS\System32\drivers\TDSMAPI.SYS
Address: 0xECAC9000 Size: 24576 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF86C6000 Size: 40704 File Visible: - Signed: -
Status: -

Name: TPDiskPM.sys
Image Path: TPDiskPM.sys
Address: 0xF8986000 Size: 14848 File Visible: - Signed: -
Status: -

Name: TPHKDRV.SYS
Image Path: C:\WINDOWS\System32\Drivers\TPHKDRV.SYS
Address: 0xECAD1000 Size: 16416 File Visible: - Signed: -
Status: -

Name: TPInput.sys
Image Path: C:\WINDOWS\System32\DRIVERS\TPInput.sys
Address: 0xF8ACA000 Size: 6528 File Visible: - Signed: -
Status: -

Name: tpm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tpm.sys
Address: 0xF8846000 Size: 17792 File Visible: - Signed: -
Status: -

Name: Tppwrif.sys
Image Path: C:\WINDOWS\System32\drivers\Tppwrif.sys
Address: 0xED355000 Size: 20480 File Visible: - Signed: -
Status: -

Name: TSMAPIP.SYS
Image Path: C:\WINDOWS\System32\drivers\TSMAPIP.SYS
Address: 0xED35D000 Size: 24576 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xF2581000 Size: 384768 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF8ACE000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF8826000 Size: 30208 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF3D33000 Size: 59520 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xF4A89000 Size: 147456 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xF881E000 Size: 20608 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xED39D000 Size: 20992 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF4AD8000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF8586000 Size: 52352 File Visible: - Signed: -
Status: -

Name: w29n51.sys
Image Path: C:\WINDOWS\system32\DRIVERS\w29n51.sys
Address: 0xF486D000 Size: 2208512 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF8666000 Size: 34560 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF6949000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xB2D50000 Size: 83072 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS
Address: 0xF8A68000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -


OTL started running and then froze, but did generate this report:

OTL logfile created on: 11/24/2009 4:52:26 PM - Run 1
OTL by OldTimer - Version 3.1.8.0 Folder = C:\Documents and Settings\Michael E. Israel\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.36 Mb Total Physical Memory | 110.00 Mb Available Physical Memory | 21.55% Memory free
1.22 Gb Paging File | 0.52 Gb Available in Paging File | 42.84% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 22.65 Gb Free Space | 30.39% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAW-ISRA0019
Current User Name: Michael E. Israel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/24 16:50:36 | 00,529,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael E. Israel\Desktop\OTL.exe
PRC - [2009/11/24 16:50:36 | 00,529,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael E. Israel\Desktop\OTL.exe
PRC - [2009/11/07 09:41:55 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/07 09:41:55 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/31 13:26:20 | 00,788,368 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/10/31 13:26:15 | 01,179,232 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/10/28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/12/01 17:57:42 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Michael E. Israel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
PRC - [2008/04/13 16:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008/04/13 16:12:40 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008/04/13 16:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/04 07:34:20 | 00,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008/03/04 07:34:12 | 01,122,304 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2007/11/22 12:09:26 | 00,181,536 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TpShocks.exe
PRC - [2007/11/02 12:51:02 | 00,036,136 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\ibmpmsvc.exe
PRC - [2007/10/16 15:33:00 | 00,037,424 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TPHDEXLG.exe
PRC - [2007/09/26 14:34:46 | 00,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/08/10 22:30:40 | 00,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2007/08/10 22:30:12 | 00,512,000 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007/06/21 14:18:54 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2007/06/21 14:18:54 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/10/18 18:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2006/10/02 07:19:48 | 00,094,208 | ---- | M] () -- C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
PRC - [2006/09/29 06:57:36 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2006/09/29 06:57:30 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2006/06/14 22:40:34 | 00,124,656 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2006/06/14 22:40:16 | 00,031,472 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2006/06/14 22:40:16 | 00,024,816 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DoScan.exe
PRC - [2006/05/30 12:05:42 | 00,086,016 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
PRC - [2006/04/17 10:13:00 | 00,094,208 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2006/04/17 10:12:28 | 00,151,552 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2006/04/17 10:12:26 | 00,040,960 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2006/04/17 10:09:10 | 00,409,600 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
PRC - [2006/04/17 09:59:10 | 00,098,304 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
PRC - [2006/04/14 08:49:28 | 00,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/04/14 08:44:58 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/04/14 08:43:02 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/04/14 08:42:26 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006/02/23 23:22:00 | 00,237,568 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
PRC - [2006/01/24 00:04:00 | 00,225,280 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe
PRC - [2005/11/04 07:21:28 | 01,516,584 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2005/10/06 02:20:00 | 00,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\DLACTRLW.EXE
PRC - [2005/07/05 11:57:12 | 00,077,824 | ---- | M] () -- C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
PRC - [2005/06/06 18:26:22 | 00,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe
PRC - [2004/10/14 06:11:10 | 01,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2004/07/27 13:50:42 | 00,221,184 | ---- | M] (InstallShield Software Corporation) -- c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2004/07/27 13:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/07/27 13:50:04 | 00,503,808 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
PRC - [2003/06/19 20:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2002/10/08 19:28:42 | 00,040,960 | ---- | M] () -- C:\WINDOWS\system32\TpScrLk.exe
PRC - [2002/09/20 11:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2001/08/23 10:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe


========== Modules (SafeList) ==========

MOD - [2009/11/24 16:50:36 | 00,529,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael E. Israel\Desktop\OTL.exe
MOD - [2008/04/13 16:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/13 16:12:00 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mslbui.dll
MOD - [2008/04/13 16:11:53 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2007/08/10 22:30:34 | 00,065,536 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/10/31 13:26:15 | 01,179,232 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/04/13 16:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/13 16:11:55 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\irmon.dll -- (Irmon)
SRV - [2008/03/15 12:03:34 | 00,019,456 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/03/04 07:34:12 | 01,122,304 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2007/11/02 12:51:02 | 00,036,136 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2007/10/23 23:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/10/23 23:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2007/10/16 15:33:00 | 00,037,424 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2007/10/11 07:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007/10/11 07:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2007/10/09 10:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2007/09/26 14:34:46 | 00,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/06/21 14:18:54 | 00,483,328 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2007/05/15 15:08:40 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZIPM12.DLL -- (Pml Driver HPZ12)
SRV - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2007/01/03 17:40:21 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2006/10/18 18:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006/06/14 22:40:28 | 00,115,952 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/06/14 22:40:24 | 01,805,552 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/06/14 22:40:16 | 00,031,472 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2006/04/17 10:12:28 | 00,151,552 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2006/04/17 10:12:26 | 00,040,960 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2006/04/14 08:44:58 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2006/04/14 08:43:02 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2006/04/14 08:42:26 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2006/04/11 14:13:38 | 01,160,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2006/03/24 14:14:58 | 00,169,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2006/03/24 14:14:52 | 00,192,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2006/02/23 08:41:02 | 02,045,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/01/24 17:06:58 | 00,214,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/11/04 07:21:28 | 01,516,584 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2005/06/06 18:26:22 | 00,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe -- (TpKmpSVC)
SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 09:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 20:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2002/09/20 11:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2009/09/23 04:55:23 | 00,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/27 00:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\eengine\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 00:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 00:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20091024.005\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 00:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20091024.005\NAVENG.SYS -- (NAVENG)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/04/13 10:54:36 | 00,028,672 | ---- | M] (National Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2008/04/13 10:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/10 22:30:00 | 00,004,442 | ---- | M] () -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/02 12:50:30 | 00,021,808 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2007/10/16 15:33:00 | 00,103,472 | ---- | M] (Lenovo.) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2007/10/16 15:32:00 | 00,019,504 | ---- | M] (Lenovo.) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2007/08/10 22:25:28 | 00,177,664 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/07/19 21:39:50 | 02,142,488 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/07/18 16:44:22 | 03,599,000 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam Communicate Deluxe(UVC)
DRV - [2007/07/18 16:44:22 | 00,022,296 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2007/07/18 16:44:00 | 00,041,752 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/07/18 16:42:29 | 01,920,920 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007/06/21 14:26:20 | 02,156,032 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/05/02 08:34:32 | 00,161,792 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/02/18 21:56:46 | 00,021,376 | ---- | M] (Lenovo (United States) Inc.) -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2006/09/27 13:53:22 | 00,036,560 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/09/26 11:13:00 | 00,014,848 | ---- | M] (Lenovo, Ltd. and IBM Corporation) -- C:\WINDOWS\system32\drivers\TPDiskPM.sys -- (TPDiskPM)
DRV - [2006/09/26 11:13:00 | 00,006,528 | ---- | M] (Lenovo, Ltd. and IBM Corporation.) -- C:\WINDOWS\system32\drivers\TPInput.sys -- (TPInput)
DRV - [2006/07/12 12:01:03 | 00,007,012 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pmemnt.sys -- (pmem)
DRV - [2006/07/12 08:55:20 | 00,021,275 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2006/05/14 23:53:00 | 00,007,168 | ---- | M] () -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2006/05/05 13:19:50 | 00,107,696 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2006/04/14 10:04:08 | 00,013,568 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/04/12 16:04:39 | 00,049,664 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2006/04/12 16:04:39 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2006/04/12 16:04:39 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2006/04/11 14:13:34 | 00,389,776 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/04/05 16:38:22 | 02,208,512 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2006/01/24 17:06:36 | 00,195,776 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2006/01/24 17:06:32 | 00,024,768 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2006/01/16 22:52:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\SMAPINT.SYS -- (Smapint)
DRV - [2006/01/16 22:52:00 | 00,009,343 | ---- | M] () -- C:\WINDOWS\system32\drivers\TDSMAPI.SYS -- (TDSMAPI)
DRV - [2006/01/12 21:33:22 | 00,006,016 | ---- | M] () -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2005/12/19 17:41:58 | 00,054,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/12/19 17:41:56 | 00,337,592 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/11/08 06:27:20 | 00,011,520 | ---- | M] (IBM Corp.) -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)
DRV - [2005/11/04 07:20:40 | 00,303,735 | ---- | M] (Cisco Systems, Inc.) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/10/18 13:53:24 | 00,998,656 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/10/18 13:52:38 | 00,242,304 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2005/10/18 13:52:30 | 00,721,280 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/10/09 18:35:28 | 00,017,792 | ---- | M] (Winbond Electronics Corp.) -- C:\WINDOWS\system32\drivers\tpm.sys -- (TPM)
DRV - [2005/10/06 02:20:00 | 00,094,332 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/10/06 02:20:00 | 00,087,036 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/10/06 02:20:00 | 00,086,524 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/10/06 02:20:00 | 00,025,628 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/10/06 02:20:00 | 00,014,684 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/10/06 02:20:00 | 00,006,364 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/10/06 02:20:00 | 00,002,496 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\DLADResN.SYS -- (DLADResN)
DRV - [2005/10/05 13:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/12 00:30:00 | 00,089,264 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (drvmcdb)
DRV - [2005/08/25 09:16:52 | 00,005,628 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 09:16:16 | 00,022,684 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 02:20:00 | 00,040,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (drvnddm)
DRV - [2005/07/05 11:57:06 | 00,017,699 | ---- | M] (IBM Corporation) -- C:\WINDOWS\system32\drivers\TPHKDRV.sys -- (TPHKDRV)
DRV - [2005/06/29 16:50:30 | 00,110,080 | ---- | M] (Deterministic Networks, Inc.) -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005/05/17 01:51:34 | 00,005,315 | ---- | M] (Cisco Systems, Inc.) -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/04/21 13:44:54 | 00,014,336 | ---- | M] (National Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\nsctpm11.sys -- (TPM11)
DRV - [2005/02/10 13:31:34 | 00,260,224 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2005/01/26 03:22:20 | 00,280,344 | ---- | M] (Zone Labs LLC) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2004/05/17 06:23:48 | 00,133,200 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2001/08/23 10:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?hl=en"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/08 10:31:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/07 09:42:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/18 11:37:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.14\extensions\\Components: C:\Program Files\Mozilla Thunderbird2\components [2009/09/15 20:39:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.14\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird2\plugins [2009/11/18 11:37:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/09/15 20:39:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/11/18 11:37:24 | 00,000,000 | ---D | M]

[2008/09/04 12:20:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michael E. Israel\Application Data\Mozilla\Extensions
[2008/09/04 12:20:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michael E. Israel\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/20 21:08:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Michael E. Israel\Application Data\Mozilla\Firefox\Profiles\sbdz4tw9.default\extensions
[2007/10/21 21:59:14 | 00,001,068 | ---- | M] () -- C:\Documents and Settings\Michael E. Israel\Application Data\Mozilla\Firefox\Profiles\sbdz4tw9.default\searchplugins\wikipedia-english.xml
[2009/11/24 11:41:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/07 09:42:30 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/04/11 16:48:57 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/07/26 07:38:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2008/05/05 06:01:18 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2009/07/08 10:32:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/11/18 19:47:47 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2009/11/07 09:41:50 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/07 09:41:51 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2006/06/25 18:43:54 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2009/10/11 04:17:27 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2006/10/02 10:59:14 | 01,859,584 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2006/09/28 18:21:47 | 00,094,208 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2006/10/07 09:26:02 | 00,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2009/11/07 09:42:07 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/03/22 16:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2006/01/27 23:57:22 | 00,139,305 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/11/18 11:37:22 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/11/18 11:37:22 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/11/18 11:37:22 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/11/18 11:37:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/11/18 11:37:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/11/18 11:37:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/11/18 11:37:23 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2006/01/27 23:56:18 | 00,081,967 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009/05/08 12:31:19 | 00,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2007/04/16 09:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2007/03/09 15:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2009/08/23 01:02:08 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/08/23 01:02:08 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/08/23 01:02:08 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/08/23 01:02:08 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/08/23 01:02:08 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/08/23 01:02:08 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/08/23 01:02:08 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
O4 - HKLM..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [BLOG] C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\dla\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe ()
O4 - HKLM..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe ()
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Michael E. Israel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [pcceol] C:\Documents and Settings\Michael E. Israel\pcceol.exe (JWUtSCAt)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found
O4 - Startup: C:\Documents and Settings\Michael E. Israel\Start Menu\Programs\Startup\CCC.lnk = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\PkgMgr.exe (Lenovo Group Limited)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 67 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1257300070281 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1257300031000 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O20 - Winlogon\Notify\tpfnf2: DllName - notifyf2.dll - C:\WINDOWS\System32\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - tphklock.dll - C:\WINDOWS\System32\tphklock.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/12 08:44:21 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006/07/12 08:43:42 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (67839029915156480)

========== Files/Folders - Created Within 30 Days ==========

[2009/11/24 16:50:22 | 00,529,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michael E. Israel\Desktop\OTL.exe
[2009/11/24 16:25:06 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Michael E. Israel\Desktop\RootRepeal.exe
[2009/11/23 16:36:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michael E. Israel\Desktop\walk dont run
[2009/11/23 16:29:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michael E. Israel\My Documents\desktop 11-09
[2009/11/22 17:55:46 | 00,086,016 | RHS- | C] (JWUtSCAt) -- C:\Documents and Settings\Michael E. Israel\pcceol.exe
[2009/11/22 10:25:09 | 00,000,000 | ---D | C] -- C:\Program Files\Veetle
[2009/11/18 19:47:37 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/11/18 19:47:37 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/11/18 19:47:37 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/11/18 19:01:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michael E. Israel\My Documents\OnLaw
[2009/11/17 21:25:00 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/11/17 21:16:06 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/11/03 20:10:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/11/03 19:42:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/11/03 19:42:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/11/03 19:42:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/11/03 19:42:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/11/03 19:37:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/11/03 19:25:44 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/11/03 19:06:53 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/11/03 19:06:49 | 00,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2009/11/03 19:06:49 | 00,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2009/11/03 19:06:48 | 00,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2009/11/03 19:06:48 | 00,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2009/11/03 19:06:48 | 00,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2009/11/03 19:06:48 | 00,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2009/11/03 19:06:47 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009/11/03 19:06:46 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys
[2009/11/03 19:06:46 | 00,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2009/11/03 19:06:44 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009/11/03 19:06:43 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009/11/03 19:06:40 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009/11/03 19:06:39 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/11/03 19:06:28 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2009/11/03 19:06:27 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2009/11/03 19:06:24 | 00,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2009/11/03 19:06:24 | 00,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2009/11/03 19:06:24 | 00,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2009/11/03 19:06:24 | 00,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2009/11/03 19:06:24 | 00,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2009/11/03 19:06:24 | 00,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2009/11/03 19:06:24 | 00,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2009/11/03 19:06:24 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009/11/03 19:06:23 | 00,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2009/11/03 19:06:23 | 00,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2009/11/03 19:06:23 | 00,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2009/11/03 19:06:22 | 00,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2009/11/03 19:06:22 | 00,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2009/11/03 19:06:17 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/11/03 19:06:14 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/11/03 19:06:08 | 00,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2009/11/03 19:06:08 | 00,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2009/11/03 19:06:07 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2009/11/03 19:06:07 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009/11/03 19:06:06 | 00,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2009/11/03 19:06:05 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/11/03 19:06:03 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/11/03 19:06:02 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/11/03 19:06:02 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/11/03 19:06:02 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/11/03 19:05:56 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/11/03 19:05:53 | 01,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2009/11/03 19:05:52 | 04,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2009/11/03 19:05:51 | 00,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2009/11/03 19:05:44 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/11/03 19:05:43 | 00,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2009/11/03 19:05:43 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/11/03 19:05:43 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/11/03 19:05:43 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009/11/03 19:05:42 | 01,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2009/11/03 19:05:41 | 01,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2009/11/03 19:05:41 | 01,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/11/03 19:05:41 | 00,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2009/11/03 19:05:41 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/11/03 19:05:41 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/11/03 19:05:39 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/11/03 19:05:39 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/11/03 19:05:18 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/11/03 19:05:18 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/11/03 19:05:18 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/11/03 19:05:18 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/11/03 19:04:47 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/11/03 19:04:46 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/11/03 19:04:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/11/03 19:04:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/11/03 19:04:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/11/03 19:04:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/11/03 19:04:40 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2009/11/03 19:04:40 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pidgen.dll
[2009/11/03 19:04:28 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2009/11/03 19:04:26 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2009/11/03 19:04:22 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2009/11/03 19:04:21 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009/11/03 19:04:16 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009/11/03 19:04:13 | 01,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2009/11/03 19:04:13 | 00,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2009/11/03 19:04:13 | 00,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2009/11/03 19:04:13 | 00,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2009/11/03 19:04:11 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009/11/03 19:04:11 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2009/11/03 19:04:10 | 00,144,384 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2009/11/03 19:04:08 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009/11/03 19:04:00 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2009/11/03 19:03:52 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/11/03 19:03:52 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/11/03 19:03:52 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/11/03 19:03:51 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/11/03 19:03:51 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/11/03 19:03:50 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/11/03 19:03:50 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/11/03 19:03:49 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/11/03 19:03:32 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/11/03 19:03:32 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/11/03 19:03:32 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/11/03 19:03:32 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/11/03 19:03:32 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/11/03 19:03:32 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/11/03 19:03:32 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/11/03 19:03:29 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/11/03 19:03:29 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/11/03 19:03:28 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/11/03 19:03:23 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/11/03 19:03:15 | 00,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2009/11/03 19:03:11 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys
[2009/11/03 19:03:11 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009/11/03 19:03:11 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009/11/03 19:03:11 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2009/11/03 19:03:11 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2009/11/03 19:03:10 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/11/03 19:03:10 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/11/03 19:03:09 | 00,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2009/11/03 19:03:09 | 00,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2009/11/03 19:03:09 | 00,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2009/11/03 19:03:09 | 00,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2009/11/03 19:03:09 | 00,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2009/11/03 19:03:08 | 00,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2009/11/03 19:03:08 | 00,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2009/11/03 19:03:08 | 00,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2009/11/03 19:03:07 | 00,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2009/11/03 19:03:07 | 00,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2009/11/03 19:03:07 | 00,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2009/11/03 19:03:07 | 00,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2009/11/03 19:03:07 | 00,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2009/11/03 19:03:07 | 00,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2009/11/03 19:03:07 | 00,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2009/11/03 19:03:07 | 00,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2009/11/03 19:03:07 | 00,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2009/11/03 19:03:07 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2009/11/03 19:03:07 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2009/11/03 19:03:06 | 00,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2009/11/03 19:03:06 | 00,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2009/11/03 19:03:06 | 00,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2009/11/03 19:03:06 | 00,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2009/11/03 19:03:06 | 00,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2009/11/03 19:03:06 | 00,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2009/11/03 19:03:06 | 00,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2009/11/03 19:03:06 | 00,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2009/11/03 19:03:06 | 00,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2009/11/03 19:03:06 | 00,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2009/11/03 19:03:06 | 00,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2009/11/03 19:03:06 | 00,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2009/11/03 19:03:01 | 00,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2009/11/03 19:03:01 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys
[2009/11/03 19:02:58 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys
[2009/11/03 19:02:58 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys
[2009/11/03 19:02:57 | 00,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2009/11/03 19:02:57 | 00,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2009/11/03 19:02:57 | 00,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2009/11/03 19:02:57 | 00,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2009/11/03 19:02:56 | 00,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2009/11/03 19:02:56 | 00,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2009/11/03 19:02:56 | 00,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2009/11/03 18:02:07 | 00,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/11/03 17:55:22 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/11/03 15:17:24 | 00,000,000 | --SD | C] -- C:\Combo-Fix
[2009/11/02 14:14:55 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/02 14:14:51 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/02 14:14:45 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/02 13:31:06 | 00,271,872 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michael E. Israel\Desktop\TFC.exe
[2009/11/01 18:08:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/11/01 17:32:27 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/11/01 17:27:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/11/01 11:20:31 | 00,000,000 | ---D | C] -- C:\Program Files\[bleep]
[2009/10/31 13:33:06 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/10/31 13:31:51 | 00,093,360 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009/10/31 13:21:22 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/31 13:20:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/10/30 14:09:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Michael E. Israel\My Documents\wendell_data
[1996/11/17 22:00:00 | 00,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[11 C:\Documents and Settings\Michael E. Israel\My Documents\*.tmp files -> C:\Documents and Settings\Michael E. Israel\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/24 16:50:36 | 00,529,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael E. Israel\Desktop\OTL.exe
[2009/11/24 16:26:39 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Michael E. Israel\Desktop\settings.dat
[2009/11/24 16:25:20 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Michael E. Israel\Desktop\RootRepeal.exe
[2009/11/24 13:19:51 | 00,000,324 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2009/11/24 11:27:09 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/24 10:09:56 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/11/24 10:07:12 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/24 10:06:58 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/24 10:06:44 | 53,522,0224 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/23 20:54:49 | 09,437,184 | -H-- | M] () -- C:\Documents and Settings\Michael E. Israel\ntuser.dat
[2009/11/23 20:54:49 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Michael E. Israel\ntuser.ini
[2009/11/22 17:56:21 | 00,000,535 | ---- | M] () -- C:\Documents and Settings\Michael E. Israel\VEzSGp.bat
[2009/11/22 17:55:46 | 00,086,016 | RHS- | M] (JWUtSCAt) -- C:\Documents and Settings\Michael E. Israel\pcceol.exe
[2009/11/22 17:46:24 | 00,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1303643608-725345543-1006UA.job
[2009/11/22 15:46:08 | 00,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1303643608-725345543-1006Core.job
[2009/11/17 20:43:17 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/11 18:19:07 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Michael E. Israel\My Documents\Apartments 2009.doc
[2009/11/03 20:21:47 | 00,069,336 | ---- | M] () -- C:\Documents and Settings\Michael E. Israel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/03 20:16:27 | 00,444,656 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/03 20:16:26 | 00,072,496 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/03 20:16:22 | 00,526,212 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/03 20:09:52 | 00,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/03 19:32:58 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/11/03 17:29:41 | 00,271,872 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michael E. Israel\Desktop\TFC.exe
[2009/11/01 18:16:35 | 00,000,261 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/11/01 18:15:51 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/11/01 17:32:45 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/10/31 13:31:22 | 00,093,360 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009/10/31 13:31:01 | 00,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/30 20:08:55 | 00,000,384 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/10/30 14:09:50 | 00,002,853 | ---- | M] () -- C:\Documents and Settings\Michael E. Israel\My Documents\wendell.aup
[2009/10/29 19:32:47 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Michael E. Israel\My Documents\contraa.doc
[2009/10/29 18:48:08 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Michael E. Israel\My Documents\Bum Titles.doc
[2009/10/28 17:30:53 | 00,047,104 | ---- | M] () -- C:\Documents and Settings\Michael E. Israel\My Documents\MichaelIsrael_resume.doc
[11 C:\Documents and Settings\Michael E. Israel\My Documents\*.tmp files -> C:\Documents and Settings\Michael E. Israel\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/24 16:26:39 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Michael E. Israel\Desktop\settings.dat
[2009/11/22 17:56:20 | 00,000,535 | ---- | C] () -- C:\Documents and Settings\Michael E. Israel\VEzSGp.bat
[2009/11/11 18:19:06 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\Michael E. Israel\My Documents\Apartments 2009.doc
[2009/11/03 19:05:46 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/11/03 19:04:26 | 00,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/11/03 19:03:25 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/11/03 19:03:08 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/11/01 17:32:44 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/11/01 17:32:35 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/10/31 19:19:05 | 00,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/31 13:41:05 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/30 14:09:50 | 00,002,853 | ---- | C] () -- C:\Documents and Settings\Michael E. Israel\My Documents\wendell.aup
[2009/10/29 19:32:01 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Michael E. Israel\My Documents\contraa.doc
[2009/10/28 17:30:52 | 00,047,104 | ---- | C] () -- C:\Documents and Settings\Michael E. Israel\My Documents\MichaelIsrael_resume.doc
[2008/06/01 17:54:22 | 00,058,163 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/03/14 16:42:25 | 00,000,849 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/03/14 16:40:15 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2006/11/20 11:09:20 | 00,000,018 | ---- | C] () -- C:\Documents and Settings\Michael E. Israel\Local Settings\Application Data\msesbucf.txt
[2006/11/20 11:08:06 | 00,107,008 | ---- | C] () -- C:\WINDOWS\System32\fxtls432.dll
[2006/11/20 11:07:39 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\ESUtil.dll
[2006/10/23 09:29:11 | 00,030,208 | ---- | C] () -- C:\Documents and Settings\Michael E. Israel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/29 20:19:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2006/09/20 05:45:35 | 00,069,336 | ---- | C] () -- C:\Documents and Settings\Michael E. Israel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/09/15 15:41:16 | 00,002,902 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/02 02:21:26 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Michael E. Israel\Application Data\desktop.ini
[2006/09/01 21:01:26 | 02,813,902 | -H-- | C] () -- C:\Documents and Settings\Michael E. Israel\Local Settings\Application Data\IconCache.db
[2006/07/27 09:28:42 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/07/14 06:32:12 | 00,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2006/07/14 06:30:58 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2006/07/13 13:26:23 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/07/13 13:26:22 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/07/13 13:26:22 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/07/13 13:26:22 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/07/13 13:26:22 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/07/13 13:26:22 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/07/13 13:25:40 | 00,000,384 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/07/12 13:31:46 | 00,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2006/07/12 13:31:45 | 00,189,480 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2006/07/12 13:03:36 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/07/12 11:57:26 | 00,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2006/07/12 11:56:53 | 00,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2006/07/12 11:54:54 | 00,006,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2006/07/12 11:52:42 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll
[2006/07/12 09:12:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2006/07/12 08:44:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2006/07/12 08:40:43 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2006/07/12 08:40:43 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2006/07/12 08:40:04 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2006/07/12 08:40:03 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2006/07/12 04:32:02 | 00,526,212 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2006/07/12 04:32:01 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/07/12 04:31:33 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2006/07/11 14:33:49 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/07/02 20:37:12 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/07/02 20:37:10 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/19 18:21:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/19 18:21:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2005/11/30 17:16:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll
[2005/08/10 08:56:00 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\ESxUtil.dll
[2005/08/08 10:27:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/07/05 20:45:08 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll
[2004/08/03 21:56:46 | 01,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll
[2004/08/03 21:56:46 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll
[2004/08/03 21:56:46 | 00,386,048 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll
[2004/08/03 21:56:46 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll
[2004/08/03 21:56:46 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004/08/03 21:56:46 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll
[2004/08/03 21:56:44 | 00,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll
[2004/08/03 21:56:44 | 00,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004/08/03 21:56:44 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll
[2004/08/03 21:56:44 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll
[2004/08/03 21:56:44 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004/08/03 21:56:42 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2004/08/03 21:56:42 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004/08/03 21:56:26 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004/08/03 21:56:14 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll
[2004/08/03 19:46:56 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004/08/03 19:45:16 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004/08/03 19:45:16 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004/08/03 19:45:14 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004/08/03 19:45:12 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004/08/03 19:45:10 | 00,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004/07/17 08:46:14 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2003/01/07 12:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 10:00:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001/08/23 10:00:00 | 00,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2001/08/23 10:00:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001/08/23 10:00:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001/08/23 10:00:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001/08/23 10:00:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001/08/23 10:00:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001/08/23 10:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001/08/23 10:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001/08/23 10:00:00 | 00,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001/08/23 10:00:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001/08/23 10:00:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001/08/23 10:00:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2001/08/23 10:00:00 | 00,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001/08/23 10:00:00 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001/08/23 10:00:00 | 00,010,110 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001/08/23 10:00:00 | 00,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001/08/23 10:00:00 | 00,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001/08/23 10:00:00 | 00,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001/08/23 10:00:00 | 00,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001/08/23 10:00:00 | 00,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001/08/23 10:00:00 | 00,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001/08/23 10:00:00 | 00,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001/08/23 10:00:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001/08/23 10:00:00 | 00,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001/08/23 10:00:00 | 00,000,658 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 10:00:00 | 00,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001/08/23 10:00:00 | 00,000,261 | ---- | C] () -- C:\WINDOWS\system.ini
[2001/08/17 14:36:28 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001/07/07 00:00:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/03/29 19:00:00 | 00,125,440 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.DLL
[1999/10/23 15:29:44 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\UNRAR.DLL
[1999/08/11 12:28:02 | 00,101,888 | ---- | C] () -- C:\WINDOWS\System32\LIBBZ2.DLL
[1999/05/21 18:10:00 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\ZIPDLL.DLL
[1998/10/10 21:07:38 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1998/01/27 21:06:04 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\UNACE.DLL
[1996/11/17 23:00:00 | 00,054,272 | ---- | C] () -- C:\WINDOWS\System32\P2irdao.dll
[1996/11/17 22:00:00 | 00,748,160 | ---- | C] () -- C:\WINDOWS\System32\Co2c40en.dll
[1996/11/17 22:00:00 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\P2sodbc.dll
[1996/11/17 22:00:00 | 00,050,176 | ---- | C] () -- C:\WINDOWS\System32\P2ctdao.dll
[1996/11/17 22:00:00 | 00,036,352 | ---- | C] () -- C:\WINDOWS\System32\P2bbnd.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004/08/03 21:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004/08/03 21:56:46 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004/08/03 21:56:46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\logevent.dll

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004/08/03 19:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 19:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

< %SYSTEMDRIVE%\nvgts.sys /s /md5 >

< %SYSTEMDRIVE%\iastorv.sys /s /md5 >

< %SYSTEMDRIVE%\ViPrt.sys /s /md5 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A794DD9B
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7A23DAA1
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
  • 0

#3
be_here_now
Posted 28 November 2009 - 02:02 PM

be_here_now

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
things have gone from bad to worse.

it now is virtually unusable, as i'm posting this on another computer.

it now moves extremely slowly, freezes when i try to load any anti-virus program, and after a short time displays the following error message in a window labeled "RUNDLL" :

Error loading c:\windows\system32\voyuvofe.dll

The specified module could not be found.

what can i do?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP