Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Constant attempts to access malware IPs

Started by therealex , May 18 2010 09:15 PM

  • This topic is locked This topic is locked

#76
therealex
Posted 27 June 2010 - 09:48 AM

therealex

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Here it is:

OTL logfile created on: 6/27/2010 11:25:04 AM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Russell Alexander\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 19.00% Memory free
5.00 Gb Paging File | 3.00 Gb Available in Paging File | 53.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.04 Gb Total Space | 10.88 Gb Free Space | 22.65% Space Free | Partition Type: NTFS
Drive D: | 12.65 Gb Total Space | 2.90 Gb Free Space | 22.92% Space Free | Partition Type: FAT32
Drive E: | 35.94 Gb Total Space | 24.47 Gb Free Space | 68.08% Space Free | Partition Type: NTFS
Drive F: | 35.74 Gb Total Space | 19.60 Gb Free Space | 54.85% Space Free | Partition Type: NTFS
Drive G: | 35.80 Gb Total Space | 22.58 Gb Free Space | 63.06% Space Free | Partition Type: NTFS
Drive H: | 35.79 Gb Total Space | 13.65 Gb Free Space | 38.14% Space Free | Partition Type: NTFS
Drive I: | 41.57 Gb Total Space | 25.16 Gb Free Space | 60.51% Space Free | Partition Type: NTFS
Drive J: | 10.65 Gb Total Space | 3.62 Gb Free Space | 34.02% Space Free | Partition Type: FAT32
Drive K: | 8.65 Gb Total Space | 3.12 Gb Free Space | 36.04% Space Free | Partition Type: FAT32
Drive L: | 11.74 Gb Total Space | 2.54 Gb Free Space | 21.60% Space Free | Partition Type: FAT32
Drive M: | 9.47 Gb Total Space | 4.89 Gb Free Space | 51.65% Space Free | Partition Type: FAT32
Drive N: | 21.32 Gb Total Space | 7.25 Gb Free Space | 34.00% Space Free | Partition Type: FAT32
Unable to calculate disk information.
Drive P: | 2.49 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive Q: | 465.76 Gb Total Space | 278.81 Gb Free Space | 59.86% Space Free | Partition Type: NTFS
Drive W: | 149.05 Gb Total Space | 64.36 Gb Free Space | 43.18% Space Free | Partition Type: NTFS

Computer Name: RUSSELL
Current User Name: Russell Alexander
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/06/27 11:24:06 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Russell Alexander\Desktop\OTL.exe
PRC - [2010/06/14 21:28:06 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/06/09 17:17:20 | 000,116,104 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/06/09 17:17:11 | 000,378,248 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2010/05/06 16:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/04/01 13:58:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/30 12:37:57 | 001,800,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010/01/30 12:37:56 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009/11/12 04:49:10 | 000,660,664 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009/10/23 11:56:18 | 019,291,304 | ---- | M] (Firetrust Ltd) -- C:\Program Files\MailWasher\MailWasher.exe
PRC - [2009/08/17 23:54:54 | 012,957,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
PRC - [2009/05/27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/12/09 16:09:30 | 000,068,136 | ---- | M] () -- C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/04/17 14:03:50 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2007/04/17 14:03:50 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2006/11/13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 13:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/09/26 22:23:12 | 000,503,808 | ---- | M] (FinePrint Software, LLC) -- C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\fpdisp5a.exe
PRC - [2006/03/24 23:23:22 | 000,098,304 | ---- | M] (Brio) -- C:\Program Files\FolderSize\FolderSizeSvc.exe
PRC - [2005/11/09 01:33:42 | 005,264,384 | ---- | M] (Linksys) -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe
PRC - [2005/07/04 16:46:04 | 000,053,307 | ---- | M] (GEMTEKS) -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
PRC - [2005/04/27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) -- F:\UPHClean\uphclean.exe
PRC - [2001/09/24 09:39:28 | 000,098,304 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe
PRC - [2000/06/29 03:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) -- C:\WINDOWS\SYSTEM32\Crypserv.exe
PRC - [2000/02/08 23:19:48 | 000,036,864 | ---- | M] (Roland) -- H:\Roland\VSC32\vscvol.exe
PRC - [2000/02/07 03:02:44 | 000,036,864 | ---- | M] (Roland) -- H:\Roland\VSC32\Vsc32Cnf.exe


========== Modules (SafeList) ==========

MOD - [2010/06/27 11:24:06 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Russell Alexander\Desktop\OTL.exe
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msscript.ocx
MOD - [2007/10/19 13:19:10 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (WUSB54Gv42SVC)
SRV - File not found [On_Demand | Stopped] -- -- (RoxWatch9)
SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [On_Demand | Stopped] -- -- (PnkBstrA)
SRV - File not found [On_Demand | Stopped] -- -- (LQAN)
SRV - [2010/06/09 17:17:20 | 000,116,104 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 16:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/22 18:35:54 | 000,106,712 | ---- | M] (Softros Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Process Blocker\Process Blocker.exe -- (Process Blocker)
SRV - [2010/01/30 12:37:56 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009/12/15 19:06:38 | 002,480,048 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009/11/13 07:31:14 | 000,092,008 | ---- | M] (TomTom) [On_Demand | Stopped] -- e:\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/11/12 04:49:10 | 000,660,664 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/10/20 14:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/05/28 20:06:59 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/05/27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2009/03/13 21:26:31 | 000,039,936 | ---- | M] (C-Dilla Ltd) [Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2008/12/09 16:09:30 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 23:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2007/10/19 13:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/04/17 14:03:50 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2007/03/03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2007/03/01 07:04:58 | 000,020,480 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2006/11/09 15:30:14 | 000,065,536 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2006/06/05 13:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006/03/24 23:23:22 | 000,098,304 | ---- | M] (Brio) [Auto | Running] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)
SRV - [2005/11/01 10:39:50 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2005/04/27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2004/10/20 09:40:04 | 000,010,328 | ---- | M] (America Online) [Disabled | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2004/10/15 15:54:14 | 000,100,016 | ---- | M] (America Online, Inc) [Disabled | Stopped] -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor)
SRV - [2004/03/30 16:15:24 | 000,090,183 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\PortReporter\PortReporter.exe -- (PortReporter)
SRV - [2003/11/25 18:10:00 | 000,053,248 | ---- | M] (GEAR Software) [Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\gearsec.exe -- (GEARSecurity)
SRV - [2002/03/18 12:15:44 | 000,001,846 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\br.dll -- (BR)
SRV - [2000/06/29 03:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)


========== Driver Services (SafeList) ==========

DRV - [2010/06/24 22:25:08 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010/06/14 16:58:46 | 000,020,292 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\Partizan.log -- (Partizan)
DRV - [2010/06/14 16:06:23 | 000,024,416 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\regguard.sys -- (RegGuard)
DRV - [2010/06/09 17:17:12 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/05/06 16:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 16:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\aswSP.sys -- (aswSP)
DRV - [2010/05/06 16:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 16:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\aswmon2.sys -- (aswMon2)
DRV - [2010/05/06 16:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/06 16:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\aavmker4.sys -- (Aavmker4)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys -- (MBAMProtector)
DRV - [2010/03/09 21:47:26 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdguard.sys -- (cmdGuard)
DRV - [2010/03/04 20:01:12 | 000,029,312 | ---- | M] (Line 6) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\l6dp.sys -- (L6DP)
DRV - [2010/01/30 12:38:02 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010/01/30 12:38:02 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdhlp.sys -- (cmdHlp)
DRV - [2009/12/15 19:06:40 | 000,160,288 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\afcdp.sys -- (afcdp)
DRV - [2009/12/15 19:06:30 | 000,911,680 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm258.sys -- (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258)
DRV - [2009/12/15 19:06:20 | 000,581,984 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/12/15 19:06:07 | 000,158,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/10/20 14:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\npf.sys -- (NPF)
DRV - [2009/08/24 21:25:18 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\atksgt.sys -- (atksgt)
DRV - [2009/08/24 21:25:09 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\lirsgt.sys -- (lirsgt)
DRV - [2009/07/07 18:00:32 | 000,532,992 | ---- | M] (Line 6) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\L6TPortB.sys -- (L6TPortB)
DRV - [2009/05/15 23:58:45 | 004,069,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - [2009/01/20 18:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/01/15 09:19:00 | 006,301,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2008/12/25 17:32:32 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008/08/07 07:14:56 | 000,111,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/07/24 18:46:08 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MPE.sys -- (MPE)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmnt.sys -- (nm)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/28 15:31:50 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2007/12/06 09:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\yk51x86.sys -- (yukonwxp)
DRV - [2007/10/19 13:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Lvckap.sys -- (LVcKap)
DRV - [2007/10/11 18:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 18:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/07/09 18:40:52 | 000,128,144 | R--- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\dne2000.sys -- (DNE)
DRV - [2007/06/27 16:27:10 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mcstrm.sys -- (MCSTRM)
DRV - [2007/06/08 03:05:42 | 000,230,784 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\dmdcap.sys -- (U6000ALL) HDTV110 TV Box(ALL)
DRV - [2007/04/16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AmdPPM.sys -- (AmdPPM)
DRV - [2007/04/09 08:27:08 | 000,031,548 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\scdemu.sys -- (SCDEmu)
DRV - [2007/03/14 14:11:50 | 000,037,120 | ---- | M] (E-MU Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\emuumidi.sys -- (emuumidi)
DRV - [2006/11/01 05:01:56 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\rminiv3.sys -- (mirrorv3)
DRV - [2006/02/08 15:44:00 | 003,846,016 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/01/11 07:21:38 | 000,019,200 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AnyDVD.sys -- (AnyDVD)
DRV - [2005/11/21 00:48:22 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASPI32.SYS -- (Aspi32)
DRV - [2005/10/21 19:05:00 | 000,027,264 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\dvd_2k.sys -- (dvd_2K)
DRV - [2005/10/21 19:05:00 | 000,027,136 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mmc_2k.sys -- (mmc_2K)
DRV - [2005/10/17 19:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2005/09/27 11:02:38 | 000,020,747 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) WPA Security Protocol (IEEE 802.1x)
DRV - [2005/05/16 05:15:20 | 000,186,496 | R--- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cx88vid.sys -- (CX23880)
DRV - [2005/05/16 05:13:20 | 000,008,960 | R--- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cx88xbar.sys -- (CX88XBAR)
DRV - [2005/04/21 06:40:38 | 000,010,624 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2005/01/27 03:22:00 | 000,088,016 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/12/23 13:29:20 | 000,011,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2004/09/24 10:00:36 | 000,039,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\vgauti.sys -- (VGAUTI)
DRV - [2004/08/05 22:49:12 | 000,828,160 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmudau.sys -- (cmudau)
DRV - [2004/05/17 22:04:16 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\DGIVECP.SYS -- (DgiVecp)
DRV - [2004/05/12 14:01:18 | 000,097,408 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys -- (SI3112r)
DRV - [2004/04/12 15:26:02 | 000,016,509 | ---- | M] (Palm, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PalmUSBD.sys -- (PalmUSBD)
DRV - [2004/03/23 22:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\nsndis5.sys -- (NSNDIS5)
DRV - [2004/03/02 16:11:58 | 000,169,086 | R--- | M] (Roland Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\rdwm1006.sys -- (RD1006)
DRV - [2003/12/30 06:38:52 | 000,028,080 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\incdrm.sys -- (incdrm)
DRV - [2003/10/22 04:38:20 | 000,351,776 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ar5211.sys -- (AR5211)
DRV - [2003/10/15 11:28:16 | 000,010,240 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/08/12 20:45:00 | 000,311,552 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nvapu.sys -- (nvnforce) Service for NVIDIA® nForce™
DRV - [2003/08/12 20:45:00 | 000,036,864 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nvax.sys -- (nvax) Service for NVIDIA® nForce™
DRV - [2003/07/31 13:45:52 | 000,112,000 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ser2pl.sys -- (Ser2pl)
DRV - [2003/06/06 17:53:16 | 000,070,656 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NVENET.sys -- (NVENET)
DRV - [2003/03/19 02:51:00 | 000,018,688 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/09/24 09:42:12 | 000,116,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\p35u.sys -- (QCPro) Logitech QuickCam Pro USB(PID_D001)
DRV - [2001/08/17 14:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 13:57:46 | 000,065,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\s3legacy.sys -- (s3legacy)
DRV - [2001/08/17 13:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\el90xbc5.sys -- (EL90XBC)
DRV - [2001/04/16 09:16:58 | 000,951,284 | ---- | M] (Roland) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\vsc.sys -- (vsc32)
DRV - [2001/04/13 20:18:24 | 000,188,276 | ---- | M] (Roland) [Kernel | Auto | Running] -- C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys -- (RVIEGVST)
DRV - [2001/04/13 20:16:38 | 000,187,992 | ---- | M] (Roland) [Kernel | Auto | Running] -- C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys -- (RVIEG01)
DRV - [2000/12/30 20:51:22 | 000,005,568 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\sysid.sys -- (sysid)
DRV - [2000/02/03 14:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
DRV - [1997/04/22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASLM75.SYS -- (aslm75)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.w50.com/sw/searchbar/
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.w50.com/sw/searchbar/
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = MSN Search
IE - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.msn.co...a...1&noredir=1
IE - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1220945662-362288127-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1220945662-362288127-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1220945662-362288127-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 0.0.0.0:80

IE - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.w50.com/sw/searchbar/
IE - HKU\S-1-5-21-1220945662-362288127-839522115-1011\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "engine://F%3A%5Cnetscape%5Csearchplugins%5CSBWeb_01.src"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.586
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.3
FF - prefs.js..extensions.enabledItems: {50997114-a686-4585-8fb9-ce1093a1cf75}:2.7.0.14

FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/05 21:23:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/25 14:28:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/01 17:50:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.1\Extensions\\Components: f:\netscape\Components [2010/01/18 14:10:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.1\Extensions\\Plugins: f:\netscape\Plugins [2010/06/21 21:40:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Components: f:\netscape\Components [2010/01/18 14:10:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Plugins: f:\netscape\Plugins [2010/06/21 21:40:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.3\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/07/22 22:44:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.3\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2010/06/01 17:50:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/07/22 22:44:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2010/06/01 17:50:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.1.0.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/07/22 22:44:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.1.0.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2010/06/01 17:50:31 | 000,000,000 | ---D | M]

[2009/06/11 18:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Extensions
[2009/06/11 18:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Extensions\[email protected]
[2010/06/24 23:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions
[2010/05/25 00:08:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/23 11:41:49 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/06/09 22:53:36 | 000,000,000 | ---D | M] (audiocandy.com Radio Toolbar) -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\{50997114-a686-4585-8fb9-ce1093a1cf75}
[2009/06/13 14:28:31 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2007/01/04 15:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\[email protected]
[2010/03/24 18:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\[email protected]
[2010/06/09 22:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\[email protected]
[2009/05/06 08:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\[email protected]
[2008/09/21 18:56:18 | 000,000,900 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\searchplugins\conduit.xml
[2010/06/24 23:47:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/29 09:18:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2008/04/10 16:00:54 | 000,044,360 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcdec.dll
[2008/04/10 16:00:54 | 000,107,928 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcext.dll
[2007/03/22 14:57:10 | 000,057,504 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/05/03 17:36:48 | 000,493,608 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPil86.dll
[2005/12/05 22:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2003/11/18 13:37:32 | 000,241,664 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll
[2009/01/12 19:07:00 | 002,633,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npRACtrl.dll
[2007/07/18 15:54:00 | 000,245,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\unicows.dll

O1 HOSTS File: ([2010/05/30 19:03:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx ()
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx ()
O3 - HKU\S-1-5-19\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx ()
O3 - HKU\S-1-5-20\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx ()
O3 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx ()
O3 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [vsc32cnf.exe] h:\Roland\VSC32\Vsc32Cnf.exe (Roland)
O4 - HKLM..\Run: [vscvol.exe] h:\Roland\VSC32\vscvol.exe (Roland)
O4 - HKU\.DEFAULT..\Run: [iLike] C:\Program Files\iLike\1.1.41\ilikesidebar.exe (iLike)
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-18..\Run: [iLike] C:\Program Files\iLike\1.1.41\ilikesidebar.exe (iLike)
O4 - HKU\S-1-5-18..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-21-1220945662-362288127-839522115-1003..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1220945662-362288127-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1220945662-362288127-839522115-1011..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [Printing Migration] C:\WINDOWS\System32\spool\migrate.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Printing Migration] C:\WINDOWS\System32\spool\migrate.DLL (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnforceShellExtensionSecurity = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnforceShellExtensionSecurity = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnforceShellExtensionSecurity = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = [binary data]
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = [binary data]
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = [binary data]
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnforceShellExtensionSecurity = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = [binary data]
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnforceShellExtensionSecurity = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = [binary data]
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = [binary data]
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = [binary data]
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnforceShellExtensionSecurity = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = [binary data]
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Open with BitPump - C:\Program Files\AnalogX\BitPump\ieint.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_20.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe (America Online, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE File not found
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .pl - M:\Internet Explorer\PLUGINS\NPSibelius.dll (Sibelius Software Ltd)
O15 - HKU\.DEFAULT\..Trusted Domains: accountonline.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: accountonline.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: accountonline.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-20\..Trusted Domains: accountonline.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\..Trusted Domains: accountonline.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\..Trusted Domains: line6.net ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1220945662-362288127-839522115-1003\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1220945662-362288127-839522115-1011\..Trusted Domains: accountonline.com ([www] https in Trusted sites)
O16 - DPF: {00000160-0000-0010-8000-00AA00389B71} http://codecs.micros...pha/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.micros...386/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} Reg Error: Value error. (SupportSoft SmartIssue)
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} Reg Error: Value error. (SupportSoft Script Runner Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} Reg Error: Value error. (QuickTime Object)
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {0B72CCA4-5F11-11D0-9CB5-0000C0EC9FDB} Reg Error: Value error. (Street Technologies ActiveX Control Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} http://inst.c-wss.co...ml/gtdownlr.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {3A6514CD-A457-11D4-8AF3-000102686B79} http://www.bugnosis....oads/webbug.cab (Bugnosis)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akama...meInstaller.exe (Reg Error: Key error.)
O16 - DPF: {4248083C-9656-11D2-8B7F-00105A17847A} http://mplayer.com/j...nup/mplayer.exe (Reg Error: Key error.)
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} Reg Error: Value error. (PWMediaSendControl Class)
O16 - DPF: {6D5FCFCB-FA6C-4CFB-9918-5F0A9F7365F2} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} Reg Error: Value error. (InstallShield International Setup Player)
O16 - DPF: {76A2A0AB-38B7-46DB-8E47-F10CDE4D7920} http://aerial.leepa....plugins/NCS.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8C6C6922-6258-44AC-9912-53964AC55276} http://217.160.140.6...d/xloader10.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...7998.7923842593 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CEBC955E-58AF-11D2-A30A-00A0C903492B} http://windowsupdate...en/actsetup.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} Reg Error: Value error. (ActiveDataObj Class)
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} Reg Error: Value error. (Live Collaboration)
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} Reg Error: Value error. (IERPCtl Class)
O16 - DPF: ChatSpace Java Client 2.1.0.84 http://63.102.227.45/Java/cs4ms084.cab (Reg Error: Key error.)
O16 - DPF: Dialpad Java Applet http://www.dialpad.c...et/src/vscp.cab (Reg Error: Key error.)
O16 - DPF: Dialpad US Java Applet http://www.dialpad.c...et/src/vscp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Serome Web2Phone http://www.dialpad.com/applet/vscp.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Backgammon http://download.game...nts/y/at0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! PagerLite http://jpager.yahoo.com/m6/msgr.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\CASTLE.BMP
O24 - Desktop BackupWallPaper: C:\WINDOWS\CASTLE.BMP
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {F552DDE6-2090-4bf4-B924-6141E87789A5} - q:\regrun suite\RRShell.dll (Greatis Software, LLC)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2002/05/07 17:24:24 | 000,000,928 | -HS- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2004/11/19 00:25:40 | 000,000,728 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/04/15 14:23:36 | 000,000,898 | -HS- | M] () - C:\AUTOEXEC.DOS -- [ NTFS ]
O32 - AutoRun File - [2000/06/21 17:17:56 | 000,001,014 | -HS- | M] () - C:\AUTOEXEC.OLD -- [ NTFS ]
O32 - AutoRun File - [2010/06/08 18:45:58 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/05/25 16:18:41 | 000,000,000 | ---D | M] - E:\auto hypnosis -- [ NTFS ]
O32 - AutoRun File - [2010/06/08 18:45:56 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/25 21:27:50 | 000,000,000 | ---D | M] - H:\Auto-Tune -- [ NTFS ]
O32 - AutoRun File - [2010/06/08 18:45:56 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/06/08 18:45:56 | 000,000,000 | RHSD | M] - I:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/06/08 18:45:58 | 000,000,000 | RHSD | M] - J:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010/06/08 18:45:58 | 000,000,000 | RHSD | M] - K:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010/06/08 18:45:58 | 000,000,000 | RHSD | M] - L:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010/06/08 18:45:58 | 000,000,000 | RHSD | M] - M:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2005/11/06 19:36:30 | 000,000,000 | ---D | M] - M:\autorun - list startup autoruns -- [ FAT32 ]
O32 - AutoRun File - [2010/06/08 18:45:58 | 000,000,000 | RHSD | M] - N:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2007/09/26 23:02:52 | 000,000,063 | R--- | M] () - P:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2010/06/08 18:45:57 | 000,000,000 | RHSD | M] - Q:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/06/08 18:45:57 | 000,000,000 | RHSD | M] - W:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/27 11:24:06 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Russell Alexander\Desktop\OTL.exe
[2010/06/21 21:48:46 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/06/18 17:33:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Russell Alexander\Desktop\Windows Mobile 6
[2010/06/15 18:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Process Blocker
[2010/06/14 22:40:13 | 000,000,000 | ---D | C] -- G:\My Documents\Simply Super Software
[2010/06/11 19:21:50 | 000,000,000 | ---D | C] -- G:\My Documents\Palm stuff exported
[2010/06/11 18:39:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ASTULogTemp
[2010/06/11 06:41:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/06/10 17:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/06/09 00:50:10 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/06/04 18:40:42 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010/06/04 18:40:42 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010/06/04 18:40:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010/06/04 18:40:37 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010/06/04 18:40:34 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010/06/04 18:40:28 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010/06/04 18:40:25 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010/06/04 18:40:18 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010/06/04 18:40:14 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010/06/04 18:40:08 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010/06/04 18:40:04 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010/06/04 18:39:58 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010/06/04 18:39:58 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010/06/04 18:39:54 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010/06/04 18:39:48 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010/06/04 18:39:48 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010/06/04 18:39:46 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010/06/04 18:39:44 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010/06/04 18:39:42 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010/06/04 18:39:42 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010/06/04 18:39:39 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010/06/04 18:39:37 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010/06/04 18:39:37 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010/06/04 18:39:35 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010/06/04 18:39:33 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010/06/04 18:39:31 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010/06/04 18:39:31 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010/06/04 18:39:28 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010/06/04 18:39:25 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010/06/04 18:39:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010/06/04 18:39:24 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010/06/04 18:39:21 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010/06/04 18:39:21 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010/06/04 18:39:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010/06/04 18:39:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010/06/04 18:39:15 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010/06/04 18:39:15 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010/06/04 18:39:13 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010/06/04 18:39:09 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010/06/04 18:39:06 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010/06/04 18:39:04 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010/06/04 18:39:02 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010/06/04 18:39:02 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010/06/04 18:39:00 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010/06/04 18:38:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010/06/04 18:38:53 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010/06/04 18:38:53 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010/06/04 18:38:51 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010/06/04 18:38:48 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2010/06/04 18:38:46 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2010/06/04 18:38:46 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2010/06/04 18:38:42 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2010/06/04 18:38:40 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2010/06/04 18:38:40 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2010/06/04 18:38:38 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2010/06/04 18:38:38 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2010/06/04 18:38:36 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2010/06/04 18:38:31 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2010/06/04 18:38:28 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2010/06/04 18:38:28 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2010/06/04 18:38:26 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2010/06/04 18:38:24 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2010/06/04 18:38:23 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2010/06/04 18:38:21 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010/06/04 18:38:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2010/06/04 18:38:21 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2010/06/04 18:38:19 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2010/06/04 18:38:19 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2010/06/04 18:38:18 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2010/06/04 18:38:17 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2010/06/04 18:38:16 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2010/06/04 18:38:07 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2010/06/04 18:38:06 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2010/06/04 18:38:06 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2010/06/04 18:38:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2010/06/04 18:28:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010/06/02 00:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\Temp
[2010/05/31 13:37:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Russell Alexander\Application Data\OpenOffice.org
[2010/05/31 13:25:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/05/31 12:57:18 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010/05/31 12:56:41 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/05/31 12:49:45 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/05/31 12:49:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/05/31 12:49:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/05/29 09:19:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/29 09:18:40 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/05/28 21:14:33 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/05/28 17:05:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/05/28 17:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[1 C:\WINDOWS\System\*.tmp files -> C:\WINDOWS\System\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/06/27 11:40:02 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-362288127-839522115-1003UA.job
[2010/06/27 11:36:54 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8DFA899A-AA07-44DE-8D3D-8F75C1C957F1}.job
[2010/06/27 11:33:04 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/27 11:24:06 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Russell Alexander\Desktop\OTL.exe
[2010/06/27 02:40:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-362288127-839522115-1003Core.job
[2010/06/26 21:33:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/25 20:54:47 | 000,000,441 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CDmax.lnk
[2010/06/24 22:27:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/24 22:25:08 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010/06/24 22:24:04 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/24 22:23:35 | 000,178,544 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/06/24 20:45:51 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Russell Alexander\ntuser.ini
[2010/06/24 20:45:50 | 025,165,824 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\ntuser.dat
[2010/06/23 12:07:27 | 000,221,464 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\GDIPFONTCACHEV1.DAT
[2010/06/23 11:11:48 | 001,963,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/22 23:00:35 | 000,653,584 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/22 23:00:35 | 000,553,646 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/22 23:00:35 | 000,107,928 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/22 09:40:12 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\PUTTY.RND
[2010/06/19 15:19:08 | 000,000,071 | ---- | M] () -- C:\WINDOWS\BBW_INFO.INI
[2010/06/19 13:05:06 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/17 22:47:32 | 000,042,904 | ---- | M] () -- C:\WINDOWS\CDPLAYER.INI
[2010/06/14 16:06:23 | 000,024,416 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2010/06/12 16:21:28 | 000,069,120 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/11 20:30:24 | 000,028,952 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\Comma Separated Values (Windows).ADR
[2010/06/11 20:15:12 | 000,004,015 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\Comma Separated Values (DOS).NOT
[2010/06/11 18:39:26 | 000,016,544 | ---- | M] () -- C:\WINDOWS\System32\ASTULog.cab
[2010/06/11 18:39:26 | 000,001,046 | ---- | M] () -- C:\WINDOWS\System32\setup.inf
[2010/06/11 18:39:26 | 000,000,283 | ---- | M] () -- C:\WINDOWS\System32\setup.rpt
[2010/06/11 06:11:00 | 002,660,852 | -H-- | M] () -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\IconCache.db
[2010/06/10 23:47:23 | 000,003,408 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/06/10 23:47:23 | 000,002,789 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/06/10 23:47:23 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[2010/06/10 17:03:11 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\$_hpcst$.hpc
[2010/06/09 17:17:12 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/06/09 17:17:12 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/06/09 17:17:12 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/06/09 03:34:25 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/09 03:30:17 | 000,000,063 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/06/05 15:31:15 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\Microsoft\Internet Explorer\Quick Launch\WinMerge.lnk
[2010/05/31 21:09:17 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Painkiller Overdose.lnk
[2010/05/30 19:06:24 | 000,015,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/05/30 19:03:54 | 000,003,499 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/30 19:03:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/05/29 20:25:12 | 000,010,242 | ---- | M] () -- G:\My Documents\iexplore_virus.xlsx
[2010/05/29 20:16:58 | 000,036,864 | ---- | M] () -- G:\My Documents\ports.xls
[2010/05/29 14:18:13 | 000,000,245 | RHS- | M] () -- C:\boot.ini
[2010/05/29 09:22:19 | 000,073,281 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Desktop\JavaRa.zip
[2010/05/28 21:14:52 | 000,002,240 | ---- | M] () -- G:\My Documents\hitman pro log.xml
[2010/05/28 21:14:33 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/05/28 19:07:27 | 000,002,138 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[1 C:\WINDOWS\System\*.tmp files -> C:\WINDOWS\System\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/25 20:54:47 | 000,000,441 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CDmax.lnk
[2010/06/22 09:40:12 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\PUTTY.RND
[2010/06/14 21:28:37 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ShLog.txt
[2010/06/11 20:30:24 | 000,028,952 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Application Data\Comma Separated Values (Windows).ADR
[2010/06/11 20:15:09 | 000,004,015 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Application Data\Comma Separated Values (DOS).NOT
[2010/06/11 18:39:26 | 000,016,544 | ---- | C] () -- C:\WINDOWS\System32\ASTULog.cab
[2010/06/11 18:39:25 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\setup.inf
[2010/06/11 18:39:25 | 000,000,283 | ---- | C] () -- C:\WINDOWS\System32\setup.rpt
[2010/06/10 17:03:11 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Application Data\$_hpcst$.hpc
[2010/06/08 18:50:19 | 000,005,288 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\ShLog.txt
[2010/06/08 18:28:08 | 000,211,608 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\ShLog.txt
[2010/06/08 18:23:03 | 000,057,556 | ---- | C] () -- C:\WINDOWS\guard.bmp
[2010/06/08 17:50:33 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2010/06/05 15:31:15 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Application Data\Microsoft\Internet Explorer\Quick Launch\WinMerge.lnk
[2010/06/04 18:31:00 | 000,000,446 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8DFA899A-AA07-44DE-8D3D-8F75C1C957F1}.job
[2010/05/31 21:09:17 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Painkiller Overdose.lnk
[2010/05/29 20:25:12 | 000,010,242 | ---- | C] () -- G:\My Documents\iexplore_virus.xlsx
[2010/05/29 19:44:42 | 000,036,864 | ---- | C] () -- G:\My Documents\ports.xls
[2010/05/29 09:22:18 | 000,073,281 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Desktop\JavaRa.zip
[2010/05/28 21:14:52 | 000,002,240 | ---- | C] () -- G:\My Documents\hitman pro log.xml
[2010/05/28 19:07:27 | 000,002,138 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2010/05/28 17:05:43 | 000,015,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/03/11 13:01:39 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/01/29 10:23:44 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009/11/15 22:29:04 | 000,000,383 | ---- | C] () -- C:\WINDOWS\GearBox.ini
[2009/10/20 14:19:30 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/08/24 21:25:18 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/08/24 21:25:09 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/08/20 12:29:13 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/08/20 12:29:13 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/08/20 12:28:00 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2009/06/30 10:48:40 | 000,000,459 | ---- | C] () -- C:\WINDOWS\avpr.ini
[2009/04/14 00:58:14 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2009/01/15 09:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/01/15 09:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/01/15 09:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/01/15 09:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/12/16 04:50:46 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\cmdrvrmu.dll
[2008/12/14 20:58:09 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\GTTunerCard.dll
[2008/12/14 20:58:09 | 000,237,646 | ---- | C] () -- C:\WINDOWS\System32\Snap_device.dll
[2008/12/14 20:58:08 | 000,069,707 | ---- | C] () -- C:\WINDOWS\System32\DISP_OPT1.dll
[2008/12/13 21:53:49 | 000,230,784 | R--- | C] () -- C:\WINDOWS\System32\drivers\dmdcap.sys
[2008/12/13 21:53:45 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2008/11/19 01:13:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2008/11/04 00:29:20 | 000,002,294 | ---- | C] () -- C:\WINDOWS\U3DEDIT2.INI
[2008/09/12 20:40:30 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/06/28 16:47:22 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2008/06/28 16:47:01 | 000,000,650 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2008/05/26 17:00:02 | 000,001,762 | ---- | C] () -- C:\WINDOWS\System32\emuumidi.ini
[2008/05/26 17:00:02 | 000,000,038 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008/03/28 16:22:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2008/03/14 13:20:10 | 000,001,668 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2008/02/22 00:26:44 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/01/04 16:57:22 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/01/04 16:57:22 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/01/04 16:56:24 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/07/04 23:01:31 | 000,002,777 | ---- | C] () -- C:\WINDOWS\TVC8XDrv.ini
[2007/06/19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007/04/20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/03/22 14:57:50 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2007/03/06 13:39:44 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsProbe.sys
[2007/02/09 18:59:33 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/02/09 18:59:32 | 000,471,552 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007/02/08 00:07:50 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2007/02/04 15:17:09 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv11300p3now.sys
[2007/01/30 12:24:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/23 14:11:42 | 000,000,107 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2007/01/15 19:33:18 | 000,002,307 | R--- | C] () -- C:\WINDOWS\Cmudau.ini
[2007/01/09 19:39:45 | 000,000,041 | ---- | C] () -- C:\WINDOWS\System32\ccafeaaaee_d.dll
[2006/11/03 19:49:11 | 000,000,958 | ---- | C] () -- C:\WINDOWS\APDFPRP.INI
[2006/11/03 19:16:11 | 000,000,095 | ---- | C] () -- C:\WINDOWS\crackpdf.INI
[2006/09/18 14:37:50 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx12_ic.ini
[2006/09/18 14:37:48 | 000,667,280 | ---- | C] () -- C:\WINDOWS\System32\tx12.dll
[2006/06/26 00:57:04 | 000,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2006/06/17 20:04:40 | 000,000,174 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2006/05/07 18:19:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ciaUni40.dll
[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2006/02/18 17:33:08 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AudACM.ini
[2006/02/08 23:29:20 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\DVDEncoder.dll
[2006/02/07 12:59:00 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Kingdia DVD Ripper.INI
[2006/02/07 11:28:47 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Arc DVD Copy.INI
[2006/02/06 21:40:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/02/05 19:12:47 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Speed Video Converter.INI
[2005/12/18 11:40:27 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.DLL
[2005/11/07 00:17:24 | 000,000,059 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2005/11/07 00:17:21 | 000,024,608 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2005/11/07 00:17:21 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2005/11/01 11:09:23 | 000,777,728 | ---- | C] () -- C:\WINDOWS\System32\SSLSVC.DLL
[2005/11/01 11:09:23 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2005/11/01 11:09:23 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2005/11/01 11:09:22 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\lang_cfml.dll
[2005/11/01 11:09:22 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\xml_datagrove.dll
[2005/10/24 02:16:11 | 000,205,312 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2005/09/29 15:18:34 | 000,000,072 | ---- | C] () -- C:\WINDOWS\NPRiff.INI
[2005/09/04 22:56:54 | 000,468,480 | ---- | C] () -- C:\WINDOWS\System32\NMDll.dll
[2005/09/04 22:56:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\HDBHO.dll
[2005/09/04 22:56:54 | 000,020,480 | ---- | C] () -- C:\WINDOWS\yhl.dll
[2005/09/04 22:56:54 | 000,007,168 | ---- | C] () -- C:\WINDOWS\lq.dll
[2005/07/15 14:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/07/09 23:36:57 | 000,000,101 | ---- | C] () -- C:\WINDOWS\FCJCP.INI
[2005/06/24 10:18:40 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\muangsys.dll
[2005/06/24 10:18:40 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\muadisp.dll
[2005/05/12 03:23:54 | 000,000,026 | ---- | C] () -- C:\WINDOWS\FPKPMSV.INI
[2005/04/20 02:02:46 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\micr0st.dll
[2005/04/15 10:41:12 | 000,005,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\sysid.sys
[2005/04/15 02:16:02 | 000,000,931 | ---- | C] () -- C:\WINDOWS\PVAStrumento.ini
[2005/02/26 18:47:05 | 000,351,776 | R--- | C] () -- C:\WINDOWS\System32\drivers\ar5211.sys
[2005/02/26 18:47:05 | 000,351,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\ar52119x.sys
[2005/02/22 04:24:05 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/02/21 02:02:21 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/02/16 07:33:05 | 000,523,264 | ---- | C] () -- C:\WINDOWS\System32\pano12.dll
[2005/02/05 08:38:20 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\CIASecurity.dll
[2005/02/03 01:30:22 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2005/01/28 11:59:39 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\mswin32.drv
[2005/01/23 17:06:31 | 000,000,048 | ---- | C] () -- C:\WINDOWS\QFNONL.INI
[2004/12/31 13:15:06 | 000,000,351 | ---- | C] () -- C:\WINDOWS\WHOffice.INI
[2004/12/18 11:13:52 | 000,000,135 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/11/30 04:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/11/22 00:55:02 | 000,000,139 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2004/11/21 12:28:35 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\NMH040A.DLL
[2004/11/21 02:42:52 | 000,011,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2004/11/20 16:19:05 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\wfxhelp21.dll
[2004/11/20 12:10:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2004/11/20 11:28:56 | 000,038,401 | ---- | C] () -- C:\WINDOWS\System32\RdCi1006.dll
[2004/11/20 11:09:29 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS4w.DLL
[2004/11/20 09:45:36 | 000,018,253 | ---- | C] () -- C:\WINDOWS\System32\ssnvfx.ini
[2004/11/20 09:40:40 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2004/11/20 09:36:01 | 000,003,611 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2004/11/20 09:35:59 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2004/11/20 03:10:14 | 000,172,128 | ---- | C] () -- C:\WINDOWS\HOST.INI
[2004/11/20 03:10:14 | 000,006,596 | ---- | C] () -- C:\WINDOWS\Astro.INI
[2004/11/20 03:10:14 | 000,005,737 | ---- | C] () -- C:\WINDOWS\pixcache.ini
[2004/11/20 03:10:14 | 000,002,472 | ---- | C] () -- C:\WINDOWS\INTUPROF.INI
[2004/11/20 03:10:14 | 000,002,297 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2004/11/20 03:10:14 | 000,001,604 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/11/20 03:10:14 | 000,001,401 | ---- | C] () -- C:\WINDOWS\webpos2.ini
[2004/11/20 03:10:14 | 000,001,205 | ---- | C] () -- C:\WINDOWS\HPFdjc16.ini
[2004/11/20 03:10:14 | 000,000,751 | ---- | C] () -- C:\WINDOWS\Bti.ini
[2004/11/20 03:10:14 | 000,000,641 | ---- | C] () -- C:\WINDOWS\letsdraw.ini
[2004/11/20 03:10:14 | 000,000,546 | ---- | C] () -- C:\WINDOWS\epspmgr4.ini
[2004/11/20 03:10:14 | 000,000,530 | ---- | C] () -- C:\WINDOWS\Audition.ini
[2004/11/20 03:10:14 | 000,000,442 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2004/11/20 03:10:14 | 000,000,316 | ---- | C] () -- C:\WINDOWS\BELT.INI
[2004/11/20 03:10:14 | 000,000,217 | ---- | C] () -- C:\WINDOWS\vidwiz.ini
[2004/11/20 03:10:14 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/11/20 03:10:14 | 000,000,124 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2004/11/20 03:10:14 | 000,000,108 | ---- | C] () -- C:\WINDOWS\epconfig.ini
[2004/11/20 03:10:14 | 000,000,083 | ---- | C] () -- C:\WINDOWS\IMPORTCLIENT.INI
[2004/11/20 03:10:14 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2004/11/20 03:10:13 | 000,042,904 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2004/11/20 03:10:13 | 000,025,607 | ---- | C] () -- C:\WINDOWS\CSTBOX.INI
[2004/11/20 03:10:13 | 000,022,109 | ---- | C] () -- C:\WINDOWS\cool.ini
[2004/11/20 03:10:13 | 000,012,327 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2004/11/20 03:10:13 | 000,011,568 | ---- | C] () -- C:\WINDOWS\CDEX.INI
[2004/11/20 03:10:13 | 000,010,677 | ---- | C] () -- C:\WINDOWS\coolkb2k.ini
[2004/11/20 03:10:13 | 000,008,893 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2004/11/20 03:10:13 | 000,006,553 | ---- | C] () -- C:\WINDOWS\COUNTRY.INI
[2004/11/20 03:10:13 | 000,005,617 | R--- | C] () -- C:\WINDOWS\msosetup.ini
[2004/11/20 03:10:13 | 000,005,253 | ---- | C] () -- C:\WINDOWS\GWPRESET.INI
[2004/11/20 03:10:13 | 000,005,068 | ---- | C] () -- C:\WINDOWS\DELETEFI.INI
[2004/11/20 03:10:13 | 000,004,260 | ---- | C] () -- C:\WINDOWS\firstaid.ini
[2004/11/20 03:10:13 | 000,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2004/11/20 03:10:13 | 000,003,555 | ---- | C] () -- C:\WINDOWS\GWS.INI
[2004/11/20 03:10:13 | 000,003,148 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2004/11/20 03:10:13 | 000,002,707 | ---- | C] () -- C:\WINDOWS\WPUNIMIX.INI
[2004/11/20 03:10:13 | 000,002,481 | ---- | C] () -- C:\WINDOWS\WINCODE.INI
[2004/11/20 03:10:13 | 000,002,443 | ---- | C] () -- C:\WINDOWS\HPFCSS16.INI
[2004/11/20 03:10:13 | 000,002,292 | ---- | C] () -- C:\WINDOWS\7THLEVEL.INI
[2004/11/20 03:10:13 | 000,002,034 | ---- | C] () -- C:\WINDOWS\DATAFAX.INI
[2004/11/20 03:10:13 | 000,002,001 | ---- | C] () -- C:\WINDOWS\U3DEDIT.INI
[2004/11/20 03:10:13 | 000,001,944 | ---- | C] () -- C:\WINDOWS\FORGE32.INI
[2004/11/20 03:10:13 | 000,001,856 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/20 03:10:13 | 000,001,778 | ---- | C] () -- C:\WINDOWS\gvox.ini
[2004/11/20 03:10:13 | 000,001,770 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2004/11/20 03:10:13 | 000,001,370 | ---- | C] () -- C:\WINDOWS\tefview.ini
[2004/11/20 03:10:13 | 000,001,357 | ---- | C] () -- C:\WINDOWS\PLTWIN02.INI
[2004/11/20 03:10:13 | 000,001,165 | ---- | C] () -- C:\WINDOWS\GL_MMP.INI
[2004/11/20 03:10:13 | 000,001,047 | ---- | C] () -- C:\WINDOWS\pae.ini
[2004/11/20 03:10:13 | 000,001,043 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2004/11/20 03:10:13 | 000,000,940 | ---- | C] () -- C:\WINDOWS\MEDIAPAQ.INI
[2004/11/20 03:10:13 | 000,000,865 | ---- | C] () -- C:\WINDOWS\DOSREP.INI
[2004/11/20 03:10:13 | 000,000,856 | ---- | C] () -- C:\WINDOWS\PRESS BLASTER.INI
[2004/11/20 03:10:13 | 000,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2004/11/20 03:10:13 | 000,000,767 | ---- | C] () -- C:\WINDOWS\efscan.ini
[2004/11/20 03:10:13 | 000,000,764 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2004/11/20 03:10:13 | 000,000,763 | ---- | C] () -- C:\WINDOWS\rtcwgoty.INI
[2004/11/20 03:10:13 | 000,000,739 | ---- | C] () -- C:\WINDOWS\Mpcwin02.ini
[2004/11/20 03:10:13 | 000,000,666 | ---- | C] () -- C:\WINDOWS\clikbook.ini
[2004/11/20 03:10:13 | 000,000,634 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2004/11/20 03:10:13 | 000,000,581 | ---- | C] () -- C:\WINDOWS\goldwave.ini
[2004/11/20 03:10:13 | 000,000,549 | ---- | C] () -- C:\WINDOWS\rsagent.ini
[2004/11/20 03:10:13 | 000,000,448 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/11/20 03:10:13 | 000,000,445 | ---- | C] () -- C:\WINDOWS\CTDEL.INI
[2004/11/20 03:10:13 | 000,000,436 | ---- | C] () -- C:\WINDOWS\LAPLAYER.INI
[2004/11/20 03:10:13 | 000,000,404 | ---- | C] () -- C:\WINDOWS\TSCKL.INI
[2004/11/20 03:10:13 | 000,000,394 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2004/11/20 03:10:13 | 000,000,382 | ---- | C] () -- C:\WINDOWS\MSREGUSR.INI
[2004/11/20 03:10:13 | 000,000,364 | ---- | C] () -- C:\WINDOWS\NETSCAPE.INI
[2004/11/20 03:10:13 | 000,000,337 | ---- | C] () -- C:\WINDOWS\MIDIPLYR.INI
[2004/11/20 03:10:13 | 000,000,336 | ---- | C] () -- C:\WINDOWS\dffont.ini
[2004/11/20 03:10:13 | 000,000,320 | ---- | C] () -- C:\WINDOWS\Fwupload.ini
[2004/11/20 03:10:13 | 000,000,305 | ---- | C] () -- C:\WINDOWS\Rdin0006.ini
[2004/11/20 03:10:13 | 000,000,300 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/11/20 03:10:13 | 000,000,300 | ---- | C] () -- C:\WINDOWS\JETSUITE.INI
[2004/11/20 03:10:13 | 000,000,296 | ---- | C] () -- C:\WINDOWS\moffice.ini
[2004/11/20 03:10:13 | 000,000,263 | ---- | C] () -- C:\WINDOWS\WAVEPLYR.INI
[2004/11/20 03:10:13 | 000,000,259 | ---- | C] () -- C:\WINDOWS\cbtsys.ini
[2004/11/20 03:10:13 | 000,000,247 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2004/11/20 03:10:13 | 000,000,247 | ---- | C] () -- C:\WINDOWS\MPPAGER.INI
[2004/11/20 03:10:13 | 000,000,243 | ---- | C] () -- C:\WINDOWS\HOMESITE.ini
[2004/11/20 03:10:13 | 000,000,240 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2004/11/20 03:10:13 | 000,000,237 | ---- | C] () -- C:\WINDOWS\swacnfg.ini
[2004/11/20 03:10:13 | 000,000,231 | ---- | C] () -- C:\WINDOWS\Ac3api.ini
[2004/11/20 03:10:13 | 000,000,217 | ---- | C] () -- C:\WINDOWS\oh4win.INI
[2004/11/20 03:10:13 | 000,000,214 | ---- | C] () -- C:\WINDOWS\CJBMF.INI
[2004/11/20 03:10:13 | 000,000,205 | ---- | C] () -- C:\WINDOWS\pcmagcd.ini
[2004/11/20 03:10:13 | 000,000,204 | ---- | C] () -- C:\WINDOWS\rtpatch.ini
[2004/11/20 03:10:13 | 000,000,194 | ---- | C] () -- C:\WINDOWS\appr.ini
[2004/11/20 03:10:13 | 000,000,190 | ---- | C] () -- C:\WINDOWS\ctsyn.ini
[2004/11/20 03:10:13 | 000,000,187 | ---- | C] () -- C:\WINDOWS\PROFILER.INI
[2004/11/20 03:10:13 | 000,000,186 | ---- | C] () -- C:\WINDOWS\HEXpert.ini
[2004/11/20 03:10:13 | 000,000,178 | ---- | C] () -- C:\WINDOWS\TESTOUT.INI
[2004/11/20 03:10:13 | 000,000,171 | ---- | C] () -- C:\WINDOWS\INTUIT.INI
[2004/11/20 03:10:13 | 000,000,157 | ---- | C] () -- C:\WINDOWS\VSTUDIO.INI
[2004/11/20 03:10:13 | 000,000,156 | ---- | C] () -- C:\WINDOWS\JustAudio.ini
[2004/11/20 03:10:13 | 000,000,153 | ---- | C] () -- C:\WINDOWS\ThumbsCD.ini
[2004/11/20 03:10:13 | 000,000,143 | ---- | C] () -- C:\WINDOWS\SYSMIXER.INI
[2004/11/20 03:10:13 | 000,000,131 | ---- | C] () -- C:\WINDOWS\NETSPEED.INI
[2004/11/20 03:10:13 | 000,000,127 | ---- | C] () -- C:\WINDOWS\MRCLOCK.INI
[2004/11/20 03:10:13 | 000,000,127 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2004/11/20 03:10:13 | 000,000,123 | ---- | C] () -- C:\WINDOWS\SURFSTATS.INI
[2004/11/20 03:10:13 | 000,000,121 | ---- | C] () -- C:\WINDOWS\WILD.INI
[2004/11/20 03:10:13 | 000,000,120 | ---- | C] () -- C:\WINDOWS\WINFILE.INI
[2004/11/20 03:10:13 | 000,000,116 | ---- | C] () -- C:\WINDOWS\MEDIARCK.INI
[2004/11/20 03:10:13 | 000,000,116 | ---- | C] () -- C:\WINDOWS\IELnkbak.ini
[2004/11/20 03:10:13 | 000,000,114 | ---- | C] () -- C:\WINDOWS\CDPLYR.INI
[2004/11/20 03:10:13 | 000,000,110 | ---- | C] () -- C:\WINDOWS\treeprt.ini
[2004/11/20 03:10:13 | 000,000,105 | ---- | C] () -- C:\WINDOWS\mapiuid.ini
[2004/11/20 03:10:13 | 000,000,102 | ---- | C] () -- C:\WINDOWS\UABMAIN.INI
[2004/11/20 03:10:13 | 000,000,095 | ---- | C] () -- C:\WINDOWS\WAVEMAN.INI
[2004/11/20 03:10:13 | 000,000,091 | ---- | C] () -- C:\WINDOWS\ap_bat.ini
[2004/11/20 03:10:13 | 000,000,083 | ---- | C] () -- C:\WINDOWS\photos30.ini
[2004/11/20 03:10:13 | 000,000,081 | ---- | C] () -- C:\WINDOWS\JAUDIO.INI
[2004/11/20 03:10:13 | 000,000,076 | ---- | C] () -- C:\WINDOWS\MC.INI
[2004/11/20 03:10:13 | 000,000,071 | ---- | C] () -- C:\WINDOWS\BBW_INFO.INI
[2004/11/20 03:10:13 | 000,000,070 | ---- | C] () -- C:\WINDOWS\efaxview.ini
[2004/11/20 03:10:13 | 000,000,070 | ---- | C] () -- C:\WINDOWS\asym.ini
[2004/11/20 03:10:13 | 000,000,068 | ---- | C] () -- C:\WINDOWS\MYNAPSTER.INI
[2004/11/20 03:10:13 | 000,000,068 | ---- | C] () -- C:\WINDOWS\FPXPRESS.INI
[2004/11/20 03:10:13 | 000,000,066 | ---- | C] () -- C:\WINDOWS\ds2000.ini
[2004/11/20 03:10:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\SETSCAN.INI
[2004/11/20 03:10:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\Patch.ini
[2004/11/20 03:10:13 | 000,000,063 | ---- | C] () -- C:\WINDOWS\CTDELLAU.INI
[2004/11/20 03:10:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\URLPROXY.INI
[2004/11/20 03:10:13 | 000,000,060 | ---- | C] () -- C:\WINDOWS\ZDDBVIEW.INI
[2004/11/20 03:10:13 | 000,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2004/11/20 03:10:13 | 000,000,058 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2004/11/20 03:10:13 | 000,000,058 | ---- | C] () -- C:\WINDOWS\JUSTAUDIO_BASE.INI
[2004/11/20 03:10:13 | 000,000,057 | ---- | C] () -- C:\WINDOWS\m2khd.ini
[2004/11/20 03:10:13 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2004/11/20 03:10:13 | 000,000,054 | ---- | C] () -- C:\WINDOWS\TCWIN.INI
[2004/11/20 03:10:13 | 000,000,054 | ---- | C] () -- C:\WINDOWS\setihome.ini
[2004/11/20 03:10:13 | 000,000,053 | ---- | C] () -- C:\WINDOWS\BYCLEAN.INI
[2004/11/20 03:10:13 | 000,000,051 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2004/11/20 03:10:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EXCHNG32.INI
[2004/11/20 03:10:13 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FILERECOVER.INI
[2004/11/20 03:10:13 | 000,000,039 | ---- | C] () -- C:\WINDOWS\VIDEOWAVE.INI
[2004/11/20 03:10:13 | 000,000,038 | ---- | C] () -- C:\WINDOWS\magix.ini
[2004/11/20 03:10:13 | 000,000,038 | ---- | C] () -- C:\WINDOWS\dswplug.ini
[2004/11/20 03:10:13 | 000,000,037 | ---- | C] () -- C:\WINDOWS\PROSYS.INI
[2004/11/20 03:10:13 | 000,000,037 | ---- | C] () -- C:\WINDOWS\JRMXDLL.INI
[2004/11/20 03:10:13 | 000,000,037 | ---- | C] () -- C:\WINDOWS\FZDUMP.INI
[2004/11/20 03:10:13 | 000,000,037 | ---- | C] () -- C:\WINDOWS\coolmp3.ini
[2004/11/20 03:10:13 | 000,000,036 | ---- | C] () -- C:\WINDOWS\CYBERD.INI
[2004/11/20 03:10:13 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2004/11/20 03:10:13 | 000,000,032 | ---- | C] () -- C:\WINDOWS\aebpr.ini
[2004/11/20 03:10:13 | 000,000,028 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/11/20 03:10:13 | 000,000,028 | ---- | C] () -- C:\WINDOWS\LAVAPLAY.INI
[2004/11/20 03:10:13 | 000,000,027 | ---- | C] () -- C:\WINDOWS\ACROGRAF.INI
[2004/11/20 03:10:13 | 000,000,026 | ---- | C] () -- C:\WINDOWS\NDW.INI
[2004/11/20 03:10:13 | 000,000,026 | ---- | C] () -- C:\WINDOWS\cleantray.ini
[2004/11/20 03:10:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\TB60.INI
[2004/11/20 03:10:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\SOL.INI
[2004/11/20 03:10:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\ms_shell.ini
[2004/11/20 03:10:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\@loha.ini
[2004/11/20 03:10:13 | 000,000,022 | ---- | C] () -- C:\WINDOWS\SHAREMEM.INI
[2004/11/20 03:10:13 | 000,000,020 | ---- | C] () -- C:\WINDOWS\MP3com103best.ini
[2004/11/20 03:10:13 | 000,000,015 | ---- | C] () -- C:\WINDOWS\MTB40.INI
[2004/11/20 03:10:13 | 000,000,011 | ---- | C] () -- C:\WINDOWS\Msdevctl.ini
[2004/11/04 16:08:33 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\ISP2000.dll
[2004/09/24 10:00:36 | 000,039,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\vgauti.sys
[2004/09/24 09:58:38 | 000,039,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2004/09/24 01:38:41 | 000,189,952 | ---- | C] () -- C:\WINDOWS\QCARD32.DLL
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/11 19:36:40 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2004/07/20 20:15:15 | 000,022,464 | ---- | C] () -- C:\WINDOWS\System32\USB2SER.SYS
[2004/07/12 17:07:21 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/05/05 23:32:52 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2004/05/05 23:32:52 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2004/03/08 19:15:44 | 000,000,002 | ---- | C] () -- C:\WINDOWS\r105t1.dll
[2004/02/18 18:32:39 | 000,905,290 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004/02/10 19:15:36 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2004/01/27 07:13:02 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib_dec.dll
[2003/10/02 01:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/07/10 19:54:47 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2003/05/25 14:57:06 | 000,000,016 | ---- | C] () -- C:\WINDOWS\MOUSEDRW.DLL
[2003/05/22 09:06:21 | 000,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2003/05/14 07:37:10 | 000,009,472 | ---- | C] () -- C:\WINDOWS\unsqz.dll
[2003/05/14 07:37:07 | 000,205,312 | R--- | C] () -- C:\WINDOWS\patchw32.A534.dll
[2003/05/14 07:37:07 | 000,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2003/05/14 07:37:07 | 000,000,117 | ---- | C] () -- C:\WINDOWS\smp32.dll
[2003/05/14 07:37:05 | 000,081,920 | ---- | C] () -- C:\WINDOWS\asr32311.dll
[2003/05/14 07:37:05 | 000,001,846 | ---- | C] () -- C:\WINDOWS\br.dll
[2003/05/14 07:37:04 | 000,000,380 | ---- | C] () -- C:\WINDOWS\WINRDP10.SYS
[2003/05/14 07:36:52 | 000,001,077 | ---- | C] () -- C:\WINDOWS\Mgxclean.sys
[2003/05/14 07:36:51 | 000,025,600 | ---- | C] () -- C:\WINDOWS\MEMBOOT.DLL
[2003/05/14 07:36:50 | 000,187,392 | ---- | C] () -- C:\WINDOWS\LTANN62N.DLL
[2003/05/14 07:36:50 | 000,175,616 | ---- | C] () -- C:\WINDOWS\LFFAX62N.DLL
[2003/05/14 07:36:50 | 000,158,720 | ---- | C] () -- C:\WINDOWS\LFCMP62N.DLL
[2003/05/14 07:36:50 | 000,110,080 | ---- | C] () -- C:\WINDOWS\LFPNG62N.DLL
[2003/05/14 07:36:50 | 000,076,288 | ---- | C] () -- C:\WINDOWS\LTIMG62N.DLL
[2003/05/14 07:36:50 | 000,047,616 | ---- | C] () -- C:\WINDOWS\LFTIF62N.DLL
[2003/05/14 07:36:50 | 000,043,008 | ---- | C] () -- C:\WINDOWS\LTFIL62N.DLL
[2003/05/14 07:36:50 | 000,029,184 | ---- | C] () -- C:\WINDOWS\LTWND62N.DLL
[2003/05/14 07:36:50 | 000,027,136 | ---- | C] () -- C:\WINDOWS\LFLMA62N.DLL
[2003/05/14 07:36:50 | 000,024,576 | ---- | C] () -- C:\WINDOWS\LFICA62N.DLL
[2003/05/14 07:36:50 | 000,024,064 | ---- | C] () -- C:\WINDOWS\LTTWN62N.DLL
[2003/05/14 07:36:50 | 000,023,552 | ---- | C] () -- C:\WINDOWS\LFPCX62N.DLL
[2003/05/14 07:36:50 | 000,023,552 | ---- | C] () -- C:\WINDOWS\LFLMB62N.DLL
[2003/05/14 07:36:50 | 000,022,528 | ---- | C] () -- C:\WINDOWS\LFEPS62N.DLL
[2003/05/14 07:36:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFPCT62N.DLL
[2003/05/14 07:36:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFGIF62N.DLL
[2003/05/14 07:36:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFBMP62N.DLL
[2003/05/14 07:36:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LFPSD62N.DLL
[2003/05/14 07:36:50 | 000,019,968 | ---- | C] () -- C:\WINDOWS\LFWMF62N.DLL
[2003/05/14 07:36:50 | 000,019,968 | ---- | C] () -- C:\WINDOWS\LFTGA62N.DLL
[2003/05/14 07:36:50 | 000,019,456 | ---- | C] () -- C:\WINDOWS\LFWPG62N.DLL
[2003/05/14 07:36:50 | 000,018,944 | ---- | C] () -- C:\WINDOWS\LFIMG62N.DLL
[2003/05/14 07:36:50 | 000,018,432 | ---- | C] () -- C:\WINDOWS\LFRAS62N.DLL
[2003/05/14 07:36:50 | 000,018,432 | ---- | C] () -- C:\WINDOWS\LFMSP62N.DLL
[2003/05/14 07:36:50 | 000,017,920 | ---- | C] () -- C:\WINDOWS\LFMAC62N.DLL
[2003/05/14 07:36:50 | 000,017,920 | ---- | C] () -- C:\WINDOWS\LFCAL62N.DLL
[2003/05/14 07:36:50 | 000,017,408 | ---- | C] () -- C:\WINDOWS\LFWFX62N.DLL
[2003/05/14 07:36:49 | 000,058,368 | ---- | C] () -- C:\WINDOWS\ICQMAPI.DLL
[2003/05/14 07:36:49 | 000,035,328 | ---- | C] () -- C:\WINDOWS\INETWH32.DLL
[2003/05/14 07:36:49 | 000,009,136 | ---- | C] () -- C:\WINDOWS\INETWH16.DLL
[2003/05/14 07:36:44 | 000,202,752 | ---- | C] () -- C:\WINDOWS\CDAC14BA.DLL
[2003/05/14 07:36:43 | 000,038,400 | ---- | C] () -- C:\WINDOWS\ARSENAL.DLL
[2003/03/25 05:49:02 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003/03/25 05:49:02 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2003/03/07 02:05:46 | 000,115,712 | ---- | C] () -- C:\WINDOWS\System32\Crush32.dll
[2002/12/19 21:15:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\SAWZip.dll
[2002/08/28 11:42:10 | 000,016,973 | ---- | C] () -- C:\WINDOWS\System32\ZWebAuth.dll
[2002/08/14 13:39:05 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\Oxfwapi.dll
[2002/07/28 01:03:15 | 000,308,928 | ---- | C] () -- C:\WINDOWS\System32\ivflt08.dll
[2002/07/28 01:03:10 | 000,211,456 | ---- | C] () -- C:\WINDOWS\System32\ivbas08.dll
[2002/06/18 22:35:00 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2002/05/20 18:34:58 | 000,041,047 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2002/05/20 16:29:56 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\PTISTP.DLL
[2002/05/18 14:08:12 | 000,107,008 | ---- | C] () -- C:\WINDOWS\System32\FXTLS432.DLL
[2002/05/11 11:26:39 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\LTFIL61N.DLL
[2002/05/11 11:26:39 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\LFGIF61N.DLL
[2002/05/11 11:26:39 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\LFTGA61N.DLL
[2002/05/11 11:26:38 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\LFFAX61N.DLL
[2002/05/11 11:26:38 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\LFCMP61N.DLL
[2002/05/11 11:26:38 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\LFPNG61N.DLL
[2002/05/11 11:26:38 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\LFTIF61N.DLL
[2002/05/11 11:26:38 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\LFPCX61N.DLL
[2002/05/11 11:26:38 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\LFPCD61N.DLL
[2002/05/07 16:26:28 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\xfxdll.dll
[2002/05/07 16:24:57 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\WAVhsp32.dll
[2002/05/07 16:24:57 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\Wavlbsys.dll
[2002/05/07 16:24:39 | 000,115,712 | ---- | C] () -- C:\WINDOWS\System32\vboxp403.dll.bak
[2002/05/07 16:24:05 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2002/05/07 16:24:03 | 000,377,856 | ---- | C] () -- C:\WINDOWS\System32\tx32.dll
[2002/05/07 16:23:58 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\tsd2.dll
[2002/05/07 16:23:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\treeprt.dll
[2002/05/07 16:22:58 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\SETUPLIB.DLL
[2002/05/07 16:22:20 | 000,061,952 | ---- | C] () -- C:\WINDOWS\System32\rmmerge2.DLL
[2002/05/07 16:22:20 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\rmevents.DLL
[2002/05/07 16:22:18 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\regxplor.dll
[2002/05/07 16:21:57 | 000,471,040 | ---- | C] () -- C:\WINDOWS\System32\QTExporter.dll
[2002/05/07 16:21:52 | 000,280,576 | ---- | C] () -- C:\WINDOWS\System32\pxd_kom.dll
[2002/05/07 16:21:16 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\PIXTHK32.DLL
[2002/05/07 16:20:59 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[2002/05/07 16:20:50 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\Nmocod.dll
[2002/05/07 16:13:14 | 001,513,984 | ---- | C] () -- C:\WINDOWS\System32\MgxRdr80.dll
[2002/05/07 16:12:48 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\LPNG.DLL
[2002/05/07 16:12:48 | 000,204,288 | ---- | C] () -- C:\WINDOWS\System32\LSXConfig.dll
[2002/05/07 16:11:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2002/05/07 16:11:35 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2002/05/07 16:11:14 | 000,056,832 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2002/05/07 16:10:13 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\ifl_gif.dll
[2002/05/07 16:09:18 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\ide32.dll
[2002/05/07 16:09:15 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\Hyperman.dll
[2002/05/07 16:09:12 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\Gt4vqt.DLL
[2002/05/07 16:09:03 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\fxstudio.dll
[2002/05/07 16:09:01 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\freeisys.dll
[2002/05/07 16:08:52 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\eabtstrp.dll
[2002/05/07 16:08:43 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\drumpad.dll
[2002/05/07 16:07:31 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\D2Icons.Dll
[2002/05/07 15:59:59 | 000,292,352 | ---- | C] () -- C:\WINDOWS\System32\cfproject.dll
[2002/05/07 15:59:59 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\cfmsg.dll
[2002/05/07 15:59:44 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\CFFPTree.dll
[2002/05/07 15:57:52 | 000,075,976 | ---- | C] () -- C:\WINDOWS\System32\BASSDEC.dll
[2002/05/07 15:51:44 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\animation.dll
[2002/05/07 15:47:40 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2002/04/16 04:41:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\memtest.dll
[2002/04/11 20:53:44 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2002/04/11 10:47:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\msmscoin.dll
[2002/03/25 10:03:26 | 001,865,572 | ---- | C] () -- C:\WINDOWS\System32\ewctl32.dll
[2002/01/06 05:08:16 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2001/09/17 12:20:02 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1998/09/05 05:43:14 | 000,115,712 | ---- | C] () -- C:\WINDOWS\System32\vboxp403.dll
[1995/10/16 19:55:44 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[1980/01/01 00:00:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\MEMBG.DLL
[1980/01/01 00:00:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ICMFILTER.DLL
[1980/01/01 00:00:00 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

========== Custom Scans ==========


< C:\windows\tasks\* >
[2000/09/10 21:13:24 | 000,000,065 | RH-- | M] () -- C:\windows\tasks\desktop.ini
[2010/06/26 21:33:01 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/27 11:33:04 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/27 02:40:00 | 000,000,974 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-362288127-839522115-1003Core.job
[2010/06/27 11:40:02 | 000,001,026 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-362288127-839522115-1003UA.job
[2010/06/24 22:24:04 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010/06/27 11:36:54 | 000,000,446 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{8DFA899A-AA07-44DE-8D3D-8F75C1C957F1}.job

< C:\windows\system32\*.js /s >
[2001/08/23 14:00:00 | 000,048,410 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\agtcore.js
[2008/09/17 03:07:25 | 000,003,201 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\agtscrp2.js
[2004/08/03 22:03:30 | 000,267,850 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\agtscrpt.js
[2001/08/23 14:00:00 | 000,018,843 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\dialmgr.js
[2001/08/23 14:00:00 | 000,016,987 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\dslmain.js
[2008/04/13 11:46:34 | 000,019,346 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\error.js
[2001/08/23 14:00:00 | 000,013,137 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\iconnect.js
[2004/08/03 22:03:32 | 000,017,175 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\icsmgr.js
[2001/08/23 14:00:00 | 000,001,249 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\isptype.js
[2004/08/03 22:03:34 | 000,023,735 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\migrate.js
[2001/08/23 14:00:00 | 000,011,257 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\mousetut.js
[2008/09/17 03:07:25 | 000,009,607 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\oobeutil.js
[2001/08/23 14:00:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\SYSTEM32\oobe\sconnect.js

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
< End of report >
  • 0

Advertisements

#77
myrti
Posted 27 June 2010 - 01:19 PM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

that is still looking fine. Could you please try to boot into safe mode with networking. Start Malwarebytes (if possible) and let me know if the detection still occur.

If that doesn't work, please do a clean boot: http://support.microsoft.com/kb/310353 (don't disable the Malwarebytes entry either)

Let me know if you get detections or not.

regards myrti
  • 0

#78
therealex
Posted 28 June 2010 - 05:33 PM

therealex

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Hey,
No detections occurred, but as soon as I renamed iexplore.exe it began trying to start again. It couldn't, because I'm using a freeware program called Process Blocker, but it definitely tried. I went into Safe Mode to rename it back to a useless extension, as that's the only way to do it without respawning.

I also ran Avast! in boot mode, but it didn't find anything.
  • 0

#79
myrti
Posted 29 June 2010 - 01:45 PM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

so in clean boot mode with iexplore.exe having its normal name the contacts occurred? Does it also try to access the internet while you are in safe mode with networking?

regards myrti
  • 0

#80
therealex
Posted 29 June 2010 - 01:54 PM

therealex

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Sorry, I got a bit mixed there - I just did Safe Mode, not clean. Trying it in clean boot now.
  • 0

#81
therealex
Posted 29 June 2010 - 04:25 PM

therealex

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
In clean boot, iexplore tries to run. In Safe Mode it doesn't. This would indicate it's a service that doesn't run in Safe Mode, as System.ini, Win.ini, and startup items were all disabled. I checked the services, and they all SEEM to be legitimate. I noticed Process Monitor was running, and although it's a legitimate process from Logitech, I just stopped it and made it a manual process. Then I renamed iexplore to an exe file again.
It's been about 20 minutes, and it hasn't tried to start yet. Another false "answer", or a sneaky piece of malware that infected a legitimate service?
I'll let you know. Process Blocker is running, so if it tries to start I'll get a notification.
  • 0

#82
myrti
Posted 29 June 2010 - 04:32 PM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

let me know of the outcome. :)

clean boot usually includes to disable all non-microsoft services. Did you do that too? If not don't worry about repeating, it's just so I know what was disabled and what wasn't.

SafeMode changes a couple more things too, but the main focus would then indeed be on services and drivers. So that's what we would concentrate on, if the answer was false.
There is the possibility of the file having been infected, so if it turns out to really be the logitech file that is causing the connections, I would definitely have the file checked out at virustotal for example. It might still be some software trying to reach home or some of it partners, though. We can't really rule this out.

regards myrti
  • 0

#83
therealex
Posted 29 June 2010 - 04:35 PM

therealex

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Process Blocker just reported that it blocked iexplore.exe, so the Logicom service wasn't it. Something else is trying to run it.
  • 0

#84
myrti
Posted 01 July 2010 - 02:05 PM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

ok so let's take care of those odd web addresses:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :otl
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.w50.com/sw/searchbar/
E - HKU\S-1-5-21-1220945662-362288127-839522115-1011\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.w50.com/sw/searchbar/ 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.w50.com/sw/searchbar/
:files
C:\Windows\tasks\at*.job
:commands
[emptytemp]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  • Please post that log in your next reply.

    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.
    If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
================================Follow up scan=================================
  • Double click on OTL to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Under the Extra Registrybox change it to All.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extra.txt. This is saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post it with your next reply.

Please also let me know which services you disabeld for the clean boot so we can excempt them from the search for the culprit.

regards myrti
  • 0

#85
therealex
Posted 02 July 2010 - 01:53 PM

therealex

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Here we are:

OTL -

OTL logfile created on: 7/2/2010 12:31:45 PM - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Russell Alexander\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.04 Gb Total Space | 10.22 Gb Free Space | 21.27% Space Free | Partition Type: NTFS
Drive D: | 12.65 Gb Total Space | 2.90 Gb Free Space | 22.92% Space Free | Partition Type: FAT32
Drive E: | 35.94 Gb Total Space | 24.47 Gb Free Space | 68.08% Space Free | Partition Type: NTFS
Drive F: | 35.74 Gb Total Space | 19.64 Gb Free Space | 54.97% Space Free | Partition Type: NTFS
Drive G: | 35.80 Gb Total Space | 21.50 Gb Free Space | 60.04% Space Free | Partition Type: NTFS
Drive H: | 35.79 Gb Total Space | 18.72 Gb Free Space | 52.29% Space Free | Partition Type: NTFS
Drive I: | 41.57 Gb Total Space | 25.16 Gb Free Space | 60.51% Space Free | Partition Type: NTFS
Drive J: | 10.65 Gb Total Space | 3.62 Gb Free Space | 34.02% Space Free | Partition Type: FAT32
Drive K: | 8.65 Gb Total Space | 3.12 Gb Free Space | 36.04% Space Free | Partition Type: FAT32
Drive L: | 11.74 Gb Total Space | 2.54 Gb Free Space | 21.60% Space Free | Partition Type: FAT32
Drive M: | 9.47 Gb Total Space | 4.89 Gb Free Space | 51.65% Space Free | Partition Type: FAT32
Drive N: | 21.32 Gb Total Space | 7.25 Gb Free Space | 34.00% Space Free | Partition Type: FAT32
Drive P: | 2.49 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive Q: | 465.76 Gb Total Space | 269.27 Gb Free Space | 57.81% Space Free | Partition Type: NTFS
Drive W: | 149.05 Gb Total Space | 64.36 Gb Free Space | 43.18% Space Free | Partition Type: NTFS

Computer Name: RUSSELL
Current User Name: Russell Alexander
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Documents and Settings\Russell Alexander\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Process Blocker\Process Blocker.exe (Softros Systems, Inc.)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Gigabyte\EasySaver\essvr.exe ()
PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\fpdisp5a.exe (FinePrint Software, LLC)
PRC - C:\Program Files\FolderSize\FolderSizeSvc.exe (Brio)
PRC - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe (Linksys)
PRC - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe (GEMTEKS)
PRC - F:\UPHClean\uphclean.exe (Microsoft Corporation)
PRC - C:\WINDOWS\SYSTEM32\Crypserv.exe (Kenonic Controls Ltd.)
PRC - H:\Roland\VSC32\vscvol.exe (Roland)
PRC - H:\Roland\VSC32\Vsc32Cnf.exe (Roland)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Russell Alexander\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\SYSTEM32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (WUSB54Gv42SVC) -- File not found
SRV - (PnkBstrA) -- File not found
SRV - (LQAN) -- File not found
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Process Blocker) -- C:\Program Files\Process Blocker\Process Blocker.exe (Softros Systems, Inc.)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (afcdpsrv) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (TomTomHOMEService) -- e:\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (C-DillaCdaC11BA) -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE (C-Dilla Ltd)
SRV - (ES lite Service) -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE ()
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (LVSrvLauncher) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (Capture Device Service) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (ServiceLayer) -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe (Nokia.)
SRV - (FolderSize) -- C:\Program Files\FolderSize\FolderSizeSvc.exe (Brio)
SRV - (Macromedia Licensing Service) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (UPHClean) -- F:\UPHClean\uphclean.exe (Microsoft Corporation)
SRV - (PortReporter) -- C:\Program Files\PortReporter\PortReporter.exe ()
SRV - (GEARSecurity) -- C:\WINDOWS\SYSTEM32\gearsec.exe (GEAR Software)
SRV - (BR) -- C:\WINDOWS\br.dll ()
SRV - (Crypkey License) -- C:\WINDOWS\System32\Crypserv.exe (Kenonic Controls Ltd.)


========== Driver Services (SafeList) ==========

DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows ® 2000 DDK provider)
DRV - (aswTdi) -- C:\WINDOWS\SYSTEM32\DRIVERS\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\SYSTEM32\DRIVERS\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\SYSTEM32\DRIVERS\aswRdr.sys (ALWIL Software)
DRV - (aswMon2) -- C:\WINDOWS\SYSTEM32\DRIVERS\aswmon2.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\SYSTEM32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\SYSTEM32\DRIVERS\aavmker4.sys (ALWIL Software)
DRV - (Partizan) -- C:\WINDOWS\Partizan.log ()
DRV - (RegGuard) -- C:\WINDOWS\SYSTEM32\DRIVERS\regguard.sys (Greatis Software)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\SYSTEM32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (MBAMProtector) -- C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys (Malwarebytes Corporation)
DRV - (cmdGuard) -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdguard.sys (COMODO)
DRV - (L6DP) -- C:\WINDOWS\SYSTEM32\DRIVERS\l6dp.sys (Line 6)
DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (afcdp) -- C:\WINDOWS\SYSTEM32\DRIVERS\afcdp.sys (Acronis)
DRV - (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258) -- C:\WINDOWS\system32\DRIVERS\tdrpm258.sys (Acronis)
DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (NPF) -- C:\WINDOWS\SYSTEM32\DRIVERS\npf.sys (CACE Technologies, Inc.)
DRV - (atksgt) -- C:\WINDOWS\SYSTEM32\DRIVERS\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\SYSTEM32\DRIVERS\lirsgt.sys ()
DRV - (L6TPortB) -- C:\WINDOWS\SYSTEM32\DRIVERS\L6TPortB.sys (Line 6)
DRV - (ati2mtag) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (mcdbus) -- C:\WINDOWS\SYSTEM32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nv) -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\SYSTEM32\DRIVERS\RtKHDMI.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\SYSTEM32\DRIVERS\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (LMIRfsDriver) -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (MPE) -- C:\WINDOWS\SYSTEM32\DRIVERS\MPE.sys (Microsoft Corporation)
DRV - (nm) -- C:\WINDOWS\SYSTEM32\DRIVERS\nmnt.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys (Microsoft Corporation)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\SYSTEM32\DRIVERS\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (yukonwxp) -- C:\WINDOWS\SYSTEM32\DRIVERS\yk51x86.sys (Marvell)
DRV - (LVcKap) -- C:\WINDOWS\SYSTEM32\DRIVERS\Lvckap.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\SYSTEM32\DRIVERS\LVPr2Mon.sys ()
DRV - (LVMVDrv) -- C:\WINDOWS\SYSTEM32\DRIVERS\LVMVdrv.sys (Logitech Inc.)
DRV - (DNE) -- C:\WINDOWS\SYSTEM32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.)
DRV - (MCSTRM) -- C:\WINDOWS\SYSTEM32\DRIVERS\mcstrm.sys (RealNetworks, Inc.)
DRV - (U6000ALL) HDTV110 TV Box(ALL) -- C:\WINDOWS\SYSTEM32\DRIVERS\dmdcap.sys ()
DRV - (AmdPPM) -- C:\WINDOWS\SYSTEM32\DRIVERS\AmdPPM.sys (Advanced Micro Devices)
DRV - (SCDEmu) -- C:\WINDOWS\SYSTEM32\DRIVERS\scdemu.sys (PowerISO Computing, Inc.)
DRV - (emuumidi) -- C:\WINDOWS\SYSTEM32\DRIVERS\emuumidi.sys (E-MU Systems)
DRV - (mirrorv3) -- C:\WINDOWS\SYSTEM32\DRIVERS\rminiv3.sys (Famatech International Corp.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (AnyDVD) -- C:\WINDOWS\SYSTEM32\DRIVERS\AnyDVD.sys (SlySoft, Inc.)
DRV - (Aspi32) -- C:\WINDOWS\SYSTEM32\DRIVERS\ASPI32.SYS (Adaptec)
DRV - (dvd_2K) -- C:\WINDOWS\SYSTEM32\DRIVERS\dvd_2k.sys (Sonic Solutions)
DRV - (mmc_2K) -- C:\WINDOWS\SYSTEM32\DRIVERS\mmc_2k.sys (Sonic Solutions)
DRV - (WUSB54GPV4SRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\rt2500usb.sys (Ralink Technology Inc.)
DRV - (MDC8021X) WPA Security Protocol (IEEE 802.1x) -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (CX23880) -- C:\WINDOWS\SYSTEM32\DRIVERS\cx88vid.sys (Conexant Systems, Inc.)
DRV - (CX88XBAR) -- C:\WINDOWS\SYSTEM32\DRIVERS\cx88xbar.sys (Conexant Systems, Inc.)
DRV - (ElbyCDIO) -- C:\WINDOWS\SYSTEM32\DRIVERS\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (CdaC15BA) -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC15BA.SYS ()
DRV - (VGAUTI) -- C:\WINDOWS\SYSTEM32\DRIVERS\vgauti.sys ()
DRV - (cmudau) -- C:\WINDOWS\SYSTEM32\DRIVERS\cmudau.sys (C-Media Inc)
DRV - (DgiVecp) -- C:\WINDOWS\SYSTEM32\DRIVERS\DGIVECP.SYS (DeviceGuys, Inc.)
DRV - (SI3112r) -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys (Silicon Image, Inc.)
DRV - (PalmUSBD) -- C:\WINDOWS\SYSTEM32\DRIVERS\PalmUSBD.sys (Palm, Inc.)
DRV - (NSNDIS5) -- C:\WINDOWS\SYSTEM32\nsndis5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (RD1006) -- C:\WINDOWS\SYSTEM32\DRIVERS\rdwm1006.sys (Roland Corporation)
DRV - (incdrm) -- C:\WINDOWS\SYSTEM32\DRIVERS\incdrm.sys (Ahead Software AG)
DRV - (AR5211) -- C:\WINDOWS\SYSTEM32\DRIVERS\ar5211.sys ()
DRV - (SiFilter) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc.)
DRV - (nvnforce) Service for NVIDIA® nForce™ -- C:\WINDOWS\SYSTEM32\DRIVERS\nvapu.sys (NVIDIA Corporation)
DRV - (nvax) Service for NVIDIA® nForce™ -- C:\WINDOWS\SYSTEM32\DRIVERS\nvax.sys (NVIDIA Corporation)
DRV - (Ser2pl) -- C:\WINDOWS\SYSTEM32\DRIVERS\ser2pl.sys (Prolific Technology Inc.)
DRV - (NVENET) -- C:\WINDOWS\SYSTEM32\DRIVERS\NVENET.sys (NVIDIA Corporation)
DRV - (nv_agp) -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys (NVIDIA Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys (America Online, Inc.)
DRV - (QCPro) Logitech QuickCam Pro USB(PID_D001) -- C:\WINDOWS\SYSTEM32\DRIVERS\p35u.sys (Logitech Inc.)
DRV - (ms_mpu401) -- C:\WINDOWS\SYSTEM32\DRIVERS\msmpu401.sys (Microsoft Corporation)
DRV - (s3legacy) -- C:\WINDOWS\SYSTEM32\DRIVERS\s3legacy.sys (Microsoft Corporation)
DRV - (HCF_MSFT) -- C:\WINDOWS\SYSTEM32\DRIVERS\HCF_MSFT.sys (Conexant)
DRV - (EL90XBC) -- C:\WINDOWS\SYSTEM32\DRIVERS\el90xbc5.sys (3Com Corporation)
DRV - (vsc32) -- C:\WINDOWS\SYSTEM32\DRIVERS\vsc.sys (Roland)
DRV - (RVIEGVST) -- C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys (Roland)
DRV - (RVIEG01) -- C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys (Roland)
DRV - (sysid) -- C:\WINDOWS\SYSTEM32\DRIVERS\sysid.sys ()
DRV - (NetworkX) -- C:\WINDOWS\system32\ckldrv.sys ()
DRV - (aslm75) -- C:\WINDOWS\SYSTEM32\DRIVERS\ASLM75.SYS ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = MSN Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.msn.co...a...1&noredir=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SYSTEM32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 0.0.0.0:80

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "engine://F%3A%5Cnetscape%5Csearchplugins%5CSBWeb_01.src"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.586
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.3
FF - prefs.js..extensions.enabledItems: {50997114-a686-4585-8fb9-ce1093a1cf75}:2.7.0.14
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20100408Wb1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/12/18 15:14:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/05 21:23:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/06/08 00:40:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/25 14:28:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/01 17:50:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.1\Extensions\\Components: f:\netscape\Components [2010/01/18 14:10:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.1\Extensions\\Plugins: f:\netscape\Plugins [2010/06/21 21:40:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Components: f:\netscape\Components [2010/01/18 14:10:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Plugins: f:\netscape\Plugins [2010/06/21 21:40:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.3\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/07/22 22:44:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.3\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2010/06/01 17:50:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/07/22 22:44:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2010/06/01 17:50:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.1.0.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/07/22 22:44:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.1.0.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2010/06/01 17:50:31 | 000,000,000 | ---D | M]

[2009/06/11 18:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Extensions
[2008/05/21 22:32:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/06/11 18:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Extensions\[email protected]
[2010/07/01 00:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions
[2010/05/25 00:08:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/23 11:41:49 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/06/09 22:53:36 | 000,000,000 | ---D | M] (audiocandy.com Radio Toolbar) -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\{50997114-a686-4585-8fb9-ce1093a1cf75}
[2009/06/13 14:28:31 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2007/01/04 15:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\[email protected]
[2010/03/24 18:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\[email protected]
[2010/06/09 22:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\[email protected]
[2009/05/06 08:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\extensions\[email protected]
[2008/09/21 18:56:18 | 000,000,900 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\Mozilla\Firefox\Profiles\8658kj9u.default\searchplugins\conduit.xml
[2010/07/01 00:57:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/23 22:31:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/05/29 09:18:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/01 13:58:18 | 000,023,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/04/01 13:58:19 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2008/04/10 16:00:54 | 000,044,360 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcdec.dll
[2008/04/10 16:00:54 | 000,107,928 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcext.dll
[2007/03/22 14:57:10 | 000,057,504 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/01/04 16:57:08 | 001,335,600 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2008/01/07 18:14:26 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2007/05/03 17:36:48 | 000,493,608 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPil86.dll
[2008/06/27 16:03:12 | 001,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2005/12/05 22:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2003/11/18 13:37:32 | 000,241,664 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll
[2010/04/01 13:58:20 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009/12/21 18:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/09/09 21:42:55 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/09/09 21:42:55 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/09/09 21:42:55 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/09/09 21:42:55 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/09/09 21:42:55 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/09/09 21:42:55 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/09/09 21:42:55 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/01/12 19:07:00 | 002,633,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npRACtrl.dll
[2005/08/09 13:42:54 | 000,057,344 | ---- | M] (America Online, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
[2007/07/18 15:54:00 | 000,245,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\unicows.dll
[2010/04/01 11:56:18 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/04/01 11:56:18 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/04/01 11:56:18 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/04/01 11:56:18 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010/04/01 11:56:18 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/04/01 11:56:18 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/04/01 11:56:18 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/05/30 19:03:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [vsc32cnf.exe] h:\Roland\VSC32\Vsc32Cnf.exe (Roland)
O4 - HKLM..\Run: [vscvol.exe] h:\Roland\VSC32\vscvol.exe (Roland)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\SYSTEM32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnforceShellExtensionSecurity = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartBanner = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Open with BitPump - C:\Program Files\AnalogX\BitPump\ieint.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_20.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe (America Online, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\Msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\Msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SYSTEM32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O12 - Plugin for: .pl - M:\Internet Explorer\PLUGINS\NPSibelius.dll (Sibelius Software Ltd)
O15 - HKCU\..Trusted Domains: accountonline.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {00000160-0000-0010-8000-00AA00389B71} http://codecs.micros...pha/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.micros...386/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} Reg Error: Value error. (SupportSoft SmartIssue)
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} Reg Error: Value error. (SupportSoft Script Runner Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} Reg Error: Value error. (QuickTime Object)
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {0B72CCA4-5F11-11D0-9CB5-0000C0EC9FDB} Reg Error: Value error. (Street Technologies ActiveX Control Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} http://inst.c-wss.co...ml/gtdownlr.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {3A6514CD-A457-11D4-8AF3-000102686B79} http://www.bugnosis....oads/webbug.cab (Bugnosis)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akama...meInstaller.exe (Reg Error: Key error.)
O16 - DPF: {4248083C-9656-11D2-8B7F-00105A17847A} http://mplayer.com/j...nup/mplayer.exe (Reg Error: Key error.)
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} Reg Error: Value error. (PWMediaSendControl Class)
O16 - DPF: {6D5FCFCB-FA6C-4CFB-9918-5F0A9F7365F2} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} Reg Error: Value error. (InstallShield International Setup Player)
O16 - DPF: {76A2A0AB-38B7-46DB-8E47-F10CDE4D7920} http://aerial.leepa....plugins/NCS.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8C6C6922-6258-44AC-9912-53964AC55276} http://217.160.140.6...d/xloader10.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...7998.7923842593 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CEBC955E-58AF-11D2-A30A-00A0C903492B} http://windowsupdate...en/actsetup.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} Reg Error: Value error. (ActiveDataObj Class)
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} Reg Error: Value error. (Live Collaboration)
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} Reg Error: Value error. (IERPCtl Class)
O16 - DPF: ChatSpace Java Client 2.1.0.84 http://63.102.227.45/Java/cs4ms084.cab (Reg Error: Key error.)
O16 - DPF: Dialpad Java Applet http://www.dialpad.c...et/src/vscp.cab (Reg Error: Key error.)
O16 - DPF: Dialpad US Java Applet http://www.dialpad.c...et/src/vscp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Serome Web2Phone http://www.dialpad.com/applet/vscp.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Backgammon http://download.game...nts/y/at0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! PagerLite http://jpager.yahoo.com/m6/msgr.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SYSTEM32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\SYSTEM32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SYSTEM32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\SYSTEM32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\SYSTEM32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\CASTLE.BMP
O24 - Desktop BackupWallPaper: C:\WINDOWS\CASTLE.BMP
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {F552DDE6-2090-4bf4-B924-6141E87789A5} - q:\regrun suite\RRShell.dll (Greatis Software, LLC)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2002/05/07 17:24:24 | 000,000,928 | -HS- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2004/11/19 00:25:40 | 000,000,728 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/04/15 14:23:36 | 000,000,898 | -HS- | M] () - C:\AUTOEXEC.DOS -- [ NTFS ]
O32 - AutoRun File - [2000/06/21 17:17:56 | 000,001,014 | -HS- | M] () - C:\AUTOEXEC.OLD -- [ NTFS ]
O32 - AutoRun File - [2009/05/25 16:18:41 | 000,000,000 | ---D | M] - E:\auto hypnosis -- [ NTFS ]
O32 - AutoRun File - [2009/05/25 21:27:50 | 000,000,000 | ---D | M] - H:\Auto-Tune -- [ NTFS ]
O32 - AutoRun File - [2005/11/06 19:36:30 | 000,000,000 | ---D | M] - M:\autorun - list startup autoruns -- [ FAT32 ]
O32 - AutoRun File - [2007/09/26 23:02:52 | 000,000,063 | R--- | M] () - P:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/02 12:19:17 | 000,008,960 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\uphcleanhlp.sys
[2010/07/02 12:10:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/29 15:05:26 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/06/27 11:24:06 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Russell Alexander\Desktop\OTL.exe
[2010/06/21 21:48:46 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/06/18 17:33:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Russell Alexander\Desktop\Windows Mobile 6
[2010/06/15 18:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Process Blocker
[2010/06/14 22:40:13 | 000,000,000 | ---D | C] -- G:\My Documents\Simply Super Software
[2010/06/11 19:21:50 | 000,000,000 | ---D | C] -- G:\My Documents\Palm stuff exported
[2010/06/11 18:39:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ASTULogTemp
[2010/06/11 06:41:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/06/10 17:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010/06/09 00:50:10 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/06/04 18:40:42 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010/06/04 18:40:42 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010/06/04 18:40:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010/06/04 18:40:37 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010/06/04 18:40:34 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010/06/04 18:40:28 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010/06/04 18:40:25 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010/06/04 18:40:18 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010/06/04 18:40:14 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010/06/04 18:40:08 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010/06/04 18:40:04 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010/06/04 18:39:58 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010/06/04 18:39:58 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010/06/04 18:39:54 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010/06/04 18:39:48 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010/06/04 18:39:48 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010/06/04 18:39:46 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010/06/04 18:39:44 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010/06/04 18:39:42 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010/06/04 18:39:42 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010/06/04 18:39:39 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010/06/04 18:39:37 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010/06/04 18:39:37 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010/06/04 18:39:35 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010/06/04 18:39:33 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010/06/04 18:39:31 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010/06/04 18:39:31 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010/06/04 18:39:28 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010/06/04 18:39:25 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010/06/04 18:39:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010/06/04 18:39:24 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010/06/04 18:39:21 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010/06/04 18:39:21 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010/06/04 18:39:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010/06/04 18:39:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010/06/04 18:39:15 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010/06/04 18:39:15 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010/06/04 18:39:13 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010/06/04 18:39:09 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010/06/04 18:39:06 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010/06/04 18:39:04 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010/06/04 18:39:02 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010/06/04 18:39:02 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010/06/04 18:39:00 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010/06/04 18:38:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010/06/04 18:38:53 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010/06/04 18:38:53 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010/06/04 18:38:51 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010/06/04 18:38:48 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2010/06/04 18:38:46 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2010/06/04 18:38:46 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2010/06/04 18:38:42 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2010/06/04 18:38:40 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2010/06/04 18:38:40 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2010/06/04 18:38:38 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2010/06/04 18:38:38 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2010/06/04 18:38:36 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2010/06/04 18:38:31 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2010/06/04 18:38:28 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2010/06/04 18:38:28 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2010/06/04 18:38:26 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2010/06/04 18:38:24 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2010/06/04 18:38:23 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2010/06/04 18:38:21 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010/06/04 18:38:21 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2010/06/04 18:38:21 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2010/06/04 18:38:19 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2010/06/04 18:38:19 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2010/06/04 18:38:18 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2010/06/04 18:38:17 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2010/06/04 18:38:16 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2010/06/04 18:38:07 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2010/06/04 18:38:06 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2010/06/04 18:38:06 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2010/06/04 18:38:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2010/06/04 18:28:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[1 C:\WINDOWS\System\*.tmp files -> C:\WINDOWS\System\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/02 12:40:00 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-362288127-839522115-1003UA.job
[2010/07/02 12:38:08 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8DFA899A-AA07-44DE-8D3D-8F75C1C957F1}.job
[2010/07/02 12:33:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/02 12:22:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/02 12:22:42 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/02 12:19:17 | 000,008,960 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\uphcleanhlp.sys
[2010/07/02 12:18:55 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010/07/02 12:18:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/02 12:18:32 | 000,178,544 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/07/02 12:15:23 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Russell Alexander\ntuser.ini
[2010/07/02 02:40:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-362288127-839522115-1003Core.job
[2010/07/01 18:26:32 | 000,013,206 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/01 18:11:58 | 000,000,110 | ---- | M] () -- C:\WINDOWS\treeprt.ini
[2010/07/01 14:24:07 | 000,003,590 | ---- | M] () -- G:\My Documents\RBF2010.nra
[2010/06/30 18:00:04 | 025,165,824 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\ntuser.dat
[2010/06/30 11:52:27 | 000,000,135 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/06/30 11:21:15 | 000,070,144 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/29 17:15:50 | 000,003,499 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/29 17:15:50 | 000,000,245 | RHS- | M] () -- C:\boot.ini
[2010/06/29 15:07:29 | 000,003,408 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/06/28 16:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/06/28 16:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/06/28 16:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/06/28 16:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/06/28 16:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/06/28 16:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/06/28 16:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/06/28 16:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/06/28 16:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/06/27 12:42:52 | 000,000,030 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2010/06/27 12:06:39 | 000,002,732 | ---- | M] () -- G:\My Documents\roxio8.reg
[2010/06/27 12:06:32 | 000,003,252 | ---- | M] () -- G:\My Documents\roxio7.reg
[2010/06/27 12:06:05 | 000,000,840 | ---- | M] () -- G:\My Documents\roxio6.reg
[2010/06/27 12:05:56 | 000,000,822 | ---- | M] () -- G:\My Documents\roxio5.reg
[2010/06/27 12:05:44 | 000,000,856 | ---- | M] () -- G:\My Documents\roxio4.reg
[2010/06/27 12:05:22 | 000,000,840 | ---- | M] () -- G:\My Documents\roxio3.reg
[2010/06/27 12:05:10 | 000,000,822 | ---- | M] () -- G:\My Documents\roxio2.reg
[2010/06/27 12:04:56 | 000,000,856 | ---- | M] () -- G:\My Documents\roxio1.reg
[2010/06/27 12:00:45 | 000,001,180 | ---- | M] () -- G:\My Documents\eraseme.reg
[2010/06/27 11:24:06 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Russell Alexander\Desktop\OTL.exe
[2010/06/23 12:07:27 | 000,221,464 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\GDIPFONTCACHEV1.DAT
[2010/06/23 11:11:48 | 001,963,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/22 23:00:35 | 000,653,584 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/22 23:00:35 | 000,553,646 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/22 23:00:35 | 000,107,928 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/22 09:40:12 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\PUTTY.RND
[2010/06/19 15:19:08 | 000,000,071 | ---- | M] () -- C:\WINDOWS\BBW_INFO.INI
[2010/06/19 13:05:06 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/17 22:47:32 | 000,042,904 | ---- | M] () -- C:\WINDOWS\CDPLAYER.INI
[2010/06/14 16:06:23 | 000,024,416 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2010/06/11 20:30:24 | 000,028,952 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\Comma Separated Values (Windows).ADR
[2010/06/11 20:15:12 | 000,004,015 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\Comma Separated Values (DOS).NOT
[2010/06/11 18:39:26 | 000,016,544 | ---- | M] () -- C:\WINDOWS\System32\ASTULog.cab
[2010/06/11 18:39:26 | 000,001,046 | ---- | M] () -- C:\WINDOWS\System32\setup.inf
[2010/06/11 18:39:26 | 000,000,283 | ---- | M] () -- C:\WINDOWS\System32\setup.rpt
[2010/06/11 06:11:00 | 002,660,852 | -H-- | M] () -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\IconCache.db
[2010/06/10 23:47:23 | 000,002,789 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/06/10 23:47:23 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[2010/06/10 17:03:11 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\$_hpcst$.hpc
[2010/06/09 17:17:12 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/06/09 17:17:12 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/06/09 17:17:12 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/06/09 03:34:25 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/09 03:30:17 | 000,000,063 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/06/05 15:31:15 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\Russell Alexander\Application Data\Microsoft\Internet Explorer\Quick Launch\WinMerge.lnk
[1 C:\WINDOWS\System\*.tmp files -> C:\WINDOWS\System\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/01 14:24:07 | 000,003,590 | ---- | C] () -- G:\My Documents\RBF2010.nra
[2010/06/30 18:00:12 | 000,396,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/27 12:06:39 | 000,002,732 | ---- | C] () -- G:\My Documents\roxio8.reg
[2010/06/27 12:06:32 | 000,003,252 | ---- | C] () -- G:\My Documents\roxio7.reg
[2010/06/27 12:06:05 | 000,000,840 | ---- | C] () -- G:\My Documents\roxio6.reg
[2010/06/27 12:05:56 | 000,000,822 | ---- | C] () -- G:\My Documents\roxio5.reg
[2010/06/27 12:05:44 | 000,000,856 | ---- | C] () -- G:\My Documents\roxio4.reg
[2010/06/27 12:05:22 | 000,000,840 | ---- | C] () -- G:\My Documents\roxio3.reg
[2010/06/27 12:05:10 | 000,000,822 | ---- | C] () -- G:\My Documents\roxio2.reg
[2010/06/27 12:04:56 | 000,000,856 | ---- | C] () -- G:\My Documents\roxio1.reg
[2010/06/27 12:00:45 | 000,001,180 | ---- | C] () -- G:\My Documents\eraseme.reg
[2010/06/22 09:40:12 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\PUTTY.RND
[2010/06/14 21:28:37 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ShLog.txt
[2010/06/11 20:30:24 | 000,028,952 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Application Data\Comma Separated Values (Windows).ADR
[2010/06/11 20:15:09 | 000,004,015 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Application Data\Comma Separated Values (DOS).NOT
[2010/06/11 18:39:26 | 000,016,544 | ---- | C] () -- C:\WINDOWS\System32\ASTULog.cab
[2010/06/11 18:39:25 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\setup.inf
[2010/06/11 18:39:25 | 000,000,283 | ---- | C] () -- C:\WINDOWS\System32\setup.rpt
[2010/06/10 17:03:11 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Application Data\$_hpcst$.hpc
[2010/06/08 18:50:19 | 000,007,580 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\ShLog.txt
[2010/06/08 18:28:08 | 000,280,749 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Local Settings\Application Data\ShLog.txt
[2010/06/08 18:23:03 | 000,057,556 | ---- | C] () -- C:\WINDOWS\guard.bmp
[2010/06/08 17:50:33 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2010/06/05 15:31:15 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\Russell Alexander\Application Data\Microsoft\Internet Explorer\Quick Launch\WinMerge.lnk
[2010/06/04 18:31:00 | 000,000,446 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8DFA899A-AA07-44DE-8D3D-8F75C1C957F1}.job
[2010/05/28 17:05:43 | 000,015,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/03/11 13:01:39 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/01/29 10:23:44 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009/11/15 22:29:04 | 000,000,383 | ---- | C] () -- C:\WINDOWS\GearBox.ini
[2009/10/20 14:19:30 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/08/24 21:25:18 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/08/24 21:25:09 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/08/20 12:29:13 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/08/20 12:29:13 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/08/20 12:28:00 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2009/06/30 10:48:40 | 000,000,459 | ---- | C] () -- C:\WINDOWS\avpr.ini
[2009/04/14 00:58:14 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2009/01/15 09:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/01/15 09:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/01/15 09:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/01/15 09:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/12/16 04:50:46 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\cmdrvrmu.dll
[2008/12/14 20:58:09 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\GTTunerCard.dll
[2008/12/14 20:58:09 | 000,237,646 | ---- | C] () -- C:\WINDOWS\System32\Snap_device.dll
[2008/12/14 20:58:08 | 000,069,707 | ---- | C] () -- C:\WINDOWS\System32\DISP_OPT1.dll
[2008/12/13 21:53:49 | 000,230,784 | R--- | C] () -- C:\WINDOWS\System32\drivers\dmdcap.sys
[2008/12/13 21:53:45 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2008/11/19 01:13:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2008/11/04 00:29:20 | 000,002,294 | ---- | C] () -- C:\WINDOWS\U3DEDIT2.INI
[2008/09/12 20:40:30 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/06/28 16:47:22 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2008/06/28 16:47:01 | 000,000,650 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2008/05/26 17:00:02 | 000,001,762 | ---- | C] () -- C:\WINDOWS\System32\emuumidi.ini
[2008/05/26 17:00:02 | 000,000,038 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008/03/28 16:22:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2008/03/14 13:20:10 | 000,001,668 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2008/02/22 00:26:44 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/01/04 16:57:22 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/01/04 16:57:22 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/01/04 16:56:24 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/07/04 23:01:31 | 000,002,777 | ---- | C] () -- C:\WINDOWS\TVC8XDrv.ini
[2007/06/19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007/04/20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/03/22 14:57:50 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2007/03/06 13:39:44 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsProbe.sys
[2007/02/09 18:59:33 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/02/09 18:59:32 | 000,471,552 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007/02/08 00:07:50 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2007/02/04 15:17:09 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv11300p3now.sys
[2007/01/30 12:24:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/23 14:11:42 | 000,000,107 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2007/01/15 19:33:18 | 000,002,307 | R--- | C] () -- C:\WINDOWS\Cmudau.ini
[2007/01/09 19:39:45 | 000,000,041 | ---- | C] () -- C:\WINDOWS\System32\ccafeaaaee_d.dll
[2006/11/03 19:49:11 | 000,000,958 | ---- | C] () -- C:\WINDOWS\APDFPRP.INI
[2006/11/03 19:16:11 | 000,000,095 | ---- | C] () -- C:\WINDOWS\crackpdf.INI
[2006/09/18 14:37:50 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx12_ic.ini
[2006/09/18 14:37:48 | 000,667,280 | ---- | C] () -- C:\WINDOWS\System32\tx12.dll
[2006/06/26 00:57:04 | 000,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2006/06/17 20:04:40 | 000,000,174 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2006/05/07 18:19:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ciaUni40.dll
[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2006/02/18 17:33:08 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AudACM.ini
[2006/02/08 23:29:20 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\DVDEncoder.dll
[2006/02/07 12:59:00 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Kingdia DVD Ripper.INI
[2006/02/07 11:28:47 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Arc DVD Copy.INI
[2006/02/06 21:40:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/02/05 19:12:47 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Speed Video Converter.INI
[2005/12/18 11:40:27 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.DLL
[2005/11/07 00:17:24 | 000,000,059 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2005/11/07 00:17:21 | 000,024,608 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2005/11/07 00:17:21 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2005/11/01 11:09:23 | 000,777,728 | ---- | C] () -- C:\WINDOWS\System32\SSLSVC.DLL
[2005/11/01 11:09:23 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2005/11/01 11:09:23 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2005/11/01 11:09:22 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\lang_cfml.dll
[2005/11/01 11:09:22 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\xml_datagrove.dll
[2005/10/24 02:16:11 | 000,205,312 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2005/09/29 15:18:34 | 000,000,072 | ---- | C] () -- C:\WINDOWS\NPRiff.INI
[2005/09/04 22:56:54 | 000,468,480 | ---- | C] () -- C:\WINDOWS\System32\NMDll.dll
[2005/09/04 22:56:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\HDBHO.dll
[2005/09/04 22:56:54 | 000,020,480 | ---- | C] () -- C:\WINDOWS\yhl.dll
[2005/09/04 22:56:54 | 000,007,168 | ---- | C] () -- C:\WINDOWS\lq.dll
[2005/07/15 14:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/07/09 23:36:57 | 000,000,101 | ---- | C] () -- C:\WINDOWS\FCJCP.INI
[2005/06/24 10:18:40 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\muangsys.dll
[2005/06/24 10:18:40 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\muadisp.dll
[2005/05/12 03:23:54 | 000,000,026 | ---- | C] () -- C:\WINDOWS\FPKPMSV.INI
[2005/04/20 02:02:46 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\micr0st.dll
[2005/04/15 10:41:12 | 000,005,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\sysid.sys
[2005/04/15 02:16:02 | 000,000,931 | ---- | C] () -- C:\WINDOWS\PVAStrumento.ini
[2005/02/26 18:47:05 | 000,351,776 | R--- | C] () -- C:\WINDOWS\System32\drivers\ar5211.sys
[2005/02/26 18:47:05 | 000,351,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\ar52119x.sys
[2005/02/22 04:24:05 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/02/21 02:02:21 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/02/16 07:33:05 | 000,523,264 | ---- | C] () -- C:\WINDOWS\System32\pano12.dll
[2005/02/05 08:38:20 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\CIASecurity.dll
[2005/02/03 01:30:22 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2005/01/28 11:59:39 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\mswin32.drv
[2005/01/23 17:06:31 | 000,000,048 | ---- | C] () -- C:\WINDOWS\QFNONL.INI
[2004/12/31 13:15:06 | 000,000,351 | ---- | C] () -- C:\WINDOWS\WHOffice.INI
[2004/12/18 11:13:52 | 000,000,135 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/11/30 04:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/11/22 00:55:02 | 000,000,139 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2004/11/21 12:28:35 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\NMH040A.DLL
[2004/11/21 02:42:52 | 000,011,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2004/11/20 16:19:05 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\wfxhelp21.dll
[2004/11/20 12:10:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2004/11/20 11:28:56 | 000,038,401 | ---- | C] () -- C:\WINDOWS\System32\RdCi1006.dll
[2004/11/20 11:09:29 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS4w.DLL
[2004/11/20 09:45:36 | 000,018,253 | ---- | C] () -- C:\WINDOWS\System32\ssnvfx.ini
[2004/11/20 09:40:40 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2004/11/20 09:36:01 | 000,003,611 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2004/11/20 09:35:59 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2004/11/20 03:10:14 | 000,172,128 | ---- | C] () -- C:\WINDOWS\HOST.INI
[2004/11/20 03:10:14 | 000,006,596 | ---- | C] () -- C:\WINDOWS\Astro.INI
[2004/11/20 03:10:14 | 000,005,737 | ---- | C] () -- C:\WINDOWS\pixcache.ini
[2004/11/20 03:10:14 | 000,002,472 | ---- | C] () -- C:\WINDOWS\INTUPROF.INI
[2004/11/20 03:10:14 | 000,002,297 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2004/11/20 03:10:14 | 000,001,604 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/11/20 03:10:14 | 000,001,401 | ---- | C] () -- C:\WINDOWS\webpos2.ini
[2004/11/20 03:10:14 | 000,001,205 | ---- | C] () -- C:\WINDOWS\HPFdjc16.ini
[2004/11/20 03:10:14 | 000,000,751 | ---- | C] () -- C:\WINDOWS\Bti.ini
[2004/11/20 03:10:14 | 000,000,641 | ---- | C] () -- C:\WINDOWS\letsdraw.ini
[2004/11/20 03:10:14 | 000,000,546 | ---- | C] () -- C:\WINDOWS\epspmgr4.ini
[2004/11/20 03:10:14 | 000,000,530 | ---- | C] () -- C:\WINDOWS\Audition.ini
[2004/11/20 03:10:14 | 000,000,442 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2004/11/20 03:10:14 | 000,000,316 | ---- | C] () -- C:\WINDOWS\BELT.INI
[2004/11/20 03:10:14 | 000,000,217 | ---- | C] () -- C:\WINDOWS\vidwiz.ini
[2004/11/20 03:10:14 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/11/20 03:10:14 | 000,000,124 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2004/11/20 03:10:14 | 000,000,108 | ---- | C] () -- C:\WINDOWS\epconfig.ini
[2004/11/20 03:10:14 | 000,000,083 | ---- | C] () -- C:\WINDOWS\IMPORTCLIENT.INI
[2004/11/20 03:10:14 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2004/11/20 03:10:13 | 000,042,904 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2004/11/20 03:10:13 | 000,025,607 | ---- | C] () -- C:\WINDOWS\CSTBOX.INI
[2004/11/20 03:10:13 | 000,022,109 | ---- | C] () -- C:\WINDOWS\cool.ini
[2004/11/20 03:10:13 | 000,012,327 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2004/11/20 03:10:13 | 000,011,568 | ---- | C] () -- C:\WINDOWS\CDEX.INI
[2004/11/20 03:10:13 | 000,010,677 | ---- | C] () -- C:\WINDOWS\coolkb2k.ini
[2004/11/20 03:10:13 | 000,008,893 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2004/11/20 03:10:13 | 000,006,553 | ---- | C] () -- C:\WINDOWS\COUNTRY.INI
[2004/11/20 03:10:13 | 000,005,617 | R--- | C] () -- C:\WINDOWS\msosetup.ini
[2004/11/20 03:10:13 | 000,005,253 | ---- | C] () -- C:\WINDOWS\GWPRESET.INI
[2004/11/20 03:10:13 | 000,005,068 | ---- | C] () -- C:\WINDOWS\DELETEFI.INI
[2004/11/20 03:10:13 | 000,004,260 | ---- | C] () -- C:\WINDOWS\firstaid.ini
[2004/11/20 03:10:13 | 000,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2004/11/20 03:10:13 | 000,003,555 | ---- | C] () -- C:\WINDOWS\GWS.INI
[2004/11/20 03:10:13 | 000,003,148 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2004/11/20 03:10:13 | 000,002,707 | ---- | C] () -- C:\WINDOWS\WPUNIMIX.INI
[2004/11/20 03:10:13 | 000,002,481 | ---- | C] () -- C:\WINDOWS\WINCODE.INI
[2004/11/20 03:10:13 | 000,002,443 | ---- | C] () -- C:\WINDOWS\HPFCSS16.INI
[2004/11/20 03:10:13 | 000,002,292 | ---- | C] () -- C:\WINDOWS\7THLEVEL.INI
[2004/11/20 03:10:13 | 000,002,034 | ---- | C] () -- C:\WINDOWS\DATAFAX.INI
[2004/11/20 03:10:13 | 000,002,001 | ---- | C] () -- C:\WINDOWS\U3DEDIT.INI
[2004/11/20 03:10:13 | 000,001,944 | ---- | C] () -- C:\WINDOWS\FORGE32.INI
[2004/11/20 03:10:13 | 000,001,856 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/20 03:10:13 | 000,001,778 | ---- | C] () -- C:\WINDOWS\gvox.ini
[2004/11/20 03:10:13 | 000,001,770 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2004/11/20 03:10:13 | 000,001,370 | ---- | C] () -- C:\WINDOWS\tefview.ini
[2004/11/20 03:10:13 | 000,001,357 | ---- | C] () -- C:\WINDOWS\PLTWIN02.INI
[2004/11/20 03:10:13 | 000,001,165 | ---- | C] () -- C:\WINDOWS\GL_MMP.INI
[2004/11/20 03:10:13 | 000,001,047 | ---- | C] () -- C:\WINDOWS\pae.ini
[2004/11/20 03:10:13 | 000,001,043 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2004/11/20 03:10:13 | 000,000,940 | ---- | C] () -- C:\WINDOWS\MEDIAPAQ.INI
[2004/11/20 03:10:13 | 000,000,865 | ---- | C] () -- C:\WINDOWS\DOSREP.INI
[2004/11/20 03:10:13 | 000,000,856 | ---- | C] () -- C:\WINDOWS\PRESS BLASTER.INI
[2004/11/20 03:10:13 | 000,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2004/11/20 03:10:13 | 000,000,767 | ---- | C] () -- C:\WINDOWS\efscan.ini
[2004/11/20 03:10:13 | 000,000,764 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2004/11/20 03:10:13 | 000,000,763 | ---- | C] () -- C:\WINDOWS\rtcwgoty.INI
[2004/11/20 03:10:13 | 000,000,739 | ---- | C] () -- C:\WINDOWS\Mpcwin02.ini
[2004/11/20 03:10:13 | 000,000,666 | ---- | C] () -- C:\WINDOWS\clikbook.ini
[2004/11/20 03:10:13 | 000,000,634 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2004/11/20 03:10:13 | 000,000,581 | ---- | C] () -- C:\WINDOWS\goldwave.ini
[2004/11/20 03:10:13 | 000,000,549 | ---- | C] () -- C:\WINDOWS\rsagent.ini
[2004/11/20 03:10:13 | 000,000,448 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/11/20 03:10:13 | 000,000,445 | ---- | C] () -- C:\WINDOWS\CTDEL.INI
[2004/11/20 03:10:13 | 000,000,436 | ---- | C] () -- C:\WINDOWS\LAPLAYER.INI
[2004/11/20 03:10:13 | 000,000,404 | ---- | C] () -- C:\WINDOWS\TSCKL.INI
[2004/11/20 03:10:13 | 000,000,394 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2004/11/20 03:10:13 | 000,000,382 | ---- | C] () -- C:\WINDOWS\MSREGUSR.INI
[2004/11/20 03:10:13 | 000,000,364 | ---- | C] () -- C:\WINDOWS\NETSCAPE.INI
[2004/11/20 03:10:13 | 000,000,337 | ---- | C] () -- C:\WINDOWS\MIDIPLYR.INI
[2004/11/20 03:10:13 | 000,000,336 | ---- | C] () -- C:\WINDOWS\dffont.ini
[2004/11/20 03:10:13 | 000,000,320 | ---- | C] () -- C:\WINDOWS\Fwupload.ini
[2004/11/20 03:10:13 | 000,000,305 | ---- | C] () -- C:\WINDOWS\Rdin0006.ini
[2004/11/20 03:10:13 | 000,000,300 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/11/20 03:10:13 | 000,000,300 | ---- | C] () -- C:\WINDOWS\JETSUITE.INI
[2004/11/20 03:10:13 | 000,000,296 | ---- | C] () -- C:\WINDOWS\moffice.ini
[2004/11/20 03:10:13 | 000,000,263 | ---- | C] () -- C:\WINDOWS\WAVEPLYR.INI
[2004/11/20 03:10:13 | 000,000,259 | ---- | C] () -- C:\WINDOWS\cbtsys.ini
[2004/11/20 03:10:13 | 000,000,247 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2004/11/20 03:10:13 | 000,000,247 | ---- | C] () -- C:\WINDOWS\MPPAGER.INI
[2004/11/20 03:10:13 | 000,000,243 | ---- | C] () -- C:\WINDOWS\HOMESITE.ini
[2004/11/20 03:10:13 | 000,000,240 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2004/11/20 03:10:13 | 000,000,237 | ---- | C] () -- C:\WINDOWS\swacnfg.ini
[2004/11/20 03:10:13 | 000,000,231 | ---- | C] () -- C:\WINDOWS\Ac3api.ini
[2004/11/20 03:10:13 | 000,000,217 | ---- | C] () -- C:\WINDOWS\oh4win.INI
[2004/11/20 03:10:13 | 000,000,214 | ---- | C] () -- C:\WINDOWS\CJBMF.INI
[2004/11/20 03:10:13 | 000,000,205 | ---- | C] () -- C:\WINDOWS\pcmagcd.ini
[2004/11/20 03:10:13 | 000,000,204 | ---- | C] () -- C:\WINDOWS\rtpatch.ini
[2004/11/20 03:10:13 | 000,000,194 | ---- | C] () -- C:\WINDOWS\appr.ini
[2004/11/20 03:10:13 | 000,000,190 | ---- | C] () -- C:\WINDOWS\ctsyn.ini
[2004/11/20 03:10:13 | 000,000,187 | ---- | C] () -- C:\WINDOWS\PROFILER.INI
[2004/11/20 03:10:13 | 000,000,186 | ---- | C] () -- C:\WINDOWS\HEXpert.ini
[2004/11/20 03:10:13 | 000,000,178 | ---- | C] () -- C:\WINDOWS\TESTOUT.INI
[2004/11/20 03:10:13 | 000,000,171 | ---- | C] () -- C:\WINDOWS\INTUIT.INI
[2004/11/20 03:10:13 | 000,000,157 | ---- | C] () -- C:\WINDOWS\VSTUDIO.INI
[2004/11/20 03:10:13 | 000,000,156 | ---- | C] () -- C:\WINDOWS\JustAudio.ini
[2004/11/20 03:10:13 | 000,000,153 | ---- | C] () -- C:\WINDOWS\ThumbsCD.ini
[2004/11/20 03:10:13 | 000,000,143 | ---- | C] () -- C:\WINDOWS\SYSMIXER.INI
[2004/11/20 03:10:13 | 000,000,131 | ---- | C] () -- C:\WINDOWS\NETSPEED.INI
[2004/11/20 03:10:13 | 000,000,127 | ---- | C] () -- C:\WINDOWS\MRCLOCK.INI
[2004/11/20 03:10:13 | 000,000,127 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2004/11/20 03:10:13 | 000,000,123 | ---- | C] () -- C:\WINDOWS\SURFSTATS.INI
[2004/11/20 03:10:13 | 000,000,121 | ---- | C] () -- C:\WINDOWS\WILD.INI
[2004/11/20 03:10:13 | 000,000,120 | ---- | C] () -- C:\WINDOWS\WINFILE.INI
[2004/11/20 03:10:13 | 000,000,116 | ---- | C] () -- C:\WINDOWS\MEDIARCK.INI
[2004/11/20 03:10:13 | 000,000,116 | ---- | C] () -- C:\WINDOWS\IELnkbak.ini
[2004/11/20 03:10:13 | 000,000,114 | ---- | C] () -- C:\WINDOWS\CDPLYR.INI
[2004/11/20 03:10:13 | 000,000,110 | ---- | C] () -- C:\WINDOWS\treeprt.ini
[2004/11/20 03:10:13 | 000,000,105 | ---- | C] () -- C:\WINDOWS\mapiuid.ini
[2004/11/20 03:10:13 | 000,000,102 | ---- | C] () -- C:\WINDOWS\UABMAIN.INI
[2004/11/20 03:10:13 | 000,000,095 | ---- | C] () -- C:\WINDOWS\WAVEMAN.INI
[2004/11/20 03:10:13 | 000,000,091 | ---- | C] () -- C:\WINDOWS\ap_bat.ini
[2004/11/20 03:10:13 | 000,000,083 | ---- | C] () -- C:\WINDOWS\photos30.ini
[2004/11/20 03:10:13 | 000,000,081 | ---- | C] () -- C:\WINDOWS\JAUDIO.INI
[2004/11/20 03:10:13 | 000,000,076 | ---- | C] () -- C:\WINDOWS\MC.INI
[2004/11/20 03:10:13 | 000,000,071 | ---- | C] () -- C:\WINDOWS\BBW_INFO.INI
[2004/11/20 03:10:13 | 000,000,070 | ---- | C] () -- C:\WINDOWS\efaxview.ini
[2004/11/20 03:10:13 | 000,000,070 | ---- | C] () -- C:\WINDOWS\asym.ini
[2004/11/20 03:10:13 | 000,000,068 | ---- | C] () -- C:\WINDOWS\MYNAPSTER.INI
[2004/11/20 03:10:13 | 000,000,068 | ---- | C] () -- C:\WINDOWS\FPXPRESS.INI
[2004/11/20 03:10:13 | 000,000,066 | ---- | C] () -- C:\WINDOWS\ds2000.ini
[2004/11/20 03:10:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\SETSCAN.INI
[2004/11/20 03:10:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\Patch.ini
[2004/11/20 03:10:13 | 000,000,063 | ---- | C] () -- C:\WINDOWS\CTDELLAU.INI
[2004/11/20 03:10:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\URLPROXY.INI
[2004/11/20 03:10:13 | 000,000,060 | ---- | C] () -- C:\WINDOWS\ZDDBVIEW.INI
[2004/11/20 03:10:13 | 000,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2004/11/20 03:10:13 | 000,000,058 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2004/11/20 03:10:13 | 000,000,058 | ---- | C] () -- C:\WINDOWS\JUSTAUDIO_BASE.INI
[2004/11/20 03:10:13 | 000,000,057 | ---- | C] () -- C:\WINDOWS\m2khd.ini
[2004/11/20 03:10:13 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2004/11/20 03:10:13 | 000,000,054 | ---- | C] () -- C:\WINDOWS\TCWIN.INI
[2004/11/20 03:10:13 | 000,000,054 | ---- | C] () -- C:\WINDOWS\setihome.ini
[2004/11/20 03:10:13 | 000,000,053 | ---- | C] () -- C:\WINDOWS\BYCLEAN.INI
[2004/11/20 03:10:13 | 000,000,051 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2004/11/20 03:10:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EXCHNG32.INI
[2004/11/20 03:10:13 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FILERECOVER.INI
[2004/11/20 03:10:13 | 000,000,039 | ---- | C] () -- C:\WINDOWS\VIDEOWAVE.INI
[2004/11/20 03:10:13 | 000,000,038 | ---- | C] () -- C:\WINDOWS\magix.ini
[2004/11/20 03:10:13 | 000,000,038 | ---- | C] () -- C:\WINDOWS\dswplug.ini
[2004/11/20 03:10:13 | 000,000,037 | ---- | C] () -- C:\WINDOWS\PROSYS.INI
[2004/11/20 03:10:13 | 000,000,037 | ---- | C] () -- C:\WINDOWS\JRMXDLL.INI
[2004/11/20 03:10:13 | 000,000,037 | ---- | C] () -- C:\WINDOWS\FZDUMP.INI
[2004/11/20 03:10:13 | 000,000,037 | ---- | C] () -- C:\WINDOWS\coolmp3.ini
[2004/11/20 03:10:13 | 000,000,036 | ---- | C] () -- C:\WINDOWS\CYBERD.INI
[2004/11/20 03:10:13 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2004/11/20 03:10:13 | 000,000,032 | ---- | C] () -- C:\WINDOWS\aebpr.ini
[2004/11/20 03:10:13 | 000,000,030 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/11/20 03:10:13 | 000,000,028 | ---- | C] () -- C:\WINDOWS\LAVAPLAY.INI
[2004/11/20 03:10:13 | 000,000,027 | ---- | C] () -- C:\WINDOWS\ACROGRAF.INI
[2004/11/20 03:10:13 | 000,000,026 | ---- | C] () -- C:\WINDOWS\NDW.INI
[2004/11/20 03:10:13 | 000,000,026 | ---- | C] () -- C:\WINDOWS\cleantray.ini
[2004/11/20 03:10:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\TB60.INI
[2004/11/20 03:10:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\SOL.INI
[2004/11/20 03:10:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\ms_shell.ini
[2004/11/20 03:10:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\@loha.ini
[2004/11/20 03:10:13 | 000,000,022 | ---- | C] () -- C:\WINDOWS\SHAREMEM.INI
[2004/11/20 03:10:13 | 000,000,020 | ---- | C] () -- C:\WINDOWS\MP3com103best.ini
[2004/11/20 03:10:13 | 000,000,015 | ---- | C] () -- C:\WINDOWS\MTB40.INI
[2004/11/20 03:10:13 | 000,000,011 | ---- | C] () -- C:\WINDOWS\Msdevctl.ini
[2004/11/04 16:08:33 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\ISP2000.dll
[2004/09/24 10:00:36 | 000,039,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\vgauti.sys
[2004/09/24 09:58:38 | 000,039,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2004/09/24 01:38:41 | 000,189,952 | ---- | C] () -- C:\WINDOWS\QCARD32.DLL
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/11 19:36:40 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2004/07/20 20:15:15 | 000,022,464 | ---- | C] () -- C:\WINDOWS\System32\USB2SER.SYS
[2004/07/12 17:07:21 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/05/05 23:32:52 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2004/05/05 23:32:52 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2004/03/08 19:15:44 | 000,000,002 | ---- | C] () -- C:\WINDOWS\r105t1.dll
[2004/02/18 18:32:39 | 000,905,290 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004/02/10 19:15:36 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2004/01/27 07:13:02 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib_dec.dll
[2003/10/02 01:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/07/10 19:54:47 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2003/05/25 14:57:06 | 000,000,016 | ---- | C] () -- C:\WINDOWS\MOUSEDRW.DLL
[2003/05/22 09:06:21 | 000,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2003/05/14 07:37:10 | 000,009,472 | ---- | C] () -- C:\WINDOWS\unsqz.dll
[2003/05/14 07:37:07 | 000,205,312 | R--- | C] () -- C:\WINDOWS\patchw32.A534.dll
[2003/05/14 07:37:07 | 000,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2003/05/14 07:37:07 | 000,000,117 | ---- | C] () -- C:\WINDOWS\smp32.dll
[2003/05/14 07:37:05 | 000,081,920 | ---- | C] () -- C:\WINDOWS\asr32311.dll
[2003/05/14 07:37:05 | 000,001,846 | ---- | C] () -- C:\WINDOWS\br.dll
[2003/05/14 07:37:04 | 000,000,380 | ---- | C] () -- C:\WINDOWS\WINRDP10.SYS
[2003/05/14 07:36:52 | 000,001,077 | ---- | C] () -- C:\WINDOWS\Mgxclean.sys
[2003/05/14 07:36:51 | 000,025,600 | ---- | C] () -- C:\WINDOWS\MEMBOOT.DLL
[2003/05/14 07:36:50 | 000,187,392 | ---- | C] () -- C:\WINDOWS\LTANN62N.DLL
[2003/05/14 07:36:50 | 000,175,616 | ---- | C] () -- C:\WINDOWS\LFFAX62N.DLL
[2003/05/14 07:36:50 | 000,158,720 | ---- | C] () -- C:\WINDOWS\LFCMP62N.DLL
[2003/05/14 07:36:50 | 000,110,080 | ---- | C] () -- C:\WINDOWS\LFPNG62N.DLL
[2003/05/14 07:36:50 | 000,076,288 | ---- | C] () -- C:\WINDOWS\LTIMG62N.DLL
[2003/05/14 07:36:50 | 000,047,616 | ---- | C] () -- C:\WINDOWS\LFTIF62N.DLL
[2003/05/14 07:36:50 | 000,043,008 | ---- | C] () -- C:\WINDOWS\LTFIL62N.DLL
[2003/05/14 07:36:50 | 000,029,184 | ---- | C] () -- C:\WINDOWS\LTWND62N.DLL
[2003/05/14 07:36:50 | 000,027,136 | ---- | C] () -- C:\WINDOWS\LFLMA62N.DLL
[2003/05/14 07:36:50 | 000,024,576 | ---- | C] () -- C:\WINDOWS\LFICA62N.DLL
[2003/05/14 07:36:50 | 000,024,064 | ---- | C] () -- C:\WINDOWS\LTTWN62N.DLL
[2003/05/14 07:36:50 | 000,023,552 | ---- | C] () -- C:\WINDOWS\LFPCX62N.DLL
[2003/05/14 07:36:50 | 000,023,552 | ---- | C] () -- C:\WINDOWS\LFLMB62N.DLL
[2003/05/14 07:36:50 | 000,022,528 | ---- | C] () -- C:\WINDOWS\LFEPS62N.DLL
[2003/05/14 07:36:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFPCT62N.DLL
[2003/05/14 07:36:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFGIF62N.DLL
[2003/05/14 07:36:50 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFBMP62N.DLL
[2003/05/14 07:36:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LFPSD62N.DLL
[2003/05/14 07:36:50 | 000,019,968 | ---- | C] () -- C:\WINDOWS\LFWMF62N.DLL
[2003/05/14 07:36:50 | 000,019,968 | ---- | C] () -- C:\WINDOWS\LFTGA62N.DLL
[2003/05/14 07:36:50 | 000,019,456 | ---- | C] () -- C:\WINDOWS\LFWPG62N.DLL
[2003/05/14 07:36:50 | 000,018,944 | ---- | C] () -- C:\WINDOWS\LFIMG62N.DLL
[2003/05/14 07:36:50 | 000,018,432 | ---- | C] () -- C:\WINDOWS\LFRAS62N.DLL
[2003/05/14 07:36:50 | 000,018,432 | ---- | C] () -- C:\WINDOWS\LFMSP62N.DLL
[2003/05/14 07:36:50 | 000,017,920 | ---- | C] () -- C:\WINDOWS\LFMAC62N.DLL
[2003/05/14 07:36:50 | 000,017,920 | ---- | C] () -- C:\WINDOWS\LFCAL62N.DLL
[2003/05/14 07:36:50 | 000,017,408 | ---- | C] () -- C:\WINDOWS\LFWFX62N.DLL
[2003/05/14 07:36:49 | 000,058,368 | ---- | C] () -- C:\WINDOWS\ICQMAPI.DLL
[2003/05/14 07:36:49 | 000,035,328 | ---- | C] () -- C:\WINDOWS\INETWH32.DLL
[2003/05/14 07:36:49 | 000,009,136 | ---- | C] () -- C:\WINDOWS\INETWH16.DLL
[2003/05/14 07:36:44 | 000,202,752 | ---- | C] () -- C:\WINDOWS\CDAC14BA.DLL
[2003/05/14 07:36:43 | 000,038,400 | ---- | C] () -- C:\WINDOWS\ARSENAL.DLL
[2003/03/25 05:49:02 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003/03/25 05:49:02 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2003/03/07 02:05:46 | 000,115,712 | ---- | C] () -- C:\WINDOWS\System32\Crush32.dll
[2002/12/19 21:15:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\SAWZip.dll
[2002/08/28 11:42:10 | 000,016,973 | ---- | C] () -- C:\WINDOWS\System32\ZWebAuth.dll
[2002/08/14 13:39:05 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\Oxfwapi.dll
[2002/07/28 01:03:15 | 000,308,928 | ---- | C] () -- C:\WINDOWS\System32\ivflt08.dll
[2002/07/28 01:03:10 | 000,211,456 | ---- | C] () -- C:\WINDOWS\System32\ivbas08.dll
[2002/06/18 22:35:00 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2002/05/20 18:34:58 | 000,041,047 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2002/05/20 16:29:56 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\PTISTP.DLL
[2002/05/18 14:08:12 | 000,107,008 | ---- | C] () -- C:\WINDOWS\System32\FXTLS432.DLL
[2002/05/11 11:26:39 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\LTFIL61N.DLL
[2002/05/11 11:26:39 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\LFGIF61N.DLL
[2002/05/11 11:26:39 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\LFTGA61N.DLL
[2002/05/11 11:26:38 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\LFFAX61N.DLL
[2002/05/11 11:26:38 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\LFCMP61N.DLL
[2002/05/11 11:26:38 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\LFPNG61N.DLL
[2002/05/11 11:26:38 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\LFTIF61N.DLL
[2002/05/11 11:26:38 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\LFPCX61N.DLL
[2002/05/11 11:26:38 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\LFPCD61N.DLL
[2002/05/07 16:26:28 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\xfxdll.dll
[2002/05/07 16:24:57 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\WAVhsp32.dll
[2002/05/07 16:24:57 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\Wavlbsys.dll
[2002/05/07 16:24:39 | 000,115,712 | ---- | C] () -- C:\WINDOWS\System32\vboxp403.dll.bak
[2002/05/07 16:24:05 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2002/05/07 16:24:03 | 000,377,856 | ---- | C] () -- C:\WINDOWS\System32\tx32.dll
[2002/05/07 16:23:58 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\tsd2.dll
[2002/05/07 16:23:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\treeprt.dll
[2002/05/07 16:22:58 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\SETUPLIB.DLL
[2002/05/07 16:22:20 | 000,061,952 | ---- | C] () -- C:\WINDOWS\System32\rmmerge2.DLL
[2002/05/07 16:22:20 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\rmevents.DLL
[2002/05/07 16:22:18 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\regxplor.dll
[2002/05/07 16:21:57 | 000,471,040 | ---- | C] () -- C:\WINDOWS\System32\QTExporter.dll
[2002/05/07 16:21:52 | 000,280,576 | ---- | C] () -- C:\WINDOWS\System32\pxd_kom.dll
[2002/05/07 16:21:16 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\PIXTHK32.DLL
[2002/05/07 16:20:59 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[2002/05/07 16:20:50 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\Nmocod.dll
[2002/05/07 16:13:14 | 001,513,984 | ---- | C] () -- C:\WINDOWS\System32\MgxRdr80.dll
[2002/05/07 16:12:48 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\LPNG.DLL
[2002/05/07 16:12:48 | 000,204,288 | ---- | C] () -- C:\WINDOWS\System32\LSXConfig.dll
[2002/05/07 16:11:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2002/05/07 16:11:35 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2002/05/07 16:11:14 | 000,056,832 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2002/05/07 16:10:13 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\ifl_gif.dll
[2002/05/07 16:09:18 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\ide32.dll
[2002/05/07 16:09:15 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\Hyperman.dll
[2002/05/07 16:09:12 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\Gt4vqt.DLL
[2002/05/07 16:09:03 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\fxstudio.dll
[2002/05/07 16:09:01 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\freeisys.dll
[2002/05/07 16:08:52 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\eabtstrp.dll
[2002/05/07 16:08:43 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\drumpad.dll
[2002/05/07 16:07:31 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\D2Icons.Dll
[2002/05/07 15:59:59 | 000,292,352 | ---- | C] () -- C:\WINDOWS\System32\cfproject.dll
[2002/05/07 15:59:59 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\cfmsg.dll
[2002/05/07 15:59:44 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\CFFPTree.dll
[2002/05/07 15:57:52 | 000,075,976 | ---- | C] () -- C:\WINDOWS\System32\BASSDEC.dll
[2002/05/07 15:51:44 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\animation.dll
[2002/05/07 15:47:40 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2002/04/16 04:41:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\memtest.dll
[2002/04/11 20:53:44 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2002/04/11 10:47:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\msmscoin.dll
[2002/03/25 10:03:26 | 001,865,572 | ---- | C] () -- C:\WINDOWS\System32\ewctl32.dll
[2002/01/06 05:08:16 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2001/09/17 12:20:02 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1998/09/05 05:43:14 | 000,115,712 | ---- | C] () -- C:\WINDOWS\System32\vboxp403.dll
[1995/10/16 19:55:44 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[1980/01/01 00:00:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\MEMBG.DLL
[1980/01/01 00:00:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ICMFILTER.DLL
[1980/01/01 00:00:00 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
< End of report >


Extras -

OTL Extras logfile created on: 7/2/2010 12:31:45 PM - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Russell Alexander\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.04 Gb Total Space | 10.22 Gb Free Space | 21.27% Space Free | Partition Type: NTFS
Drive D: | 12.65 Gb Total Space | 2.90 Gb Free Space | 22.92% Space Free | Partition Type: FAT32
Drive E: | 35.94 Gb Total Space | 24.47 Gb Free Space | 68.08% Space Free | Partition Type: NTFS
Drive F: | 35.74 Gb Total Space | 19.64 Gb Free Space | 54.97% Space Free | Partition Type: NTFS
Drive G: | 35.80 Gb Total Space | 21.50 Gb Free Space | 60.04% Space Free | Partition Type: NTFS
Drive H: | 35.79 Gb Total Space | 18.72 Gb Free Space | 52.29% Space Free | Partition Type: NTFS
Drive I: | 41.57 Gb Total Space | 25.16 Gb Free Space | 60.51% Space Free | Partition Type: NTFS
Drive J: | 10.65 Gb Total Space | 3.62 Gb Free Space | 34.02% Space Free | Partition Type: FAT32
Drive K: | 8.65 Gb Total Space | 3.12 Gb Free Space | 36.04% Space Free | Partition Type: FAT32
Drive L: | 11.74 Gb Total Space | 2.54 Gb Free Space | 21.60% Space Free | Partition Type: FAT32
Drive M: | 9.47 Gb Total Space | 4.89 Gb Free Space | 51.65% Space Free | Partition Type: FAT32
Drive N: | 21.32 Gb Total Space | 7.25 Gb Free Space | 34.00% Space Free | Partition Type: FAT32
Drive P: | 2.49 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive Q: | 465.76 Gb Total Space | 269.27 Gb Free Space | 57.81% Space Free | Partition Type: NTFS
Drive W: | 149.05 Gb Total Space | 64.36 Gb Free Space | 43.18% Space Free | Partition Type: NTFS

Computer Name: RUSSELL
Current User Name: Russell Alexander
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "%1"
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome File not found
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 File not found
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome File not found
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- "F:\Macromedia Studio 8\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "J:\ACD USE WITH HP PHOTOSMART\ACDSEE\ACDSEE.EXE" "%1" (ACD Systems, Ltd.)
Directory [ChangeCase] -- M:\CHANGE~1\chgcase.exe "%1" (Zeal SoftStudio)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Print_Directory_Listing] -- c:\windows\Dirlist.bat %1 ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 File not found
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed -- File not found
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL -- File not found
"F:\America Online 9.0\waol.exe" = F:\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\1110494747\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1110494747\EE\AOLServiceHost.exe:*:Enabled:AOL -- File not found
"F:\bittorrent\bittorrent.exe" = F:\bittorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Program Files\Messenger\Msmsgs.exe" = C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"F:\TurboTax\Home & Business 2006\32bit\ttax.exe" = F:\TurboTax\Home & Business 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"F:\TurboTax\Home & Business 2006\32bit\updatemgr.exe" = F:\TurboTax\Home & Business 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"F:\TurboTax Deluxe 2006\TurboTax Deluxe 2006\32bit\ttax.exe" = F:\TurboTax Deluxe 2006\TurboTax Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"F:\TurboTax Deluxe 2006\TurboTax Deluxe 2006\32bit\updatemgr.exe" = F:\TurboTax Deluxe 2006\TurboTax Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\AnalogX\BitPump\bitpump.exe" = C:\Program Files\AnalogX\BitPump\bitpump.exe:*:Enabled:BitPump -- ()
"F:\TurboTax Business 2007\TurboTax Business 2007\32bit\ttax.exe" = F:\TurboTax Business 2007\TurboTax Business 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"F:\TurboTax Business 2007\TurboTax Business 2007\32bit\updatemgr.exe" = F:\TurboTax Business 2007\TurboTax Business 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"E:\TurboTax Premier 2007\TurboTax Premier 2007\32bit\ttax.exe" = E:\TurboTax Premier 2007\TurboTax Premier 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"E:\TurboTax Premier 2007\TurboTax Premier 2007\32bit\updatemgr.exe" = E:\TurboTax Premier 2007\TurboTax Premier 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"F:\QuickBooks 2007\QBDBMgrN.exe" = F:\QuickBooks 2007\QBDBMgrN.exe:*:Enabled:QuickBooks 2007 Data Manager -- (iAnywhere Solutions, Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"H:\iTunes\iTunes.exe" = H:\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice -- (Microsoft Corporation)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"D:\Painkiller Overdose\Bin\Overdose.exe" = D:\Painkiller Overdose\Bin\Overdose.exe:*:Enabled:Painkiller Overdose -- (Mindware Studios)
"D:\Painkiller Overdose\Bin\OverdoseEditor.exe" = D:\Painkiller Overdose\Bin\OverdoseEditor.exe:*:Enabled:Painkiller Overdose Editor -- (Mindware Studios)
"D:\Painkiller Overdose\Bin\OverdoseServer.exe" = D:\Painkiller Overdose\Bin\OverdoseServer.exe:*:Enabled:Painkiller Overdose Console Server -- (Mindware Studios)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\WINDOWS\SYSTEM32\spoolsv.exe" = C:\WINDOWS\SYSTEM32\spoolsv.exe:*:Enabled:HP Networked Printer Installer -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{01363D36-93FB-45C9-B7F3-7C2AF5F6BC27}" = Learning QuickBooks 2007
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{0345F1FF-4A99-4D97-A0ED-579F03FDBB72}_is1" = Port Analyzer 1.0
"{038A4EB1-47BE-4B91-BF66-0E9B078944E5}" = uCertify M70-270: Windows XP Professional
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B8.1208.1
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A37AA80-885E-11D3-9AC4-00105A0D24F9}" = Sonicbox iM Tuner
"{0B72508E-A32C-40DD-9A26-C5E92A039595}" = AT&T Plug&Share 54Mbps Wireless PCI Adapter
"{0BA14EDE-4C45-482B-BBA2-B3159EFAD60B}" = DirectiXer 2.3
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E3CCCDC-3BB2-B5D5-A547-5F157E1BADB8}" = Catalyst Control Center Core Implementation
"{0E59731F-1CE5-46A4-A20D-854E6C815029}" = Calendar Upgrade
"{0E753927-F773-40D2-8504-F302A464ED9C}" = Boson Standardized Tests v5.02
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{131C976E-E991-40FA-163F-B29022346F01}" = CCC Help English
"{15E00491-0DE1-4A2A-B833-1B0F81EAF53C}" = CoffeeCup Free Flash Text Wizard
"{167E4A06-F407-11D3-95F5-0080AD910D79}" = Saitek Gaming Extensions
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{18E70170-C334-44BB-ACCA-3DCCC65CE4C7}" = VOCALOID SKIN (Zero-G LOLA)
"{1CB63C5C-DA69-4793-BD35-43BDE2A86D43}" = MGI VideoWave 4
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1FD0C5C1-B01B-4B4C-9607-E5D3B3D1318F}" = Microsoft IntelliPoint 4.1
"{223C0721-A6B0-4853-88C0-331029841734}" = HP Color LaserJet CP1510 Series 2.0
"{243FA669-BEA1-4FD7-906F-DAF000D6B33A}" = Casper XP
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java™ 6 Update 16
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2875A5F5-E613-4F99-9B47-8882C9DD24A5}" = OfotoNow
"{28C80CD6-14DF-42E7-B460-CBF194A6439C}" = Sonic Foundry CD Architect 5.0
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2D314071-26CD-47EA-A01E-82FADDE951C5}" = LiquidInstrument Standalone 1.1
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{2FC1B3A7-9BD2-48B2-B05E-43243C72FFB7}" = Process Blocker
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{32199E94-CA76-4BA8-B0B6-76A856A5DA98}" = QBWebConnector
"{32785539-3BB4-470C-962B-997FCD0232DA}" = Multi Direct Print Type S IPP port
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36495C59-089C-49D1-BD15-9E5BD86DC9A1}" = ItsDeductible Express
"{36F0FA39-2875-4EFD-977C-C405A5E4A403}" = LiquidInstrumentDXi2 1.1
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{3B8186F0-EAA2-012B-AE69-000000000000}" = TurboTax 2009 wnyiper
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3CEA3FEC-1AF5-4818-89D5-406F627E7337}" = World Community Grid Agent
"{414C803A-6115-4DB6-BD4E-FD81EA6BC71C}" = Product_SF_Min_QFolder
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{4424b048-5725-11dc-8314-0800200c9a66}" = FontLab ScanFont 5
"{448AB2CB-C94A-47DE-80B8-9D7824DEFA57}" = Ulead DVD MovieFactory 4.0 SE
"{49A44B9B-DF54-4BFD-BC15-55FFA6566053}" = Atomic Harvester III
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B719A70-F14A-4f5c-90B5-346B24B7FFF1}" = Windows 7 Upgrade Advisor
"{4C93C363-414E-11D4-9756-00C04F8EEB39}" = Macromedia Flash 5
"{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}" = Adobe Setup
"{5007E629-8769-44BB-BD51-A20B6DCC5CC9}" = Microsoft Office Accounting 2009
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{53276F5A-85AB-4BEF-BAA2-2490975DC006}" = Microsoft Office Accounting 2009 Fixed Asset Manager
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54DD126C-E5F5-404C-B4B7-66DF7FD4F2FF}" = MSSoap
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{55D08777-EFAA-41AD-942A-5A2CD4B580F3}" = MixMeister Pro 4
"{55EE08EE-77A4-475E-A163-D6A673498ECF}" = VOCALOID Voice DB (Lola)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5A53992C-48D6-D4DB-75A7-5D13388DAB9A}" = ccc-core-static
"{5B893587-00A8-4A4E-83F0-8AFA7BFC7C1A}" = PVR Plus
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes
"{5E749AEB-5A19-43BA-BB20-3CBB37539FE4}" = Paint.NET v3.10
"{5FA793A6-0071-42C1-9355-8F69A428C44F}" = Microsoft Office Accounting ADP Payroll Addin
"{5FEA7A01-D361-460D-8E7D-C1C96A5EC61B}" = sdTwoWav
"{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"{62F9F352-A7F7-4051-B2AD-6D1A3C325407}" = OmniPage Pro 11.0
"{639858DD-4966-40F3-A706-7C838BCF3A2B}" = MaxBlast 3
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis True Image Home
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{698AC01B-DF0C-4BCE-940C-EB29AD23A560}" = Stamps.com
"{6A136B9A-1895-436F-83F8-30D9C68BB6EA}" = Rhapsody Player Engine
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B6F3A57-99B2-418F-9F30-A480E93C0746}" = Sonic Foundry DVD Architect 1.0c
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B23535-8136-4863-965C-33A60FFA3CE7}" = EASEUS Data Recovery Wizard Professional 3.3.4
"{745877DC-8FFE-4E4C-ABBC-589B887A47D1}" = Virtual Sound Canvas DXi
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 ESD
"{75B61CF0-B8A8-46E2-8709-C4A79898AC1D}" = Data Lifeguard Diagnostic for Windows
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{799118AC-7489-40BA-A7C1-498D84D451C5}" = Weed
"{7AE858CD-7AD6-D9E6-627E-E452A71896E7}" = Catalyst Control Center Graphics Full Existing
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Syste⑭ Utilit⑹
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7E545666-F424-45FD-B3DF-C0B99A1A579F}" = QuickBooks Premier Edition 2007
"{7F1C5D75-E232-4C2B-A394-E5FB7FBB3D66}" = Sonic Foundry Sound Forge 6.0d
"{7FB37294-8155-11D3-A809-0050BAAFB1BB}" = Business Plan Pro 4.0
"{7FDE7746-74D2-4EAA-9F1E-BB6B0252657B}" = iLike Sidebar
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81E76DE9-BBCB-449C-91BB-6E4E5436D496}" = Adobe Audition 1.0
"{831053E0-79D4-11D4-B1C4-0050BAAABBFD}" = WOW Love
"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
"{838F0053-8744-4B63-8819-CC44C06308AC}" = Visualizer Photo Resize
"{8398B542-3CC4-44D9-83DF-696CCE70124B}" = Windows Support Tools
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B46024A-8C90-4725-AE47-6444109CF5A9}" = Don't Panic - Photo Edition
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.18
"{8BC8DA36-302D-14FA-55AE-5CAAF1CA4F25}" = Catalyst Control Center Graphics Light
"{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D3562E7-C795-4B5D-A091-6DAA3FF0DF3B}" = Macromedia HomeSite+
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8F3CF9E1-D738-4C2B-8193-F45AC8B0EC7C}" = Windows Vista Upgrade Advisor
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90CAF868-0B06-4C4A-A6E9-D0FD17C7BAE1}" = Casper 5.0
"{91108AD9-F983-4FDA-A089-ED269C75F21B}" = E-MU Xboard
"{91208A47-5D08-4C79-986F-1931940F51BB}" = QuickBooks Product Listing Service
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{939740B5-0064-4779-854A-8C1086181C05}" = Macromedia FreeHand MXa
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{98B672F2-857C-4CC9-A25D-6B218077F4F6}" = Yahoo! Autosync
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9B89EB0D-68C3-4E5D-A705-CD8D37DABF50}" = VOCALOID Expression DB (Standard)
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D1C26BD-E792-4159-9D16-07EA222D8EF0}" = Windows Messenger 5.1
"{9D623E1A-30E1-4E55-BD80-5C1359DB120B}" = Melodyne 3.1
"{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer
"{9E34B40A-CFF3-11D3-8302-00A024A89C17}" = Looper
"{9E34B40B-CFF3-11D3-8302-00A024A89C17}" = FixedLength
"{9E34B40D-CFF3-11D3-8302-00A024A89C17}" = VeloMaster Lite CW
"{9E34B40F-CFF3-11D3-8302-00A024A89C17}" = SlicyDrummer Lite
"{9E34B508-CFF3-11D3-8302-00A024A89C17}" = Rhythm'n'Chords 2 Lite CW
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{A1BC8E02-6B5B-4B4A-A75F-B27A16918C2B}" = DiscWizard for Windows
"{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}" = Melodyne 3.1
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A44C8D37-B36B-D378-2201-97137494E339}" = ccc-utility
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A7EC08D3-419E-4568-B59A-82D652450D48}" = WOW
"{A85D8CC4-4DB9-11D6-B038-0000B49CEE91}" = PCForrest StartMan 1.2.70
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AFD9E698-03C2-4E88-80A6-1496562D4304}" = Google SketchUp 7.1
"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006
"{B023185F-F1EF-4F97-B0BD-AE6D802226D1}" = NVIDIA WDM Drivers
"{B123B3B1-C2A0-47E7-AAAB-D1E2DBE259CB}" = VOCALOID Editor V1.0.0.1
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B360A8E5-C171-4AAE-9777-65B3CDB0072C}" = CanoScan LiDE20,30 Manual
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA2D4D22-0B99-4D63-BCEE-D2EA4736F27F}" = LogMeIn
"{BB37C263-9B7F-6A1C-A1B8-333C3FB80614}" = ccc-core-preinstall
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BCE46757-7674-4416-BEDB-68205A60409E}" = Canon CanoScan Toolbox 4.1
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BEE9DFE1-7CDF-4D1C-A473-3B3DF8FF1431}_is1" = Hot CPU Tester Pro 4.3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1121C1F-1962-4A23-B2C2-B9515C837179}" = OverDrive Media Console
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2995A04-6209-40C2-B31D-4D85852B6D8B}" = TVR Update
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3A6202F-8F3E-424C-83B8-189F92A1AB43}" = One Touch Video Capture
"{C3DE07CB-036F-45BC-85BD-D6FFC5D33603}" = TurboTax 2008 wnyiper
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C4FFCD8D-3A06-E243-2747-2CE771A8B7D4}" = EA Download Manager UI
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{C6C148EC-55FB-4FDF-AD4F-ECEA579D040D}" = Microsoft Office Accounting 2009 Equifax Addin
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C7EEF2B9-8C16-4A04-B98D-B1A952A47E55}" = Linksys Wireless-G USB Network Adapter
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}" = MSN Messenger 7.5
"{CEE2C9FF-FAB4-4A36-B2CD-862C26A58E7E}" = ATI Multimedia Center
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3621EAA-00D6-4791-97BF-7E8EE3437BF2}" = Visualizer Photo Resize
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D59967FF-4DCC-4695-BCD9-FA47B94047D6}" = Debugging Tools for Windows
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D8EA8CB7-6FEE-49EB-A7FD-AD8F8CB1A924}" = Pitch Fix Trial
"{D917F618-DDB8-4653-95FF-14A9A29A4E3B}" = Zinio Reader
"{D925601D-25E3-4E95-A456-FBD8C2995289}" = E-MU Xboard
"{D9AE6BE1-5847-4962-86B0-2A290B7E6C43}" = Microsoft Office Accounting 2009 Tax Integration Add-in
"{D9C70541-ADA5-40A4-B176-6AAFCBA05C8F}" = Airfix Dogfighter
"{DA22A6BB-10B5-4595-BD59-1AD4023C8536}" = Virtual Sound Canvas VST
"{DA71A94B-3617-4935-8BBE-1566B2174C95}" = VC500 Driver
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DC0C35E4-CD3D-4F12-95BB-7C74D9467BD7}" = Microsoft Office Accounting 2009 PayPal Addin
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE5CD0E9-9296-788D-F082-54454791A65E}" = Catalyst Control Center Graphics Previews Common
"{E0233B01-BE70-4D0B-8B69-64331593535C}" = eBook Pro Viewer 5.54
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E583ED6F-BD99-4066-A420-C815BF692B69}" = Macromedia Fireworks MX 2004
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" = Alcohol 120%
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{EA82FF50-E258-4DFE-839B-8F26A01A34A7}" = Microsoft Tool Web Package:WntIpcfg.exe
"{EABACFC4-1CB1-438E-A418-0A3B21CD30D3}" = Waves Restoration
"{EBB15EA8-B7CF-E90C-B977-18777AFC63F0}" = Catalyst Control Center HydraVision Full
"{EC1F2687-6922-43E9-A6A5-73D750A8C8CE}" = MediaFACE II
"{EC27630A-EAFB-AB2A-56CC-7F5189845D85}" = Catalyst Control Center Graphics Full New
"{ED386A62-2BA2-4544-A723-5DFFDC283F6A}" = Mobipocket Reader 6.0
"{EEAA3E5E-1296-45AD-A59E-5D63F604867D}" = Radmin Viewer 3.3
"{F01C1DBB-E5DE-49BE-97A6-483F128AEFAF}" = VOCALOID Expression DB (Lola)
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E906E7-1120-428D-A124-4938C306427E}" = Palm Desktop
"{F2472B05-AC59-4363-A8D9-3E722B778633}" = Liquid Player
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6E36639-10C8-4FAD-AF1F-E84D5B6653D1}" = FontLab Studio 5
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}" = Windows Resource Kit Tools
"{FAC611DA-E445-4D7A-8311-7389C627FA32}" = VOCALOID VSTi V1.0.0.1
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FBCCF9CE-61EE-425E-BE4D-959D76FA7701}" = Adobe GoLive 5.0 Tryout
"{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}" = Folder Size for Windows
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"0" = YASA MPEG/AVI to VCD/DVD/SVCD/MPEG/AVI Converter v2.4 (build 0047)
"1-0" = AltaVista FreeAccess
"123 Flash Menu" = 123 Flash Menu v3.2.0.1309
"3D Frog Frenzy" = 3D Frog Frenzy
"3D Pinball Express" = 3D Pinball Express
"3DCD" = Worlds
"3gp Player" = 3gp Player
"3ivx D4 4.5.1 Decoder" = 3ivx D4 4.5.1 Decoder (remove only)
"a4deskpro_webunion_is1" = A4DeskPro v1.38
"AAScripter_is1" = AAScripter v2.0
"AccuBurn-R" = AccuBurn-R
"ACDSee" = ACDSee
"Acoustica Beatcraft" = Acoustica Beatcraft
"Acoustica Effects Pack" = Acoustica Effects Pack
"Active Ports" = Active Ports
"Active@ UNDELETE Professional " = Active@ UNDELETE Professional
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe PageMaker 6.5" = Adobe PageMaker 6.5
"Adobe Premiere 6.0" = Adobe Premiere 6.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Adobe_a04a925a57548091300ada368235fc6" = Adobe Illustrator CS3
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"Advanced PDF Password Recovery Pro" = Advanced PDF Password Recovery Pro (remove only)
"Advanced Port Scanner v1.3" = Advanced Port Scanner v1.3
"Advanced Registry Optimizer_is1" = Advanced Registry Optimizer 5.1
"AFPL Ghostscript 8.51" = AFPL Ghostscript 8.51
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"After Effects 4.0" = Adobe After Effects 4.0
"AIM_6" = AIM 6
"All ATI Software" = ATI - Software Uninstall Utility
"All Video to VCD SVCD DVD Converter_is1" = All Video to VCD SVCD DVD Converter 3.0
"Allok AVI to DVD SVCD VCD Converter_is1" = Allok AVI to DVD SVCD VCD Converter 1.5.8
"Alone in the Dark - The New Nightmare" = Alone in the Dark - The New Nightmare
"AnalogX BitPump" = AnalogX BitPump
"Antares Harmony Engine VST RTAS_is1" = Antares Harmony Engine VST RTAS v1.0
"AnyDVD" = AnyDVD
"AOL Instant Messenger" = AOL Instant Messenger
"Arc DVD Copy_is1" = Arc DVD Copy 1.1.3
"ASIO4ALL" = ASIO4ALL
"ASUS Probe V2.24.10" = ASUS Probe V2.24.10
"ATI Display Driver" = ATI Display Driver
"Audio Converter" = River Past Audio Converter
"avast5" = avast! Free Antivirus
"AVS Video Tools 5.1_is1" = AVS Video Tools 5.1
"AVSDiscCreator_is1" = AVS Disc Creator version 2.1
"Axandra's Reciprocal Links Solution_is1" = ARELIS 4.4.2
"Backgammon" = Backgammon
"BackupXpress Pro" = BackupXpress Pro 2.72
"BATTLEFIELDV1.0" = Battles of the World
"BB_is1" = Band-in-a-Box and RealBand 2010
"BBE Sonic Maximizer Plugin" = BBE Sonic Maximizer Plugin
"bbfinder 4.1" = bbfinder 4.1
"BBVIDPAK_is1" = Video Tutorial PAK
"BCWipe" = BCWipe 2.0
"BeatModel T1 Plug-in Pack v1.01" = BeatModel T1 Plug-in Pack v1.01
"BetZip_is1" = BetZip Version 2.0.6.91
"BHO Cop" = BHO Cop
"BHODemon_is1" = BHODemon 2.0.0.23
"Binaryfish All Mobile Mines - Pocket PC Edition" = All Mobile Mines - Pocket PC Edition 4.0.1
"Binaryfish All Mobile Mines - Professional/Classic Edition" = All Mobile Mines - Professional/Classic Edition 4.0.2
"Blender" = Blender (remove only)
"BLPMC1_1_is1" = Blues Piano MasterClass Volume 1
"Board Games" = Board Games
"BookReader_is1" = BookReader 4.6
"Bookshop Classics" = Bookshop Classics
"Boson CCNA eBook" = Boson CCNA eBook
"Burstware - Windows Media Player Bridge" = Burstware - Windows Media Player Bridge
"Cacheman 4.0" = Cacheman 4.0
"CakeFX3" = Cakewalk Audio FX Pack3 v1.0
"Cakewalk VST Adapter 4.4.4.0" = Cakewalk VST Adapter 4.4.4.0
"CANONBJ_Deinstall_CNMCP4w.DLL" = Canon i450
"CatchUp V1.3" = CatchUp V1.3
"CdaC13Ba" = SafeCast Shared Components
"CDex" = CDex extraction audio
"CDex_is1" = Cdex version 1.30
"CDmax_is1" = CDmax 1.9.1
"CD-R Inspector" = CD-R Inspector
"CD-R Verifier" = CD-R Verifier
"Cdrom List Creator" = Cdrom List Creator
"Certification Genie" = Certification Genie
"CFSC Chris Free Software Cleaner" = CFSC Chris Free Software Cleaner
"Change Case v3.1" = Change Case v3.1
"CJPDRV_Deinstall 4W" = Canon i450
"CJRSTR_Deinstall" = BJ Printer Driver
"Class Ad Factory V1.0" = Class Ad Factory V1.0
"Cleaner 5 EZ" = Cleaner 5 EZ
"CleanTray" = CleanTray
"C-Media USB Sound" = C-Media USB Sound
"C-Media USB Sound Driver" = C-Media USB Sound Driver
"COMODO Internet Security" = COMODO Internet Security
"CopyScat" = CopyScat
"CoyoteWT_is1" = CoyoteWT 1.0
"Creative Launcher" = Creative Launcher
"Creative LAVA" = Creative LAVA!
"CrossFont_is1" = CrossFont version 4.3
"CutePDF Writer Installation" = CutePDF Writer 2.8
"CWAFV3" = Cakewalk Audio Finder Tool
"CyberKit" = CyberKit
"DartPro 32" = DartPro 32
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"dBpowerAMP Real Audio Codec" = dBpowerAMP Real Audio Codec
"DeClicker" = Steinberg DeClicker v1.21
"DeductionPro 2005-06" = DeductionPro 2005-06
"Dell Laser MFP 1600n" = Dell Laser MFP 1600n Software Uninstall
"Desktop Server 2000" = Desktop Server 2000
"DHTML_Menu_Builder" = DHTML Menu Builder 3.0
"Digital Editions" = Adobe Digital Editions
"DirectoryPrinter" = Directory Printer
"DiskCheckup_is1" = DiskCheckup V2.1
"Download Manager" = Download Manager 2.3.9
"DrawPlus 3.0" = DrawPlus 3.0
"DreamStation DXi2" = DreamStation DXi2
"DriverAgent.exe" = DriverAgent by eSupport.com
"DriverCleanerDotNET" = DH Driver Cleaner.NET
"DVD Ripper Platinum 4" = DVD Ripper Platinum 4
"DVD Shrink_is1" = DVD Shrink 3.2
"EA Download Manager" = EA Download Manager
"EACOM Game Installer" = EACOM Game Installer
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"Emagic Logic Audio Platinum 5.5" = Emagic Logic Audio Platinum 5.5
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EnvelopV1.0" = Envelop
"ERUNT_is1" = ERUNT 1.1g
"ESET Online Scanner" = ESET Online Scanner v3
"Ethereal" = Ethereal 0.10.13
"EtherPeek 4.1 Demo" = WildPackets EtherPeek 4.1 Demo
"eWhiz Ad Creator V.1" = eWhiz Ad Creator V.1
"ExamForce Engine Installation CM 7.7" = ExamForce Engine Installation CM 7.7
"exPressit S.E. 3.0" = exPressit S.E. 3.0
"Faber Toys_is1" = Faber Toys
"FinePrint" = FinePrint
"FixYa" = FixYa Expert Utility
"Flaming Pear Photoshop Plug-ins" = Flaming Pear Photoshop Plug-ins
"Flash Designer 5" = Flash Designer 5 (5.0.22.6)
"Flash Website Design_is1" = Flash Website Design Free 1.1563(563 Templates/Unicode UTF8)
"FMJSoft Awave Audio v8.1" = FMJSoft Awave Audio v8.1
"FTP Commander" = FTP Commander
"Full Canvas Jacket Servicepack 1.2" = Full Canvas Jacket Servicepack 1.2
"Full Canvas Jacket Superpatch" = Full Canvas Jacket Superpatch
"gBurner" = gBurner
"GEARPME605" = GEAR PRO "Mastering Edition" 6.05
"Gsar-1.12_is1" = GnuWin32: Gsar version 1.12
"GSview 4.7" = GSview 4.7
"G-VOX Guitar" = G-VOX Guitar
"Handmark Solitaire for Palm OS" = Handmark Solitaire for Palm OS
"HolyGrail" = Holy Grail
"Home Improvement 1-2-3" = Home Improvement 1-2-3
"HouseCall (for Netscape)" = HouseCall (for Netscape)
"HP DeskJet 690C Series" = HP DeskJet 690C Series (Remove only)
"HP Photo Imaging Software" = HP Photo Imaging Software
"HP Photo Printing Software" = HP Photo Printing Software
"HTML Guard" = HTML Guard
"HxD Hex Editor_is1" = HxD Hex Editor version 1.7.7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IIS 4 MMC Simulator" = IIS 4 MMC Simulator
"Image Convert_is1" = Image Convert 1.0
"ImgBurn" = ImgBurn
"InstallShield_{0E753927-F773-40D2-8504-F302A464ED9C}" = Boson Standardized Tests v5.02
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA System Utility
"InstallShield_{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"Introduction to XML" = Introduction to XML
"inzider" = inzider
"IsoBuster_is1" = IsoBuster 1.9
"Kingdia DVD Ripper_is1" = Kingdia DVD Ripper V2.5.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.5 Standard
"KnowledgeLINK" = KnowledgeLINK
"LAPlayerPlugins" = Liquid Player Plugins (remove only)
"Lavasoft VX2 Cleaner" = Lavasoft VX2 Cleaner
"Line 6 Uninstaller" = Line 6 Uninstaller
"Linkbot 4.0" = Linkbot 4.0
"List Manager" = List Manager
"LivePerson Expert Messenger" = LivePerson Expert Messenger
"LSProSE" = LiveSynth Pro SE (DXi)
"lvdrivers_11.50" = Logitech QuickCam Driver Package
"Macallan Outlook Express Extraction" = Macallan Outlook Express Extraction
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Magic ISO Maker v5.3 (build 0216)" = Magic ISO Maker v5.3 (build 0216)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"MailWasher" = MailWasher
"MailWasher Pro_is1" = MailWasher Pro
"MailWasher_is1" = MailWasher
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MasterClipsDeinstKey" = MasterClips Browser v2.03
"Mastering Edition" = Steinberg Mastering Edition v1.0
"MasterWriter 2.0" = MasterWriter 2.0
"Meta Whiz 1.0" = Meta Whiz 1.0
"MetPro001_is1" = Metronome Pro
"MFGS1_1_is1" = Master Flatpick Guitar Volume 1
"Microangelo 5.0" = Microangelo 5.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft NetShow Tools 2.0" = Windows Media Tools 4.0
"Microsoft Office Accounting 2009" = Microsoft Office Accounting 2009
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MJGSolo_1-4_is1" = Master Jazz Guitar Solos SuperPAK
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP3 Plug-in" = Sonic Foundry MP3 Plug-In
"MPower" = MPower
"MRW!UninstallKey" = InCD EasyWrite Reader
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Musicnotes Player_is1" = Musicnotes Player V1.22.3
"My Drivers 3.00" = My Drivers 3.00
"MySpaceIM" = MySpaceIM
"Myst 1.3" = Myst
"Myth II" = Myth II
"Nero PhotoShow Express" = Nero PhotoShow Express
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Netscape (7.1)" = Netscape (7.1)
"Netscape (7.2)" = Netscape (7.2)
"Netscape Browser" = Netscape Browser (remove only)
"Netscape Communicator 4.5" = Netscape Communicator 4.5
"Network Play System (Patching)" = Network Play System (Patching)
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"nLite_is1" = nLite 1.4.9.1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSPVA" = Top-10 Word Tracker
"NVIDIA Drivers" = NVIDIA Drivers
"Open Contacts_is1" = Open Contacts v4.1.10
"Orb" = Winamp Remote
"OXFW900 Upload Utility" = OXFW900 Upload Utility
"Painkiller Overdose_is1" = Painkiller Overdose build 84 (NA)
"Panorama Tools (PTGui edition)" = Panorama Tools (PTGui edition) 2.7.0.9.nh1
"PaRaMeter_is1" = PaRaMeter 1.2
"Parrot 2.0" = Prody Parrot 2.0
"PayPal to QuickBooks Link" = PayPal to QuickBooks Link
"PCFriendly" = PCFriendly
"PE Builder_is1" = PE Builder 3.1.10a
"PG Music DirectX Plugins_is1" = PG Music DirectX Plugins 2.0.0.0
"PG_DX_Plugins_is1" = PG Music DirectX Plugins 2.0.0.0
"Photo Organizer 1.8" = Photo Organizer
"Picasa2" = Picasa 2
"Power Retouche Pro" = Power Retouche Pro
"PowerISO" = PowerISO
"Print Server Driver" = Print Server Driver
"PrintMaster 10" = PrintMaster
"printQuick" = printQuick
"Product Quality Assurance" = Product Quality Assurance
"Pyro Drive Kit Software" = Pyro Drive Kit Software
"Pyst" = Pyst
"Quicken WillMaker 2004" = Quicken WillMaker 2004
"Radio@Netscape Plus" = Radio@Netscape Plus
"Rainbow Sentinel Driver" = Sentinel System Driver
"Reality 1.5" = Reality 1.5
"RealPlayer 6.0" = RealPlayer
"Recycle" = Recycle v1.71
"Red Baron II" = Red Baron II
"RegAlyzer_is1" = RegAlyzer 1.1
"Registrar Lite 2.00" = Registrar Lite 2.00
"Registry First Aid_is1" = Registry First Aid
"RegSupreme Pro_is1" = RegSupreme Pro 1.4
"Replay Media Catcher2.10" = Replay Media Catcher
"rgcAudio Triangle II DXi2 Synthesizer_is1" = rgcAudio Triangle II DXi2
"Rhymesaurus 1.3" = Rhymesaurus 1.3
"RiskDeinstKey" = Risk
"RNCompiler 6.0" = Advanced RealMedia Export Plug-in for Premiere 6.0
"ROI Forecaster V. 1" = ROI Forecaster V. 1
"Security Task Manager" = Security Task Manager 1.6f
"Selteco Flash Designer" = Selteco Flash Designer 4
"SETI@home" = SETI@home
"Shockwave" = Shockwave
"Sierra Superpatch conversion for FCJ" = Sierra Superpatch conversion for FCJ
"Sierra Utilities" = Sierra Utilities
"Slots 100" = Slots 100
"SmartForce Player" = SmartForce Player
"SnadBoy's Revelation" = SnadBoy's Revelation
"SONAR 5 Producer Edition" = SONAR 5 Producer Edition
"SONAR6Producer_is1" = SONAR 6.2 Producer Edition
"Sonic Foundry ACID Pro 3.0 Crack" = Sonic Foundry ACID Pro 3.0 Crack
"Sonic Foundry XFX vol2 v1.0b" = Sonic Foundry XFX vol2 v1.0b
"Sonic Foundry XFX vol3 v1.0b" = Sonic Foundry XFX vol3 v1.0b
"Sonic Foundry XFX1 v1.0b" = Sonic Foundry XFX1 v1.0b
"Sonic Timeworks Sonar 2 Plug-ins" = Sonic Timeworks Sonar 2 Plug-ins
"Sound Blaster Live!" = Sound Blaster Live!
"SoundDiver Line6" = SoundDiver Line6
"Space Hack_is1" = Space Hack
"Space Station_is1" = Space Station
"Speed Video Converter_is1" = Speed Video Converter 3.0.4
"SpyNet" = SpyNet
"SpywareBlaster_is1" = SpywareBlaster v2.6.1
"ST6UNST #1" = Beat Calc v2.5 By FUALI
"ST6UNST #2" = Driver Detective v2.0
"ST6UNST #3" = Backup To CD-RW (Made Simple) 3.0
"ST6UNST #4" = Stream Save 6.1
"ST6UNST #5" = Iron(FE)-Works - PictureClip v2.0
"Stamps.com" = Stamps.com
"StreetPlugin" = Learn.com Player (Uninstall Only)
"Style Enhancer Micro 1.28" = Style Enhancer Micro 1.28
"Style Enhancer Micro 2.0" = Style Enhancer Micro 2.0
"Sunrise Sunset Calculator_is1" = Sunrise Sunset Calculator 1.4
"SUPER ©" = SUPER © Version 2007.bld.22 (Mar 14, 2007)
"SWiSH v2.0" = SWiSH v2.0
"SWiSHmax" = SWiSHmax
"Sybex e-trainer" = Sybex e-trainer
"SystemRequirementsLab" = System Requirements Lab
"TAEngine 2.1" = TAEngine 2.1
"TagMaster" = TagMaster Remove
"TaxCut Deluxe 2005" = TaxCut Deluxe 2005
"TC Bundle" = TC Bundle v2.0
"tdp" = 3Deep
"TextAssist 2.1" = TextAssist 2.1
"The Sims" = The Sims
"The_Logo_Creator_v2.0" = The Logo Creator v2
"ThePlaya" = The Playa
"THOMSON mp3PRO Audio Player" = THOMSON mp3PRO Audio Player
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Top 20 Solid Gold" = Top 20 Solid Gold
"Top 30 Games 4 Kids" = Top 30 Games 4 Kids
"Top 50 Blazing Games" = Top 50 Blazing Games
"Total Video Converter 3.02_is1" = Total Video Converter 3.02
"T-RackS 24" = T-RackS 24
"Transcribe!" = Transcribe!
"TreePrint" = TreePrint
"True Internet Color" = E-Color Indicator
"TurboTax 2008" = TurboTax 2008
"TurboTax 2009" = TurboTax 2009
"TurboTax Business 2007" = TurboTax Business 2007
"TurboTax Deluxe 2004" = TurboTax Deluxe 2004
"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006
"TurboTax Home & Business 2006" = TurboTax Home & Business 2006
"TurboTax Premier 2005" = TurboTax Premier 2005
"TurboTax Premier 2007" = TurboTax Premier 2007
"TVC8XDrv" = KWorld PVR 883 WDM Drivers
"Tweak UI 2.10" = Tweak UI
"Type 103" = Type 103
"UA-100 Controller" = UA-100 Controller
"UBCD4Win_is1" = UBCD4Win 3.50
"Ulead ArtTexture.Plugin 1.0" = Ulead ArtTexture.Plugin 1.0
"Ulead Button.Applet 1.01" = Ulead Button.Applet 1.0
"Ulead COOL 3D 2" = Ulead COOL 3D 2
"Ulead COOL 3D 2.0" = Ulead COOL 3D 2.0 Trial
"Ulead FantasyWarp.Plugin 1.0" = Ulead FantasyWarp.Plugin 1.0
"Ulead Particle.Plugin 1.0" = Ulead Particle.Plugin 1.0
"Ulead Type.Plugin 1.0" = Ulead Type.Plugin 1.0
"Unit Converter" = Unit Converter
"Unlocker" = Unlocker 1.8.3
"Unreal Gold" = Unreal Gold
"Updates.Com" = Updates.Com
"VAEngine 2.1" = VAEngine 2.1
"Vienna" = Vienna SoundFont Studio
"Viscape Universal" = Superscape Viscape Universal
"VISPRO" = Microsoft Office Visio Professional 2007
"Vivitar ViviScan Compact II-VSF300" = Vivitar ViviScan Compact II-VSF300
"Voice Editor" = Voice Editor
"VoiceAssist 2.1" = VoiceAssist 2.1
"VSC32" = Virtual Sound Canvas 3.2
"vSim" = vSim
"Warcraft II BNE" = Warcraft II BNE
"Waves Audio Processors 3.2" = Waves Audio Processors 3.2
"Waves Gold Native bundle" = Waves Gold Native bundle
"WebVideoCap" = WebVideoCap
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media On-Demand Producer" = Windows Media On-Demand Producer
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinMerge_is1" = WinMerge 2.12.4
"WinMX" = WinMX v3.54 beta 4 Patch level: 3.0 mod 2
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"Wireshark" = Wireshark 1.2.6
"WM Recorder 12.0" = WM Recorder 12.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV to AVI MPEG DVD WMV Converter_is1" = WMV to AVI MPEG DVD WMV Converter 1.7.8
"WMV9APDMOE" = Windows Media Video 9 Advanced Profile Codec
"Wondershare Flash Album Studio_is1" = Wondershare Flash Album Studio (1.6.5.0) Trial Version
"Wondershare Flash SlideShow Builder_is1" = Wondershare Flash SlideShow Builder (3.1.0.92) Trial Version
"Wondershare Flash SlideShow Suite Trial Version_is1" = Wondershare Flash SlideShow Suite (3.1.0.92) Trial Version
"Wondershare Pocket DVD Ripper_is1" = Wondershare Pocket DVD Ripper(Build 1.1.3.0) Trial Version
"Wondershare Pocket DVD Suite Trial Version_is1" = Pocket DVD Suite (Build 1.1.2.0)
"Wondershare Pocket Video Converter Trial Version_is1" = Pocket Video Converter (Build 1.1.2.0)
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"x2VCD" = Super DVD Ripper (remove only)
"XQXSetup_is1" = Xteq Systems X-Setup 6.1
"xSite" = xSite
"XviD" = XviD MPEG-4 Video Codec
"Yahoo! Messenger" = Yahoo! Messenger
"Zip Backup to CD" = Zip Backup to CD
"Zip Password Recovery" = Zip Password Recovery
"Zwei-Stein_is1" = Zwei-Stein Video Compositor 3.01 (Beta 2).

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"998502f2522abe8d" = FOREXTrader
"Adobe Reader for Palm OS" = Adobe Reader for Palm OS, 3.05
"cca7cf78de353a76" = QImport4
"FamilySearch Indexing (www.familysearchindexing.org)" = FamilySearch Indexing (www.familysearchindexing.org)
"Google Chrome" = Google Chrome
"Image Web Server IE Plugin" = Image Web Server 8.1 IE Plugins (Build:3,4,0,242)
"MOGClient" = MOG-O-MATIC -- Listening preferences and sharing
"WinDirStat" = WinDirStat 1.1.2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/1/2010 4:21:54 PM | Computer Name = RUSSELL | Source = FolderSize | ID = 0
Description =

Error - 7/1/2010 4:21:54 PM | Computer Name = RUSSELL | Source = FolderSize | ID = 0
Description =

Error - 7/1/2010 4:21:54 PM | Computer Name = RUSSELL | Source = FolderSize | ID = 0
Description =

Error - 7/1/2010 4:21:54 PM | Computer Name = RUSSELL | Source = FolderSize | ID = 0
Description =

Error - 7/1/2010 4:21:54 PM | Computer Name = RUSSELL | Source = FolderSize | ID = 0
Description =

Error - 7/1/2010 4:21:54 PM | Computer Name = RUSSELL | Source = FolderSize | ID = 0
Description =

Error - 7/1/2010 4:21:54 PM | Computer Name = RUSSELL | Source = FolderSize | ID = 0
Description =

Error - 7/1/2010 4:21:54 PM | Computer Name = RUSSELL | Source = FolderSize | ID = 0
Description =

Error - 7/1/2010 4:21:54 PM | Computer Name = RUSSELL | Source = FolderSize | ID = 0
Description =

Error - 7/1/2010 4:21:54 PM | Computer Name = RUSSELL | Source = FolderSize | ID = 0
Description =

[ OSession Events ]
Error - 11/7/2009 11:17:16 PM | Computer Name = RUSSELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6014.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 720002
seconds with 7380 seconds of active time. This session ended with a crash.

Error - 11/30/2009 5:44:18 PM | Computer Name = RUSSELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6014.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1146378
seconds with 15960 seconds of active time. This session ended with a crash.

Error - 12/2/2009 10:44:08 PM | Computer Name = RUSSELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6014.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 190775
seconds with 3120 seconds of active time. This session ended with a crash.

Error - 12/12/2009 1:25:06 PM | Computer Name = RUSSELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6014.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 93618
seconds with 1860 seconds of active time. This session ended with a crash.

Error - 12/14/2009 11:13:43 PM | Computer Name = RUSSELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6014.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 208048
seconds with 4140 seconds of active time. This session ended with a crash.

Error - 12/17/2009 11:39:58 AM | Computer Name = RUSSELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6014.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 58579
seconds with 780 seconds of active time. This session ended with a crash.

Error - 12/17/2009 7:44:27 PM | Computer Name = RUSSELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/27/2010 8:48:23 PM | Computer Name = RUSSELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 444651
seconds with 4380 seconds of active time. This session ended with a crash.

Error - 3/31/2010 4:50:01 PM | Computer Name = RUSSELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 92
seconds with 60 seconds of active time. This session ended with a crash.

Error - 5/31/2010 1:11:37 PM | Computer Name = RUSSELL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/2/2010 12:11:05 PM | Computer Name = RUSSELL | Source = Service Control Manager | ID = 7034
Description = The LightScribeService Direct Disc Labeling Service service terminated
unexpectedly. It has done this 1 time(s).

Error - 7/2/2010 12:11:05 PM | Computer Name = RUSSELL | Source = Service Control Manager | ID = 7034
Description = The LogMeIn Maintenance Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 7/2/2010 12:11:05 PM | Computer Name = RUSSELL | Source = Service Control Manager | ID = 7034
Description = The LogMeIn service terminated unexpectedly. It has done this 1 time(s).

Error - 7/2/2010 12:11:05 PM | Computer Name = RUSSELL | Source = Service Control Manager | ID = 7034
Description = The Process Blocker service terminated unexpectedly. It has done
this 1 time(s).

Error - 7/2/2010 12:11:05 PM | Computer Name = RUSSELL | Source = Service Control Manager | ID = 7034
Description = The MBAMService service terminated unexpectedly. It has done this
1 time(s).

Error - 7/2/2010 12:11:05 PM | Computer Name = RUSSELL | Source = Service Control Manager | ID = 7034
Description = The SQL Server VSS Writer service terminated unexpectedly. It has
done this 1 time(s).

Error - 7/2/2010 12:11:06 PM | Computer Name = RUSSELL | Source = Service Control Manager | ID = 7034
Description = The User Profile Hive Cleanup service terminated unexpectedly. It
has done this 1 time(s).

Error - 7/2/2010 12:11:06 PM | Computer Name = RUSSELL | Source = Service Control Manager | ID = 7031
Description = The WUSB54Gv42SVC service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 0 milliseconds: Restart
the service.

Error - 7/2/2010 12:19:41 PM | Computer Name = RUSSELL | Source = Service Control Manager | ID = 7000
Description = The WPA Security Protocol (IEEE 802.1x) v2.2.0.0 service failed to
start due to the following error: %%183

Error - 7/2/2010 12:19:56 PM | Computer Name = RUSSELL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd Partizan


< End of report >
  • 0

Advertisements

#86
myrti
Posted 05 July 2010 - 04:41 PM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,
please also answer this question:

Please also let me know which services you disabeld for the clean boot so we can excempt them from the search for the culprit.


regards myrti
  • 0

#87
therealex
Posted 07 July 2010 - 09:19 PM

therealex

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Hi Myrti,

I disabled:
Acronis Scheduler2 Service
Ati HotKey Poller
Avast! antivirus, Mail Scanner, and Web Scanner
Comodo Internet Security Helper Service
Crypkey License
ES lite Service for program management
Folder Size (shows size of folders)
Java Quick Starter
LightScribeService Direct Disc Labeling Service
LogMeIn Maintenance Service
LogMeIn
SQL Server (MSSMLBIZ)
Process Blocker (which is blocking the IE attempts to start when it's not renamed)
SQL Server Browser
SQL Server VSS Writer
WUSB54Gv42SVC (linksys wireless adapter)

And that's pretty much everything that's running as a service, with the exception of the MS stuff. At least, according to MSConfig. I also checked with Spybot S&D startup report (which is fairly confusing, since it lists lots of multiples) but I didn't see anything there either.
  • 0

#88
myrti
Posted 07 July 2010 - 11:43 PM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

could you please uninstall the Ask Toolbar and uninstall and then reinstall Comodo Security Suite. It might be that your Firewall is broken.

Comodo will probably try to reinstall the Ask Toolbar when you install it, deselect it.

regards myrti
  • 0

#89
therealex
Posted 08 July 2010 - 09:05 AM

therealex

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Okay, I've uninstalled Ask, un and re-installed Comodo (which seems to be a completely new version). BTW - it didn't try to install the Ask toolbar this time.

So, what's next? Re-enable IE and see what happens? There were some new options when installing Comodo. You can change your DNS to their DNS, which they claim is more secure. I declined. I also set their Defense & Security Level and their Sandbox level to "disabled", so it's just acting as a firewall.

- Russ
  • 0

#90
myrti
Posted 08 July 2010 - 10:16 AM

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

yes please do that. Let me know if this changes anything.

The options you mentioned are "optional" (hence options :) ). If you want to know more about one of them, let me know and I'll try to explain as best possilbe.

regards myrti
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP