Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

regedit.sys missing or hidden, taskmanager not working

Started by johnnyHip , Sep 09 2010 02:18 PM

Please log in to reply

#1
johnnyHip

Posted 09 September 2010 - 02:18 PM

New Member

Member
6 posts

When I try to open up my taskmanager I get the error
Can not find script file C:\WINDOWS\system32\regedit.sys.
My computer is slow. this may be to do with my AVG9.0 Internet Security or a virus.
Can anyone out there help me
The logs file are attached
thanks

ark.txt 27.51KB 184 downloads

Extras.Txt 52.71KB 195 downloads

OTL.Txt 184.21KB 98 downloads

mbam-log-2010-09-08 (19-54-14).txt 5.44KB 145 downloads

OTL logfile created on: 08/09/2010 20:24:23 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Program Files
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 3837 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 17.30 Gb Free Space | 35.43% Space Free | Partition Type: NTFS
Drive D: | 62.92 Gb Total Space | 54.58 Gb Free Space | 86.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOHNPC
Current User Name: john
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/08 20:22:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
PRC - [2010/07/01 12:07:20 | 001,361,128 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2010/07/01 12:07:18 | 000,840,936 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2010/06/22 09:16:46 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/06/22 09:16:43 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/06/22 09:16:43 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/06/22 09:16:41 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/06/22 09:16:37 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/06/22 09:16:37 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/06/22 09:15:59 | 002,331,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2010/06/22 09:15:58 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/06/22 09:15:57 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/06/22 09:15:56 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/06/03 01:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/03/21 19:52:11 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/02/18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/02/17 21:57:17 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/11/24 12:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/27 18:56:54 | 003,072,184 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe
PRC - [2008/02/27 18:56:54 | 001,032,376 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KHost.exe
PRC - [2007/09/12 21:27:37 | 001,174,152 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2006/05/08 05:17:56 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2006/03/09 11:10:12 | 003,977,216 | ---- | M] () -- C:\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
PRC - [2006/01/18 18:04:07 | 000,068,608 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2005/10/18 11:11:10 | 000,020,545 | ---- | M] () -- C:\Program Files\Apache Group\Apache\Apache.exe
PRC - [2005/06/07 00:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2004/10/14 15:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2004/06/09 15:27:34 | 000,471,040 | ---- | M] (PalmSource, Inc) -- C:\Program Files\Palm\Hotsync.exe
PRC - [2002/10/16 20:20:20 | 000,073,728 | ---- | M] () -- C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
PRC - [2001/11/30 13:15:56 | 000,090,112 | ---- | M] (MUSICMATCH, Inc.) -- C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

========== Modules (SafeList) ==========

MOD - [2010/09/08 20:22:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
MOD - [2010/06/22 09:16:43 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\avgrsstx.dll
MOD - [2010/06/07 18:07:08 | 000,541,928 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2010/07/01 12:07:18 | 000,840,936 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/06/22 09:16:41 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/22 09:16:37 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/06/22 09:15:59 | 002,331,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/04/19 10:25:46 | 000,430,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/02/27 18:56:54 | 003,072,184 | ---- | M] (Kontiki Inc.) [Auto | Running] -- C:\Program Files\Kontiki\KService.exe -- (KService)
SRV - [2007/09/12 21:27:37 | 001,174,152 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/05/08 04:24:54 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2006/04/27 17:35:16 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/04/27 17:27:06 | 000,049,241 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/04/27 17:16:28 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/03/09 11:10:12 | 003,977,216 | ---- | M] () [Auto | Running] -- C:\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL)
SRV - [2006/01/18 18:04:07 | 000,068,608 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/10/18 11:11:10 | 000,020,545 | ---- | M] () [Auto | Running] -- C:\Program Files\Apache Group\Apache\Apache.exe -- (Apache)
SRV - [2005/09/08 14:47:23 | 000,069,632 | ---- | M] (Macromedia) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\COMFiltr.sys -- (ComFiltr)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\av5flt.sys -- (AvFlt)
DRV - [2010/07/01 12:07:30 | 000,166,632 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/07/01 12:07:30 | 000,059,240 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys -- (RapportKELL)
DRV - [2010/06/22 09:16:45 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/22 09:16:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx)
DRV - [2010/06/22 09:16:38 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx)
DRV - [2010/06/22 09:16:38 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2010/06/22 09:16:37 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx)
DRV - [2010/06/22 09:15:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/01 08:22:27 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/30 09:47:46 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/04/30 09:47:16 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010/04/30 09:47:16 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010/02/27 18:49:11 | 000,390,528 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\RapportBuka.sys -- (RapportBuka)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/19 10:00:00 | 000,385,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/05/11 21:22:12 | 000,017,134 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.sys -- (PCANDIS5)
DRV - [2007/02/03 11:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/02/03 11:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2006/12/26 14:14:26 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2006/10/11 14:43:10 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/12/10 04:06:00 | 003,536,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/03/15 01:04:00 | 000,100,597 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/03/15 01:04:00 | 000,098,580 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/03/15 01:04:00 | 000,085,972 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/03/15 01:04:00 | 000,034,837 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/03/15 01:04:00 | 000,025,685 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/03/15 01:04:00 | 000,014,229 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/03/15 01:04:00 | 000,006,357 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/03/15 01:04:00 | 000,004,117 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/03/15 01:04:00 | 000,002,233 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/03/05 22:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 22:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 22:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 22:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2004/02/27 02:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/02/13 03:21:00 | 000,086,160 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/01/14 19:18:16 | 000,005,621 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/01/14 19:18:04 | 000,023,219 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/06/21 15:41:52 | 000,073,216 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2000/11/09 13:56:48 | 000,113,828 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Kazoo.sys -- (kazoo)
DRV - [2000/03/29 17:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Netscape 6 6.2.3\Extensions\\Components: C:\Program Files\Netscape\Netscape 6\Components [2010/03/21 19:52:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 6 6.2.3\Extensions\\Plugins: C:\Program Files\Netscape\Netscape 6\Plugins [2010/04/28 18:06:39 | 000,000,000 | ---D | M]

[2009/07/30 20:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Mozilla\Extensions
[2009/07/30 20:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Mozilla\Extensions\[email protected]
[2009/01/03 15:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Mozilla\Firefox\extensions
[2009/01/03 15:51:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\john\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

O1 HOSTS File: ([2010/04/29 19:50:11 | 000,002,114 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 0.0.0.0 virusin
O1 - Hosts: 0.0.0.0 www.vir
O1 - Hosts: 0.0.0.0 project
O1 - Hosts: 0.0.0.0 www.pro
O1 - Hosts: 0.0.0.0 novirus
O1 - Hosts: 0.0.0.0 www.nov
O1 - Hosts: 0.0.0.0 www.ant
O1 - Hosts: 0.0.0.0 zeustra
O1 - Hosts: 0.0.0.0 www.zeu
O1 - Hosts: 0.0.0.0 www.mal
O1 - Hosts: 0.0.0.0 www3.ma
O1 - Hosts: 0.0.0.0 forum.m
O1 - Hosts: 0.0.0.0 www.thr
O1 - Hosts: 0.0.0.0 threate
O1 - Hosts: 0.0.0.0 www.av-
O1 - Hosts: 0.0.0.0 av-comp
O1 - Hosts: 0.0.0.0 av-test
O1 - Hosts: 0.0.0.0 www.av-
O1 - Hosts: 0.0.0.0 www.sca
O1 - Hosts: 0.0.0.0 www.vir
O1 - Hosts: 0.0.0.0 adwarer
O1 - Hosts: 0.0.0.0 www.adw
O1 - Hosts: 0.0.0.0 malware
O1 - Hosts: 0.0.0.0 www.mal
O1 - Hosts: 57 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - Reg Error: Value error. File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (BrowserHelper Class) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\system32\nzdd.dll (RealNetworks, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Install5G] E:\Install.exe File not found
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (MUSICMATCH, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RFX_auto_upgrade] File not found
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
O4 - HKCU..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RealDownload.lnk = C:\Program Files\Real\RealDownload\Realdownload.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = [binary data]
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\john\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\john\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\drwtsn32.exe: Debugger - C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\regedit.sys (Microsoft Corporation)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\regedit.sys (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/07 22:11:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: SENTINEL - C:\WINDOWS\System32\SNTI386.DLL ()
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 90 Days ==========

[2010/09/08 20:22:23 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2010/09/08 19:30:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/08 19:29:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/08 19:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/08 18:32:12 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Program Files\TFC.exe
[2010/09/07 20:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/07 20:09:39 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2010/09/06 21:51:46 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/09/06 21:51:46 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/09/06 21:50:24 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/09/06 21:50:12 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/09/06 21:48:58 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/09/06 21:48:57 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/09/06 21:48:42 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/09/06 21:48:22 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/09/06 21:48:02 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/09/06 21:48:01 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/09/06 21:48:01 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/09/06 21:47:55 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/09/06 21:47:52 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/09/06 21:47:49 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/09/06 21:47:47 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/09/06 21:47:30 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/09/06 21:47:25 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/09/06 21:47:24 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/09/06 21:47:24 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/09/06 21:47:09 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/09/06 21:47:00 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/09/06 21:46:56 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/09/06 21:46:56 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/09/06 21:46:31 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/09/06 21:46:31 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/09/06 21:46:31 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/09/06 21:46:30 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/09/06 21:46:30 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/09/06 21:46:29 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/09/06 21:46:12 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/09/06 21:46:07 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/09/06 21:46:07 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/09/06 21:46:04 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/09/06 21:46:00 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/09/06 21:46:00 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/09/06 21:45:47 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/09/06 21:45:47 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/09/06 21:45:09 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/09/06 21:45:09 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/09/06 21:45:08 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/09/06 21:45:06 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/09/06 21:44:59 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/09/06 21:44:43 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/09/06 21:44:16 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/09/06 21:44:15 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/09/06 21:44:14 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/09/06 21:44:13 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010/09/06 21:44:12 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/09/06 21:43:51 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/09/06 21:43:51 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/09/06 21:43:49 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/09/06 21:43:46 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/09/06 21:43:19 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/09/06 21:43:19 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/09/06 21:43:18 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/09/06 21:43:17 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/09/06 21:42:53 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/09/06 21:42:50 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/09/06 21:42:50 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/09/06 21:42:41 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/09/06 21:42:40 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/09/06 21:42:40 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/09/06 21:42:39 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/09/06 21:42:39 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/09/06 21:42:38 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/09/06 21:42:38 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/09/06 21:42:37 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/09/06 21:42:37 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/09/06 21:42:34 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/09/06 21:42:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/09/06 21:42:30 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/09/06 21:42:28 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/09/06 21:42:21 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2010/09/06 21:42:20 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/09/06 21:42:13 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/09/06 21:41:58 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/09/06 21:41:55 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/09/06 21:41:52 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/09/06 21:41:24 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/09/06 21:41:23 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/09/06 21:41:07 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/09/06 21:41:06 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/09/06 21:41:05 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/09/06 21:40:57 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/09/06 21:40:14 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/09/06 21:40:14 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/09/06 21:40:11 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/09/06 21:40:08 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/09/06 21:40:08 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/09/06 21:39:47 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/09/06 21:39:47 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/09/06 21:39:46 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/09/06 21:39:44 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/09/06 21:39:01 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/09/06 21:38:48 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/09/06 21:38:48 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/09/06 21:38:45 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/09/06 21:38:43 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/09/06 21:38:33 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/09/06 21:38:33 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/09/06 21:38:23 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/09/06 21:38:23 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/09/06 21:38:22 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/09/06 21:38:22 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/09/06 21:38:21 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/09/06 21:38:20 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/09/06 21:38:18 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/09/06 21:38:17 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/09/06 21:38:17 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/09/06 21:38:16 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/09/06 21:38:16 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/09/06 21:38:13 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/09/06 21:36:52 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/09/06 21:36:00 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/09/06 21:35:43 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/09/06 21:35:42 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/09/06 21:35:40 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/09/06 21:35:40 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/09/06 21:35:39 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/09/06 21:35:38 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/09/06 21:35:26 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/09/06 21:35:25 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/09/06 21:35:24 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/09/06 21:35:23 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/09/06 21:35:11 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/09/06 21:35:09 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/09/06 21:33:25 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/09/06 21:33:08 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/09/06 21:32:11 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/09/06 21:31:21 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/09/06 21:31:18 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/09/06 21:30:55 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/09/06 21:30:54 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/09/06 21:30:52 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/09/06 21:30:41 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/09/06 21:30:24 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/09/06 21:30:23 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/09/06 21:30:14 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/09/06 21:30:13 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/09/06 21:30:12 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/09/06 21:30:09 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/09/06 21:29:51 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/09/06 21:29:49 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/09/06 21:29:48 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/09/06 21:29:28 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/09/06 21:28:38 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/09/06 21:28:26 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/09/06 21:28:09 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/09/06 21:28:06 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/09/06 21:28:06 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/09/06 21:28:03 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/09/06 21:28:02 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/09/06 21:28:02 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/09/06 21:28:01 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/09/06 21:27:56 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/09/06 21:27:36 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/09/06 21:27:35 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/09/06 21:27:30 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/09/06 21:27:06 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/09/06 21:27:06 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/09/06 21:27:05 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/09/06 21:27:05 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/09/06 21:27:04 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/09/06 21:27:04 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/09/06 21:27:03 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/09/06 21:27:01 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/09/06 21:26:51 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/09/06 21:26:50 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/09/06 21:26:23 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/09/06 21:26:09 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/09/06 21:25:50 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/09/06 21:25:49 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/09/06 21:25:48 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/09/06 21:25:47 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/09/06 21:25:47 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/09/06 21:25:30 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/09/06 21:25:29 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/09/06 21:25:28 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/09/06 21:25:26 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/09/06 21:25:24 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/09/06 21:25:23 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/09/06 21:24:38 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/09/06 21:24:37 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/09/06 21:24:37 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/09/06 21:24:36 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/09/06 21:24:35 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/09/06 21:24:35 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/09/06 21:24:33 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/09/06 21:24:33 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/09/06 21:24:31 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/09/06 21:24:30 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/09/06 21:24:29 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/09/06 21:24:28 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/09/06 21:24:27 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/09/06 21:24:26 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/09/06 21:24:26 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/09/06 21:24:25 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/09/06 21:24:24 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/09/06 21:24:23 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/09/06 21:23:03 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/09/06 21:22:53 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/09/06 21:22:52 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/09/06 21:22:51 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/09/06 21:22:51 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/09/06 21:22:49 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/09/06 21:22:47 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/09/06 21:22:47 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/09/06 21:22:08 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/09/06 21:22:04 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/09/06 21:21:55 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/09/06 21:21:32 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010/09/06 21:21:30 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010/09/06 21:21:29 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010/09/06 21:21:29 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010/09/06 21:21:28 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010/09/06 21:21:28 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010/09/06 21:21:25 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010/09/06 21:21:23 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010/09/06 21:21:20 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010/09/06 21:21:20 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2010/09/06 21:21:17 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010/09/06 21:21:16 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010/09/06 21:21:15 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010/09/06 19:22:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john\My Documents\My Scans
[2010/09/06 19:05:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2010/09/06 17:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010/08/25 13:27:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
[2010/08/08 07:45:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\john\My Documents\My DVDs
[2010/07/28 17:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010/07/02 21:53:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john\Local Settings\Application Data\Yahoo
[2010/07/02 21:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/07/02 21:52:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\custom matrices
[2010/07/02 21:52:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\languages
[2010/07/02 21:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john\Application Data\DivX
[2010/07/02 21:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/07/02 21:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/07/02 21:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/07/02 21:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john\My Documents\CyberLink
[2010/07/02 21:01:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010/07/02 20:56:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2010/06/30 19:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/06/30 19:22:55 | 012,588,394 | ---- | C] (Cyberlink, Inc. ) -- C:\Documents and Settings\john\Desktop\PowerDVD50CAYPLOBG.exe
[2010/06/29 15:25:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\john\My Documents\My Videos
[2010/06/22 09:16:43 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2005/09/09 15:34:15 | 020,798,256 | ---- | C] (Netopsystems AG ) -- C:\Program Files\AdbeRdr70_enu_full.exe
[2005/09/09 07:05:01 | 011,802,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RealPlayer10-5GOLD.exe
[2004/11/24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

========== Files - Modified Within 90 Days ==========

[2010/09/08 20:22:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2010/09/08 20:15:17 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\john\Local Settings\Application Data\prvlcl.dat
[2010/09/08 20:12:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/08 20:03:23 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/09/08 20:01:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/08 20:01:07 | 000,043,573 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/09/08 20:01:03 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/08 19:59:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/08 19:59:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/08 19:58:32 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\john\NTUSER.DAT
[2010/09/08 19:58:32 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\john\ntuser.ini
[2010/09/08 19:30:03 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/08 18:32:21 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Program Files\TFC.exe
[2010/09/08 17:07:56 | 064,416,311 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/07 20:09:44 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2010/09/06 19:13:40 | 000,139,775 | ---- | M] () -- C:\WINDOWS\hpoins15.dat
[2010/09/06 19:10:41 | 000,000,799 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/06 19:07:58 | 000,001,858 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.01.lnk
[2010/09/06 19:06:10 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/09/06 19:05:34 | 000,000,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2010/09/06 18:50:34 | 000,000,136 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/09/06 15:58:21 | 000,616,965 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2010/08/26 06:56:50 | 000,281,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/25 22:45:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/25 13:49:13 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/25 13:49:13 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/08/25 13:31:15 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/08/08 07:45:52 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/08/07 09:09:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-616249376-725345543-1003.job
[2010/07/24 11:04:36 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/07/17 09:08:49 | 002,145,112 | -H-- | M] () -- C:\Documents and Settings\john\Local Settings\Application Data\IconCache.db
[2010/07/15 11:39:45 | 000,001,466 | ---- | M] () -- C:\Documents and Settings\john\Desktop\DivX Movies.lnk
[2010/07/15 11:39:41 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/07/02 21:52:32 | 000,035,938 | ---- | M] () -- C:\WINDOWS\System32\unins000.dat
[2010/07/02 21:52:25 | 000,707,682 | ---- | M] () -- C:\WINDOWS\System32\unins000.exe
[2010/07/02 21:28:56 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/07/02 20:56:33 | 000,001,684 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerDVD.lnk
[2010/07/02 15:36:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/02 12:44:40 | 000,133,120 | ---- | M] () -- C:\Documents and Settings\john\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/02 12:39:27 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\john\My Documents\PDVD_MediaDisc.PlayList
[2010/06/30 19:33:33 | 012,588,394 | ---- | M] (Cyberlink, Inc. ) -- C:\Documents and Settings\john\Desktop\PowerDVD50CAYPLOBG.exe
[2010/06/22 09:16:45 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/06/22 09:16:43 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/06/22 09:16:38 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2010/06/22 09:15:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

========== Files Created - No Company Name ==========

[2010/09/08 19:30:03 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/06 21:51:44 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/09/06 21:51:44 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/09/06 21:50:24 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/09/06 21:41:00 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/09/06 21:40:58 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/09/06 21:40:49 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/09/06 21:40:49 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/09/06 21:37:07 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/09/06 21:35:08 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/09/06 21:31:20 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/09/06 21:31:19 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/09/06 21:31:18 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/09/06 21:31:16 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/09/06 21:31:15 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/09/06 21:28:05 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/09/06 21:28:04 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/09/06 21:28:04 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/09/06 21:25:10 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/09/06 21:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/09/06 21:25:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/09/06 21:25:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/09/06 21:25:08 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/09/06 21:25:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/09/06 21:25:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/09/06 21:25:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/09/06 21:25:06 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/09/06 21:25:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/09/06 21:25:05 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/09/06 21:25:05 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/09/06 21:25:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/09/06 21:25:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/09/06 21:25:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/09/06 21:25:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/09/06 21:25:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/09/06 21:25:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/09/06 21:25:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/09/06 21:25:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/09/06 21:25:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/09/06 21:25:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/09/06 21:25:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/09/06 21:25:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/09/06 21:24:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/09/06 21:24:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/09/06 21:24:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/09/06 21:24:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/09/06 21:24:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/09/06 21:24:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/09/06 21:24:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/09/06 21:24:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/09/06 21:24:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/09/06 21:24:55 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/09/06 21:24:55 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/09/06 21:24:54 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/09/06 21:24:54 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/09/06 21:24:53 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/09/06 21:24:53 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/09/06 21:24:52 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/09/06 21:24:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/09/06 21:24:51 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/09/06 21:24:51 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/09/06 21:24:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/09/06 21:24:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/09/06 21:24:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/09/06 21:24:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/09/06 21:24:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/09/06 21:24:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/09/06 21:24:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/09/06 21:24:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/09/06 21:24:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/09/06 21:24:46 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/09/06 21:24:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/09/06 21:24:45 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/09/06 21:24:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/09/06 21:24:44 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/09/06 21:24:43 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/09/06 21:24:23 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/09/06 21:23:17 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/09/06 21:22:29 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/09/06 21:22:28 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/09/06 21:22:27 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/09/06 21:22:26 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/09/06 21:22:26 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/09/06 21:22:25 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/09/06 21:22:24 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/09/06 21:22:24 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/09/06 21:22:22 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/09/06 21:22:14 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/09/06 19:07:58 | 000,001,858 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.01.lnk
[2010/09/06 19:06:10 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/09/06 19:05:34 | 000,000,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2010/09/06 18:49:24 | 000,139,775 | ---- | C] () -- C:\WINDOWS\hpoins15.dat
[2010/09/06 18:49:23 | 000,001,039 | ---- | C] () -- C:\WINDOWS\hpomdl15.dat
[2010/07/24 11:04:36 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/07/24 11:04:33 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/07/15 11:39:41 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/07/02 21:52:29 | 000,001,708 | ---- | C] () -- C:\WINDOWS\System32\openIE.js
[2010/07/02 21:52:28 | 000,882,688 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/07/02 21:52:28 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\lame.ax
[2010/07/02 21:52:28 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/07/02 21:52:28 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/07/02 21:52:28 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/07/02 21:52:28 | 000,169,984 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/07/02 21:52:28 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/07/02 21:52:28 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/07/02 21:52:28 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/07/02 21:52:28 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/07/02 21:52:27 | 001,632,375 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/07/02 21:52:27 | 000,707,682 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
[2010/07/02 21:52:27 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/07/02 21:52:27 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/07/02 21:52:27 | 000,035,938 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2010/07/02 21:30:08 | 000,001,466 | ---- | C] () -- C:\Documents and Settings\john\Desktop\DivX Movies.lnk
[2010/07/02 21:28:56 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/07/02 20:56:33 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerDVD.lnk
[2010/07/02 12:39:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\john\My Documents\PDVD_MediaDisc.PlayList
[2010/06/18 15:36:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/15 18:14:15 | 000,000,217 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/04/28 17:46:25 | 000,010,934 | -HS- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\RRGvg
[2010/04/28 17:46:25 | 000,010,934 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\RRGvg
[2010/04/22 09:31:54 | 000,013,320 | -HS- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\ISo1D077l
[2010/04/22 09:31:54 | 000,013,320 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\ISo1D077l
[2010/04/21 17:10:46 | 000,011,006 | -HS- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\d0i4
[2010/04/21 17:10:46 | 000,011,006 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\d0i4
[2010/02/11 20:11:09 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/03/10 20:58:39 | 005,238,880 | ---- | C] () -- C:\Program Files\MP3Rocket-Win.exe
[2008/12/19 16:15:58 | 004,836,992 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 18:41:18 | 000,957,047 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 18:22:58 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 18:22:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 17:59:54 | 000,611,638 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/12/11 12:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/07/27 20:40:34 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2008/06/26 19:11:17 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\john\Application Data\brara1985.sys
[2008/06/26 19:10:26 | 000,010,568 | ---- | C] () -- C:\Documents and Settings\john\Application Data\docXConverter.ini
[2008/06/18 21:23:00 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\john\Application Data\Settings.cfg
[2008/06/18 21:21:24 | 007,927,552 | ---- | C] () -- C:\Program Files\aceftp3free.exe
[2008/06/14 13:15:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\prvlcl.dat
[2008/06/04 18:02:25 | 047,787,248 | ---- | C] () -- C:\Program Files\avg_free_stf_en_8_100a1295.exe
[2008/05/30 19:42:16 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2008/03/04 19:52:34 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2008/01/27 19:23:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/08/19 10:29:04 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS
[2007/08/19 10:29:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL
[2007/08/19 10:29:04 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL
[2007/07/21 15:49:26 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/05/17 14:58:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
[2007/02/03 09:59:04 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/12/26 14:46:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/11/07 21:42:26 | 002,935,561 | ---- | C] () -- C:\Program Files\VIDEO.TBK
[2006/11/07 21:42:26 | 000,578,564 | ---- | C] () -- C:\Program Files\SISTEMA.SBK
[2006/11/07 21:42:26 | 000,089,952 | ---- | C] () -- C:\Program Files\TOOLS.SBK
[2006/11/07 21:42:26 | 000,076,950 | ---- | C] () -- C:\Program Files\SYSVIDEO.SBK
[2006/11/07 21:42:26 | 000,070,392 | ---- | C] () -- C:\Program Files\SYSAUDIO.SBK
[2006/11/07 21:42:26 | 000,027,282 | ---- | C] () -- C:\Program Files\TB40MM.SBK
[2006/11/07 21:42:25 | 002,536,883 | ---- | C] () -- C:\Program Files\LANZA.TBK
[2006/11/07 21:42:24 | 001,955,605 | ---- | C] () -- C:\Program Files\EDM.TBK
[2006/11/07 21:42:23 | 000,092,903 | ---- | C] () -- C:\Program Files\BLOC.TBK
[2006/11/07 21:31:32 | 000,000,141 | ---- | C] () -- C:\WINDOWS\asym.ini
[2006/09/17 18:38:50 | 000,002,842 | ---- | C] () -- C:\Program Files\installtgz.zip
[2006/09/17 18:37:14 | 000,484,992 | ---- | C] () -- C:\Program Files\agoracgi.tar
[2006/04/04 19:42:44 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\php_xslt.dll
[2006/04/04 19:41:43 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\sablot.dll
[2006/04/04 19:41:43 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\mSQL.dll
[2006/04/04 19:41:35 | 000,900,383 | ---- | C] () -- C:\WINDOWS\System32\.libmysql.dll.001284
[2006/04/04 19:41:35 | 000,165,643 | ---- | C] () -- C:\WINDOWS\System32\libmhash.dll
[2006/04/04 19:41:35 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2006/03/16 16:28:19 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\php4isapi.dll
[2006/03/16 16:28:13 | 000,024,576 | ---- | C] () -- C:\WINDOWS\php4isapi.dll
[2006/02/13 10:26:37 | 001,069,056 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll
[2006/01/16 15:02:40 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\nets12.dll
[2006/01/08 21:25:10 | 000,982,990 | ---- | C] () -- C:\Program Files\FreecorderSetup.exe
[2005/12/17 16:39:46 | 000,002,600 | ---- | C] () -- C:\Documents and Settings\john\Application Data\Hewlett-PackardHP PSC 1500 series1134832924_PROTOCOL.log
[2005/12/17 16:39:46 | 000,000,575 | ---- | C] () -- C:\Documents and Settings\john\Application Data\Hewlett-PackardHP PSC 1500 series1134832924_UI.log
[2005/12/17 16:39:46 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2005/12/17 16:39:46 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\john\Application Data\Hewlett-PackardHP PSC 1500 series1134832924_API.log
[2005/12/17 16:07:07 | 000,014,291 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2005/12/10 04:06:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/12/10 04:06:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/12/10 04:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/12/10 04:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/12/10 04:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/12/10 04:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/12/10 04:06:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/10/08 17:16:30 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2005/10/08 17:16:30 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2005/10/08 17:16:07 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2005/10/08 17:16:07 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2005/10/08 17:16:05 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2005/10/07 11:26:23 | 000,353,298 | ---- | C] () -- C:\Program Files\LimeWireWin.exe
[2005/10/07 08:57:37 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2005/09/21 19:39:46 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI
[2005/09/14 14:56:08 | 001,713,436 | ---- | C] () -- C:\Program Files\LX32W32.exe
[2005/09/13 13:51:50 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2005/09/13 13:51:50 | 000,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2005/09/13 08:51:14 | 002,855,080 | ---- | C] () -- C:\Program Files\aawsepersonal.exe
[2005/09/10 16:59:44 | 000,000,900 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/09 20:23:29 | 000,007,744 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/09/09 09:56:23 | 000,133,120 | ---- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/09 07:00:22 | 000,003,682 | ---- | C] () -- C:\WINDOWS\System32\hpphgfk.drv
[2005/09/09 07:00:22 | 000,003,298 | ---- | C] () -- C:\WINDOWS\System32\fepfij.drv
[2005/09/09 07:00:22 | 000,003,250 | ---- | C] () -- C:\WINDOWS\pojfnje.drv
[2005/09/09 07:00:22 | 000,002,658 | ---- | C] () -- C:\WINDOWS\jlegjea.drv
[2005/09/09 07:00:22 | 000,002,002 | ---- | C] () -- C:\WINDOWS\eagnf.drv
[2005/09/09 07:00:22 | 000,001,746 | ---- | C] () -- C:\WINDOWS\fneahp.drv
[2005/09/09 07:00:22 | 000,000,132 | ---- | C] () -- C:\WINDOWS\System32\lllllg.sys
[2005/09/08 13:55:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2005/09/08 13:55:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2005/09/08 12:36:01 | 000,000,136 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/09/08 12:13:31 | 000,000,257 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2005/09/08 10:00:22 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/06/11 11:47:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\fpprintmon.dll
[2004/10/03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/03/26 23:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/14 12:58:04 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2002/11/14 12:58:04 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2002/11/14 12:58:02 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2002/11/14 12:58:02 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2002/11/14 12:58:02 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2001/07/06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2006/01/18 18:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010/05/22 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/04/30 09:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2005/09/08 12:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/06/18 21:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2006/12/26 14:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2010/09/08 20:29:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki
[2005/12/19 08:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NETg
[2010/02/13 11:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/14 11:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2006/04/30 20:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Alien Skin
[2010/05/02 11:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\AVG9
[2008/06/18 21:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Dynamic
[2008/12/20 19:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\EmailNotifier
[2009/12/25 16:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\GARMIN
[2006/01/28 15:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\GlobalSCAPE
[2006/12/26 14:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\HotSync
[2007/09/16 16:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\IBP
[2008/01/25 11:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Image Zone Express
[2005/09/08 13:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Leadertech
[2010/01/30 20:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Megaupload
[2009/07/30 20:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\MP3Rocket
[2006/07/16 14:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\MySQL
[2006/01/31 17:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Opera
[2009/07/23 20:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\SiteClasses
[2008/06/18 21:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Sites
[2010/04/30 08:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\System Tweaker
[2010/02/14 11:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Trusteer
[2010/02/13 11:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Uniblue
[2010/05/27 19:58:47 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2010/09/08 20:03:23 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2008/12/17 21:09:36 | 000,002,566 | ---- | M] () -- C:\additdiag.txt
[2005/09/07 22:11:46 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/25 13:49:13 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2005/09/07 22:11:46 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/06/17 16:12:08 | 000,001,424 | ---- | M] () -- C:\INSTALL.LOG
[2005/09/07 22:11:46 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/30 09:27:42 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2005/09/07 22:11:46 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/02/11 14:32:49 | 000,000,097 | ---- | M] () -- C:\my.cnf
[2009/03/21 17:16:14 | 000,000,007 | ---- | M] () -- C:\NOTACER.ID
[2005/09/13 08:10:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/02/15 19:11:52 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/08 19:59:39 | 4023,386,112 | -HS- | M] () -- C:\pagefile.sys
[2005/09/29 19:51:50 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[1999/06/25 10:55:30 | 000,149,504 | ---- | M] () -- C:\UNWISE.EXE

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2005/09/07 22:58:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/09/07 22:58:05 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/09/07 22:58:05 | 000,421,888 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-25 21:46:57

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >

Edited by Essexboy, 12 September 2010 - 07:52 AM.
log opened

#2
MariaCristina

Posted 12 September 2010 - 07:48 AM

Visiting Staff

Visiting Consultant
277 posts

Hello, johnnyHip

Welcome to Geeks to Go!

My name is Maria Cristina and I will be helping you. I will be back as soon as possible, as each reply must be approved by a resident expert before I can be allowed to post it to you.

Please, be patient. Do not try to fix your malware issues by yourself. You should only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyze and fix your PC in the long run.
Do not ask for help in other forums. Trying to follow more than one procedure at the same time can cause a lot of issues.
POST your logs, do not attach them, as it makes it harder to read.
English is not my first language, so please do not use slang or idioms, as this makes it difficult to understand for me.
I suggest you to subscribe this thread, by clicking in My Settings, on the top of this page.

You should click in the Notification Options and check the option Watch every topic I reply to - If enabled, choose default notification type: and set your desired notification type.

#3
MariaCristina

Posted 13 September 2010 - 02:13 PM

Visiting Staff

Visiting Consultant
277 posts

Hello, johnnyHip

Have you disabled System Restore?
During the procedures below the System Restore will be re-enabled. Please do not disable it. It is better to be safe than sorry.

STEP 1:

We need to submit a file to analysis. Please, open Internet Explorer and visit this page: http://virscan.org/

Click on the browse button and navigate to the file listed in red below:

C:\Program Files\LX32W32.exe

Click on the Upload button
If a pop-up appears saying the file has been scanned already, please select the ReScan button.
Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
Paste the contents of the clipboard in your next reply.

Repeat the same step to also analyze this file in red:

C:\WINDOWS\System32\lllllg.sys

STEP 2:

We need to make some changes in the Registry. Before we do that, we need to make a full backup of your Registry.
Posted Image

ERUNT allows you to store a complete backup of your registry and restore if needed. Removing modern malware infections often requires making changes to the registry, and a corrupt registry can prevent a system from booting. Compatible with Windows NT, 2000, 2003, XP, Vista, 32 & 64-bit versions.

Download ERUNT (Emergency Recovery Utility NT)
Double-click erunt_setup.exe to run.
Follow the prompts and install using the default configuration (setup language, install location, shortcuts...).
Say No to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later.
Start ERUNT
Choose a location for the backup
The default location C:\WINDOWS\ERDNT\[today's date] is preferred
The first two check boxes are ticked by default (System registry and Current user registry).
Press OK
When prompted, click YES to create a new folder.
Progress bars will show backup status.
A confirmation window will popup when complete. Click OK to close.

STEP 3:

Select these lines in red bellow, then right-click on the selection and go to copy:

:OTL
O4 - HKLM..\Run: [Install5G] E:\Install.exe File not found
O4 - HKLM..\Run: [RFX_auto_upgrade] File not found
O27 - HKLM IFEO\drwtsn32.exe: Debugger - C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\regedit.sys (Microsoft Corporation)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\regedit.sys (Microsoft Corporation)
[2010/04/28 17:46:25 | 000,010,934 | -HS- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\RRGvg
[2010/04/28 17:46:25 | 000,010,934 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\RRGvg
[2010/04/22 09:31:54 | 000,013,320 | -HS- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\ISo1D077l
[2010/04/22 09:31:54 | 000,013,320 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\ISo1D077l
[2010/04/21 17:10:46 | 000,011,006 | -HS- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\d0i4
[2010/04/21 17:10:46 | 000,011,006 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\d0i4
[2005/10/07 08:57:37 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini

:reg
[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\secfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.vbs]
@="VBSFile"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Edit\Command]
@=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,4e,\
6f,74,65,70,61,64,2e,65,78,65,20,25,31,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Print\Command]
@=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,4e,\
6f,74,65,70,61,64,2e,65,78,65,20,2f,70,20,25,31,00

:Commands
[resethosts]
[purity]
[emptytemp]
[emptyflash]

Run OTL.exe

** Windows Vista and Windows 7 users:
Right-click on the file then choose Run as admin option.

Right-click on any blank part under Custom Scans/Fixes then click on Paste

Close ALL open windows except OTL.

Click on Fix button.

The tool will run the script and will ask to reboot your system. Allow it.

When back into Windows, OTL will be automatically ran. Allow it, if asked.

A notepad window will be shown, with some data.
Copy ALL (edit > select all > copy) its contents and paste here in a new reply.

This log would be saved in C:\_OTL\MovedFiles folder, named as date_time.log.

Eg: 03142010_145545.log

STEP 4:

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

Required logs are:

VirScan results
OTL fix
Combofix.txt

#4
johnnyHip

Posted 13 September 2010 - 03:16 PM

New Member

Topic Starter
Member
6 posts

Maria,
Thanks for taking the time to look in my computer problems.

Below are the results of the virscan.org scans

File Name : LX32W32.exe
File Size : 1713436 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : 76f746334a92d131cb4bc06c545dbf09
SHA1 : 667ff29b74c6a25c6e98aa1a1b95ad22a6b4edde
Scanner results : Scanners did not find malware!
Time : 2010/09/13 21:39:41 (BST)

a-squared 5.0.0.19 20100914000848 2010-09-14 - 7.301
AhnLab V3 2010.09.13.01 2010.09.13 2010-09-13 - 1.292
AntiVir 8.2.4.50 7.10.11.157 2010-09-13 - 0.292
Antiy 2.0.18 20100914.5155144 2010-09-14 - 0.018
Arcavir 2009 201006281601 2010-06-28 - 0.006
Authentium 5.1.1 201009131012 2010-09-13 - 1.368
AVAST! 4.7.4 100913-1 2010-09-13 - 0.321
AVG 8.5.850 271.1.1/3132 2010-09-13 - 2.448
BitDefender 7.90123.6375946 7.33863 2010-09-14 - 4.812
ClamAV 0.96.1 11900 2010-09-13 - 0.164
Comodo 4.0 6069 2010-09-13 - 1.262
CP Secure 1.3.0.5 2010.09.13 2010-09-13 - 0.432
Dr.Web 5.0.2.3300 2010.09.14 2010-09-14 - 11.087
F-Prot 4.4.4.56 20100913 2010-09-13 - 1.366
F-Secure 7.02.73807 2010.09.13.03 2010-09-13 - 2.056
Fortinet 4.1.143 12.347 2010-09-13 - 0.195
GData 21.834/21.330 20100913 2010-09-13 - 8.222
Ikarus T3.1.32.15.0 2010.09.13.76720 2010-09-13 - 4.858
JiangMin 13.0.900 2010.08.30 2010-08-30 - 1.516
Kaspersky 5.5.10 2010.09.13 2010-09-13 - 1.044
KingSoft 2009.2.5.15 2010.9.13.18 2010-09-13 - 0.836
McAfee 5400.1158 6105 2010-09-13 - 18.648
Microsoft 1.6103 2010.09.11 2010-09-11 - 11.721
Norman 6.06.05 6.06.00 2010-09-13 - 4.008
nProtect 20100913.02 9100860 2010-09-13 - 16.176
Panda 9.05.01 2010.09.13 2010-09-13 - 4.273
Quick Heal 11.00 2010.09.13 2010-09-13 - 2.672
Rising 20.0 22.65.00.03 2010-09-13 - 2.260
Sophos 3.11.2 4.57 2010-09-14 - 4.247
Sunbelt 3.9.2447.2 6871 2010-09-13 - 19.688
Symantec 1.3.0.24 20100913.004 2010-09-13 - 0.097
The Hacker 6.7.0.0 v00017 2010-09-13 - 1.386
Trend Micro 9.120-1004 7.460.13 2010-09-13 - 0.046
VBA32 3.12.14.0 20100913.0838 2010-09-13 - 4.334
ViRobot 20100913 2010.09.13 2010-09-13 - 0.378
VirusBuster 4.5.11.10 10.128.1/2043961 2010-09-13 - 2.885
Scanner results : Scanners did not find malware!
Time : 2010/09/13 21:57:22 (BST)

File Name : lllllg.sys
File Size : 132 byte
File Type : data
MD5 : dbda24f61909712fb0b9d756ee4eff60
SHA1 : 16bf0aaed02302158a1b89732c4030fee2c38c56

a-squared 5.0.0.19 20100914000848 2010-09-14 - 4.418
AhnLab V3 2010.09.13.01 2010.09.13 2010-09-13 - 1.257
AntiVir 8.2.4.50 7.10.11.157 2010-09-13 - 0.275
Antiy 2.0.18 20100914.5155144 2010-09-14 - 0.021
Arcavir 2009 201006281601 2010-06-28 - 0.005
Authentium 5.1.1 201009131012 2010-09-13 - 1.388
AVAST! 4.7.4 100913-1 2010-09-13 - 0.002
AVG 8.5.850 271.1.1/3132 2010-09-13 - 0.242
BitDefender 7.90123.6375946 7.33863 2010-09-14 - 4.524
ClamAV 0.96.1 11900 2010-09-13 - 0.003
Comodo 4.0 6069 2010-09-13 - 1.161
CP Secure 1.3.0.5 2010.09.13 2010-09-13 - 0.004
Dr.Web 5.0.2.3300 2010.09.14 2010-09-14 - 9.220
F-Prot 4.4.4.56 20100913 2010-09-13 - 1.273
F-Secure 7.02.73807 2010.09.13.03 2010-09-13 - 10.730
Fortinet 4.1.143 12.347 2010-09-13 - 0.120
GData 21.834/21.330 20100913 2010-09-13 - 7.328
Ikarus T3.1.32.15.0 2010.09.13.76720 2010-09-13 - 4.706
JiangMin 13.0.900 2010.08.30 2010-08-30 - 1.280
Kaspersky 5.5.10 2010.09.13 2010-09-13 - 0.027
KingSoft 2009.2.5.15 2010.9.13.18 2010-09-13 - 0.640
McAfee 5400.1158 6105 2010-09-13 - 18.423
Microsoft 1.6103 2010.09.11 2010-09-11 - 5.462
Norman 6.06.05 6.06.00 2010-09-13 - 6.007
nProtect 20100913.02 9100860 2010-09-13 - 8.853
Panda 9.05.01 2010.09.13 2010-09-13 - 1.992
Quick Heal 11.00 2010.09.13 2010-09-13 - 2.151
Rising 20.0 22.65.00.03 2010-09-13 - 0.229
Sophos 3.11.2 4.57 2010-09-14 - 3.998
Sunbelt 3.9.2447.2 6871 2010-09-13 - 11.516
Symantec 1.3.0.24 20100913.004 2010-09-13 - 0.203
The Hacker 6.7.0.0 v00017 2010-09-13 - 0.480
Trend Micro 9.120-1004 7.460.13 2010-09-13 - 0.022
VBA32 3.12.14.0 20100913.0838 2010-09-13 - 3.120
ViRobot 20100913 2010.09.13 2010-09-13 - 0.365
VirusBuster 4.5.11.10 10.128.1/2043961 2010-09-13 - 2.382
■Heuristic/Suspicious ■Exact
Note: This file has been scanned before. Therefore, this file's scan result will not be stored in the database

The next posting will be after I reboot using OTL fix

Cheers

#5
MariaCristina

Posted 13 September 2010 - 04:46 PM

Visiting Staff

Visiting Consultant
277 posts

#6
johnnyHip

Posted 15 September 2010 - 02:01 PM

New Member

Topic Starter
Member
6 posts

Maria
hi there
Here are the two files you asked for
OTL log and ComboFix log. thanks

OTL logfile created on: 08/09/2010 20:24:23 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Program Files
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 3837 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 17.30 Gb Free Space | 35.43% Space Free | Partition Type: NTFS
Drive D: | 62.92 Gb Total Space | 54.58 Gb Free Space | 86.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOHNPC
Current User Name: john
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/08 20:22:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
PRC - [2010/07/01 12:07:20 | 001,361,128 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2010/07/01 12:07:18 | 000,840,936 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2010/06/22 09:16:46 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/06/22 09:16:43 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/06/22 09:16:43 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/06/22 09:16:41 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/06/22 09:16:37 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/06/22 09:16:37 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/06/22 09:15:59 | 002,331,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2010/06/22 09:15:58 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/06/22 09:15:57 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/06/22 09:15:56 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/06/03 01:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/03/21 19:52:11 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/02/18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/02/17 21:57:17 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/11/24 12:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/27 18:56:54 | 003,072,184 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe
PRC - [2008/02/27 18:56:54 | 001,032,376 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KHost.exe
PRC - [2007/09/12 21:27:37 | 001,174,152 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2006/05/08 05:17:56 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2006/03/09 11:10:12 | 003,977,216 | ---- | M] () -- C:\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
PRC - [2006/01/18 18:04:07 | 000,068,608 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2005/10/18 11:11:10 | 000,020,545 | ---- | M] () -- C:\Program Files\Apache Group\Apache\Apache.exe
PRC - [2005/06/07 00:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2004/10/14 15:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2004/06/09 15:27:34 | 000,471,040 | ---- | M] (PalmSource, Inc) -- C:\Program Files\Palm\Hotsync.exe
PRC - [2002/10/16 20:20:20 | 000,073,728 | ---- | M] () -- C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
PRC - [2001/11/30 13:15:56 | 000,090,112 | ---- | M] (MUSICMATCH, Inc.) -- C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

========== Modules (SafeList) ==========

MOD - [2010/09/08 20:22:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
MOD - [2010/06/22 09:16:43 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\avgrsstx.dll
MOD - [2010/06/07 18:07:08 | 000,541,928 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2010/07/01 12:07:18 | 000,840,936 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/06/22 09:16:41 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/22 09:16:37 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/06/22 09:15:59 | 002,331,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/04/19 10:25:46 | 000,430,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/02/27 18:56:54 | 003,072,184 | ---- | M] (Kontiki Inc.) [Auto | Running] -- C:\Program Files\Kontiki\KService.exe -- (KService)
SRV - [2007/09/12 21:27:37 | 001,174,152 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/05/08 04:24:54 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2006/04/27 17:35:16 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/04/27 17:27:06 | 000,049,241 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/04/27 17:16:28 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/03/09 11:10:12 | 003,977,216 | ---- | M] () [Auto | Running] -- C:\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL)
SRV - [2006/01/18 18:04:07 | 000,068,608 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/10/18 11:11:10 | 000,020,545 | ---- | M] () [Auto | Running] -- C:\Program Files\Apache Group\Apache\Apache.exe -- (Apache)
SRV - [2005/09/08 14:47:23 | 000,069,632 | ---- | M] (Macromedia) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\COMFiltr.sys -- (ComFiltr)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\av5flt.sys -- (AvFlt)
DRV - [2010/07/01 12:07:30 | 000,166,632 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/07/01 12:07:30 | 000,059,240 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys -- (RapportKELL)
DRV - [2010/06/22 09:16:45 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/22 09:16:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx)
DRV - [2010/06/22 09:16:38 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx)
DRV - [2010/06/22 09:16:38 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2010/06/22 09:16:37 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx)
DRV - [2010/06/22 09:15:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/01 08:22:27 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/30 09:47:46 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/04/30 09:47:16 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010/04/30 09:47:16 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010/02/27 18:49:11 | 000,390,528 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\RapportBuka.sys -- (RapportBuka)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/19 10:00:00 | 000,385,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/05/11 21:22:12 | 000,017,134 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.sys -- (PCANDIS5)
DRV - [2007/02/03 11:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/02/03 11:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2006/12/26 14:14:26 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2006/10/11 14:43:10 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/12/10 04:06:00 | 003,536,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/03/15 01:04:00 | 000,100,597 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/03/15 01:04:00 | 000,098,580 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/03/15 01:04:00 | 000,085,972 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/03/15 01:04:00 | 000,034,837 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/03/15 01:04:00 | 000,025,685 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/03/15 01:04:00 | 000,014,229 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/03/15 01:04:00 | 000,006,357 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/03/15 01:04:00 | 000,004,117 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/03/15 01:04:00 | 000,002,233 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/03/05 22:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 22:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 22:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 22:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2004/02/27 02:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/02/13 03:21:00 | 000,086,160 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/01/14 19:18:16 | 000,005,621 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/01/14 19:18:04 | 000,023,219 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/06/21 15:41:52 | 000,073,216 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2000/11/09 13:56:48 | 000,113,828 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Kazoo.sys -- (kazoo)
DRV - [2000/03/29 17:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Netscape 6 6.2.3\Extensions\\Components: C:\Program Files\Netscape\Netscape 6\Components [2010/03/21 19:52:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 6 6.2.3\Extensions\\Plugins: C:\Program Files\Netscape\Netscape 6\Plugins [2010/04/28 18:06:39 | 000,000,000 | ---D | M]

[2009/07/30 20:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Mozilla\Extensions
[2009/07/30 20:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Mozilla\Extensions\[email protected]
[2009/01/03 15:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Mozilla\Firefox\extensions
[2009/01/03 15:51:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\john\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

O1 HOSTS File: ([2010/04/29 19:50:11 | 000,002,114 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 0.0.0.0 virusin
O1 - Hosts: 0.0.0.0 www.vir
O1 - Hosts: 0.0.0.0 project
O1 - Hosts: 0.0.0.0 www.pro
O1 - Hosts: 0.0.0.0 novirus
O1 - Hosts: 0.0.0.0 www.nov
O1 - Hosts: 0.0.0.0 www.ant
O1 - Hosts: 0.0.0.0 zeustra
O1 - Hosts: 0.0.0.0 www.zeu
O1 - Hosts: 0.0.0.0 www.mal
O1 - Hosts: 0.0.0.0 www3.ma
O1 - Hosts: 0.0.0.0 forum.m
O1 - Hosts: 0.0.0.0 www.thr
O1 - Hosts: 0.0.0.0 threate
O1 - Hosts: 0.0.0.0 www.av-
O1 - Hosts: 0.0.0.0 av-comp
O1 - Hosts: 0.0.0.0 av-test
O1 - Hosts: 0.0.0.0 www.av-
O1 - Hosts: 0.0.0.0 www.sca
O1 - Hosts: 0.0.0.0 www.vir
O1 - Hosts: 0.0.0.0 adwarer
O1 - Hosts: 0.0.0.0 www.adw
O1 - Hosts: 0.0.0.0 malware
O1 - Hosts: 0.0.0.0 www.mal
O1 - Hosts: 57 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - Reg Error: Value error. File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (BrowserHelper Class) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\system32\nzdd.dll (RealNetworks, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Install5G] E:\Install.exe File not found
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (MUSICMATCH, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RFX_auto_upgrade] File not found
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
O4 - HKCU..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RealDownload.lnk = C:\Program Files\Real\RealDownload\Realdownload.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = [binary data]
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\john\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\john\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\drwtsn32.exe: Debugger - C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\regedit.sys (Microsoft Corporation)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\regedit.sys (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/07 22:11:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: SENTINEL - C:\WINDOWS\System32\SNTI386.DLL ()
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 90 Days ==========

[2010/09/08 20:22:23 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2010/09/08 19:30:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/08 19:29:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/08 19:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/08 18:32:12 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Program Files\TFC.exe
[2010/09/07 20:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/07 20:09:39 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2010/09/06 21:51:46 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/09/06 21:51:46 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/09/06 21:50:24 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/09/06 21:50:12 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/09/06 21:48:58 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/09/06 21:48:57 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/09/06 21:48:42 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/09/06 21:48:22 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/09/06 21:48:02 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/09/06 21:48:01 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/09/06 21:48:01 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/09/06 21:47:55 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/09/06 21:47:52 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/09/06 21:47:49 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/09/06 21:47:47 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/09/06 21:47:30 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/09/06 21:47:25 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/09/06 21:47:24 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/09/06 21:47:24 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/09/06 21:47:09 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/09/06 21:47:00 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/09/06 21:46:56 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/09/06 21:46:56 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/09/06 21:46:31 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/09/06 21:46:31 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/09/06 21:46:31 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/09/06 21:46:30 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/09/06 21:46:30 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/09/06 21:46:29 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/09/06 21:46:12 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/09/06 21:46:07 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/09/06 21:46:07 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/09/06 21:46:04 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/09/06 21:46:00 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/09/06 21:46:00 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/09/06 21:45:47 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/09/06 21:45:47 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/09/06 21:45:09 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/09/06 21:45:09 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/09/06 21:45:08 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/09/06 21:45:06 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/09/06 21:44:59 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/09/06 21:44:43 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/09/06 21:44:16 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/09/06 21:44:15 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/09/06 21:44:14 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/09/06 21:44:13 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010/09/06 21:44:12 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/09/06 21:43:51 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/09/06 21:43:51 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/09/06 21:43:49 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/09/06 21:43:46 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/09/06 21:43:19 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/09/06 21:43:19 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/09/06 21:43:18 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/09/06 21:43:17 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/09/06 21:42:53 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/09/06 21:42:50 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/09/06 21:42:50 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/09/06 21:42:41 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/09/06 21:42:40 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/09/06 21:42:40 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/09/06 21:42:39 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/09/06 21:42:39 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/09/06 21:42:38 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/09/06 21:42:38 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/09/06 21:42:37 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/09/06 21:42:37 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/09/06 21:42:34 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/09/06 21:42:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/09/06 21:42:30 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/09/06 21:42:28 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/09/06 21:42:21 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2010/09/06 21:42:20 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/09/06 21:42:13 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/09/06 21:41:58 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/09/06 21:41:55 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/09/06 21:41:52 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/09/06 21:41:24 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/09/06 21:41:23 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/09/06 21:41:07 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/09/06 21:41:06 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/09/06 21:41:05 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/09/06 21:40:57 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/09/06 21:40:14 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/09/06 21:40:14 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/09/06 21:40:11 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/09/06 21:40:08 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/09/06 21:40:08 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/09/06 21:39:47 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/09/06 21:39:47 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/09/06 21:39:46 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/09/06 21:39:44 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/09/06 21:39:01 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/09/06 21:38:48 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/09/06 21:38:48 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/09/06 21:38:45 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/09/06 21:38:43 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/09/06 21:38:33 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/09/06 21:38:33 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/09/06 21:38:23 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/09/06 21:38:23 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/09/06 21:38:22 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/09/06 21:38:22 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/09/06 21:38:21 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/09/06 21:38:20 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/09/06 21:38:18 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/09/06 21:38:17 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/09/06 21:38:17 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/09/06 21:38:16 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/09/06 21:38:16 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/09/06 21:38:13 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/09/06 21:36:52 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/09/06 21:36:00 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/09/06 21:35:43 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/09/06 21:35:42 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/09/06 21:35:40 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/09/06 21:35:40 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/09/06 21:35:39 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/09/06 21:35:38 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/09/06 21:35:26 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/09/06 21:35:25 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/09/06 21:35:24 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/09/06 21:35:23 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/09/06 21:35:11 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/09/06 21:35:09 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/09/06 21:33:25 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/09/06 21:33:08 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/09/06 21:32:11 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/09/06 21:31:21 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/09/06 21:31:18 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/09/06 21:30:55 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/09/06 21:30:54 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/09/06 21:30:52 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/09/06 21:30:41 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/09/06 21:30:24 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/09/06 21:30:23 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/09/06 21:30:14 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/09/06 21:30:13 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/09/06 21:30:12 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/09/06 21:30:09 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/09/06 21:29:51 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/09/06 21:29:49 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/09/06 21:29:48 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/09/06 21:29:28 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/09/06 21:28:38 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/09/06 21:28:26 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/09/06 21:28:09 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/09/06 21:28:06 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/09/06 21:28:06 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/09/06 21:28:03 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/09/06 21:28:02 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/09/06 21:28:02 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/09/06 21:28:01 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/09/06 21:27:56 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/09/06 21:27:36 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/09/06 21:27:35 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/09/06 21:27:30 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/09/06 21:27:06 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/09/06 21:27:06 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/09/06 21:27:05 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/09/06 21:27:05 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/09/06 21:27:04 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/09/06 21:27:04 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/09/06 21:27:03 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/09/06 21:27:01 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/09/06 21:26:51 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/09/06 21:26:50 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/09/06 21:26:23 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/09/06 21:26:09 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/09/06 21:25:50 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/09/06 21:25:49 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/09/06 21:25:48 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/09/06 21:25:47 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/09/06 21:25:47 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/09/06 21:25:30 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/09/06 21:25:29 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/09/06 21:25:28 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/09/06 21:25:26 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/09/06 21:25:24 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/09/06 21:25:23 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/09/06 21:24:38 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/09/06 21:24:37 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/09/06 21:24:37 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/09/06 21:24:36 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/09/06 21:24:35 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/09/06 21:24:35 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/09/06 21:24:33 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/09/06 21:24:33 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/09/06 21:24:31 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/09/06 21:24:30 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/09/06 21:24:29 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/09/06 21:24:28 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/09/06 21:24:27 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/09/06 21:24:26 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/09/06 21:24:26 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/09/06 21:24:25 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/09/06 21:24:24 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/09/06 21:24:23 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/09/06 21:23:03 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/09/06 21:22:53 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/09/06 21:22:52 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/09/06 21:22:51 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/09/06 21:22:51 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/09/06 21:22:49 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/09/06 21:22:47 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/09/06 21:22:47 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/09/06 21:22:08 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/09/06 21:22:04 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/09/06 21:21:55 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/09/06 21:21:32 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010/09/06 21:21:30 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010/09/06 21:21:29 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010/09/06 21:21:29 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010/09/06 21:21:28 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010/09/06 21:21:28 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010/09/06 21:21:25 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010/09/06 21:21:23 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010/09/06 21:21:20 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010/09/06 21:21:20 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2010/09/06 21:21:17 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010/09/06 21:21:16 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010/09/06 21:21:15 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010/09/06 19:22:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john\My Documents\My Scans
[2010/09/06 19:05:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2010/09/06 17:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010/08/25 13:27:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
[2010/08/08 07:45:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\john\My Documents\My DVDs
[2010/07/28 17:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010/07/02 21:53:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john\Local Settings\Application Data\Yahoo
[2010/07/02 21:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/07/02 21:52:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\custom matrices
[2010/07/02 21:52:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\languages
[2010/07/02 21:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john\Application Data\DivX
[2010/07/02 21:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/07/02 21:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/07/02 21:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/07/02 21:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\john\My Documents\CyberLink
[2010/07/02 21:01:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010/07/02 20:56:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2010/06/30 19:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/06/30 19:22:55 | 012,588,394 | ---- | C] (Cyberlink, Inc. ) -- C:\Documents and Settings\john\Desktop\PowerDVD50CAYPLOBG.exe
[2010/06/29 15:25:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\john\My Documents\My Videos
[2010/06/22 09:16:43 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2005/09/09 15:34:15 | 020,798,256 | ---- | C] (Netopsystems AG ) -- C:\Program Files\AdbeRdr70_enu_full.exe
[2005/09/09 07:05:01 | 011,802,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RealPlayer10-5GOLD.exe
[2004/11/24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

========== Files - Modified Within 90 Days ==========

[2010/09/08 20:22:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2010/09/08 20:15:17 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\john\Local Settings\Application Data\prvlcl.dat
[2010/09/08 20:12:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/08 20:03:23 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/09/08 20:01:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/08 20:01:07 | 000,043,573 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/09/08 20:01:03 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/08 19:59:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/08 19:59:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/08 19:58:32 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\john\NTUSER.DAT
[2010/09/08 19:58:32 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\john\ntuser.ini
[2010/09/08 19:30:03 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/08 18:32:21 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Program Files\TFC.exe
[2010/09/08 17:07:56 | 064,416,311 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/07 20:09:44 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2010/09/06 19:13:40 | 000,139,775 | ---- | M] () -- C:\WINDOWS\hpoins15.dat
[2010/09/06 19:10:41 | 000,000,799 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/06 19:07:58 | 000,001,858 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.01.lnk
[2010/09/06 19:06:10 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/09/06 19:05:34 | 000,000,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2010/09/06 18:50:34 | 000,000,136 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/09/06 15:58:21 | 000,616,965 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2010/08/26 06:56:50 | 000,281,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/25 22:45:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/25 13:49:13 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/25 13:49:13 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/08/25 13:31:15 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/08/08 07:45:52 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/08/07 09:09:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-616249376-725345543-1003.job
[2010/07/24 11:04:36 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/07/17 09:08:49 | 002,145,112 | -H-- | M] () -- C:\Documents and Settings\john\Local Settings\Application Data\IconCache.db
[2010/07/15 11:39:45 | 000,001,466 | ---- | M] () -- C:\Documents and Settings\john\Desktop\DivX Movies.lnk
[2010/07/15 11:39:41 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/07/02 21:52:32 | 000,035,938 | ---- | M] () -- C:\WINDOWS\System32\unins000.dat
[2010/07/02 21:52:25 | 000,707,682 | ---- | M] () -- C:\WINDOWS\System32\unins000.exe
[2010/07/02 21:28:56 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/07/02 20:56:33 | 000,001,684 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerDVD.lnk
[2010/07/02 15:36:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/02 12:44:40 | 000,133,120 | ---- | M] () -- C:\Documents and Settings\john\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/02 12:39:27 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\john\My Documents\PDVD_MediaDisc.PlayList
[2010/06/30 19:33:33 | 012,588,394 | ---- | M] (Cyberlink, Inc. ) -- C:\Documents and Settings\john\Desktop\PowerDVD50CAYPLOBG.exe
[2010/06/22 09:16:45 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/06/22 09:16:43 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/06/22 09:16:38 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2010/06/22 09:15:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

========== Files Created - No Company Name ==========

[2010/09/08 19:30:03 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/06 21:51:44 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/09/06 21:51:44 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/09/06 21:50:24 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/09/06 21:41:00 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/09/06 21:40:58 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/09/06 21:40:49 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/09/06 21:40:49 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/09/06 21:37:07 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/09/06 21:35:08 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/09/06 21:31:20 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/09/06 21:31:19 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/09/06 21:31:18 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/09/06 21:31:16 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/09/06 21:31:15 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/09/06 21:28:05 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/09/06 21:28:04 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/09/06 21:28:04 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/09/06 21:25:10 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/09/06 21:25:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/09/06 21:25:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/09/06 21:25:09 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/09/06 21:25:08 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/09/06 21:25:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/09/06 21:25:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/09/06 21:25:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/09/06 21:25:06 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/09/06 21:25:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/09/06 21:25:05 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/09/06 21:25:05 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/09/06 21:25:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/09/06 21:25:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/09/06 21:25:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/09/06 21:25:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/09/06 21:25:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/09/06 21:25:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/09/06 21:25:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/09/06 21:25:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/09/06 21:25:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/09/06 21:25:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/09/06 21:25:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/09/06 21:25:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/09/06 21:24:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/09/06 21:24:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/09/06 21:24:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/09/06 21:24:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/09/06 21:24:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/09/06 21:24:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/09/06 21:24:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/09/06 21:24:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/09/06 21:24:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/09/06 21:24:55 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/09/06 21:24:55 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/09/06 21:24:54 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/09/06 21:24:54 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/09/06 21:24:53 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/09/06 21:24:53 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/09/06 21:24:52 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/09/06 21:24:52 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/09/06 21:24:51 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/09/06 21:24:51 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/09/06 21:24:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/09/06 21:24:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/09/06 21:24:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/09/06 21:24:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/09/06 21:24:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/09/06 21:24:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/09/06 21:24:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/09/06 21:24:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/09/06 21:24:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/09/06 21:24:46 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/09/06 21:24:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/09/06 21:24:45 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/09/06 21:24:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/09/06 21:24:44 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/09/06 21:24:43 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/09/06 21:24:23 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/09/06 21:23:17 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/09/06 21:22:29 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/09/06 21:22:28 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/09/06 21:22:27 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/09/06 21:22:26 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/09/06 21:22:26 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/09/06 21:22:25 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/09/06 21:22:24 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/09/06 21:22:24 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/09/06 21:22:22 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/09/06 21:22:14 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/09/06 19:07:58 | 000,001,858 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.01.lnk
[2010/09/06 19:06:10 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/09/06 19:05:34 | 000,000,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2010/09/06 18:49:24 | 000,139,775 | ---- | C] () -- C:\WINDOWS\hpoins15.dat
[2010/09/06 18:49:23 | 000,001,039 | ---- | C] () -- C:\WINDOWS\hpomdl15.dat
[2010/07/24 11:04:36 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/07/24 11:04:33 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/07/15 11:39:41 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/07/02 21:52:29 | 000,001,708 | ---- | C] () -- C:\WINDOWS\System32\openIE.js
[2010/07/02 21:52:28 | 000,882,688 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/07/02 21:52:28 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\lame.ax
[2010/07/02 21:52:28 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/07/02 21:52:28 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/07/02 21:52:28 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/07/02 21:52:28 | 000,169,984 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/07/02 21:52:28 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/07/02 21:52:28 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/07/02 21:52:28 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/07/02 21:52:28 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/07/02 21:52:27 | 001,632,375 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/07/02 21:52:27 | 000,707,682 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
[2010/07/02 21:52:27 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/07/02 21:52:27 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/07/02 21:52:27 | 000,035,938 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2010/07/02 21:30:08 | 000,001,466 | ---- | C] () -- C:\Documents and Settings\john\Desktop\DivX Movies.lnk
[2010/07/02 21:28:56 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/07/02 20:56:33 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerDVD.lnk
[2010/07/02 12:39:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\john\My Documents\PDVD_MediaDisc.PlayList
[2010/06/18 15:36:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/15 18:14:15 | 000,000,217 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/04/28 17:46:25 | 000,010,934 | -HS- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\RRGvg
[2010/04/28 17:46:25 | 000,010,934 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\RRGvg
[2010/04/22 09:31:54 | 000,013,320 | -HS- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\ISo1D077l
[2010/04/22 09:31:54 | 000,013,320 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\ISo1D077l
[2010/04/21 17:10:46 | 000,011,006 | -HS- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\d0i4
[2010/04/21 17:10:46 | 000,011,006 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\d0i4
[2010/02/11 20:11:09 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/03/10 20:58:39 | 005,238,880 | ---- | C] () -- C:\Program Files\MP3Rocket-Win.exe
[2008/12/19 16:15:58 | 004,836,992 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 18:41:18 | 000,957,047 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 18:22:58 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 18:22:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 17:59:54 | 000,611,638 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/12/11 12:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/07/27 20:40:34 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2008/06/26 19:11:17 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\john\Application Data\brara1985.sys
[2008/06/26 19:10:26 | 000,010,568 | ---- | C] () -- C:\Documents and Settings\john\Application Data\docXConverter.ini
[2008/06/18 21:23:00 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\john\Application Data\Settings.cfg
[2008/06/18 21:21:24 | 007,927,552 | ---- | C] () -- C:\Program Files\aceftp3free.exe
[2008/06/14 13:15:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\prvlcl.dat
[2008/06/04 18:02:25 | 047,787,248 | ---- | C] () -- C:\Program Files\avg_free_stf_en_8_100a1295.exe
[2008/05/30 19:42:16 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2008/03/04 19:52:34 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2008/01/27 19:23:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/08/19 10:29:04 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS
[2007/08/19 10:29:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL
[2007/08/19 10:29:04 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL
[2007/07/21 15:49:26 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/05/17 14:58:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
[2007/02/03 09:59:04 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/12/26 14:46:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/11/07 21:42:26 | 002,935,561 | ---- | C] () -- C:\Program Files\VIDEO.TBK
[2006/11/07 21:42:26 | 000,578,564 | ---- | C] () -- C:\Program Files\SISTEMA.SBK
[2006/11/07 21:42:26 | 000,089,952 | ---- | C] () -- C:\Program Files\TOOLS.SBK
[2006/11/07 21:42:26 | 000,076,950 | ---- | C] () -- C:\Program Files\SYSVIDEO.SBK
[2006/11/07 21:42:26 | 000,070,392 | ---- | C] () -- C:\Program Files\SYSAUDIO.SBK
[2006/11/07 21:42:26 | 000,027,282 | ---- | C] () -- C:\Program Files\TB40MM.SBK
[2006/11/07 21:42:25 | 002,536,883 | ---- | C] () -- C:\Program Files\LANZA.TBK
[2006/11/07 21:42:24 | 001,955,605 | ---- | C] () -- C:\Program Files\EDM.TBK
[2006/11/07 21:42:23 | 000,092,903 | ---- | C] () -- C:\Program Files\BLOC.TBK
[2006/11/07 21:31:32 | 000,000,141 | ---- | C] () -- C:\WINDOWS\asym.ini
[2006/09/17 18:38:50 | 000,002,842 | ---- | C] () -- C:\Program Files\installtgz.zip
[2006/09/17 18:37:14 | 000,484,992 | ---- | C] () -- C:\Program Files\agoracgi.tar
[2006/04/04 19:42:44 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\php_xslt.dll
[2006/04/04 19:41:43 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\sablot.dll
[2006/04/04 19:41:43 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\mSQL.dll
[2006/04/04 19:41:35 | 000,900,383 | ---- | C] () -- C:\WINDOWS\System32\.libmysql.dll.001284
[2006/04/04 19:41:35 | 000,165,643 | ---- | C] () -- C:\WINDOWS\System32\libmhash.dll
[2006/04/04 19:41:35 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2006/03/16 16:28:19 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\php4isapi.dll
[2006/03/16 16:28:13 | 000,024,576 | ---- | C] () -- C:\WINDOWS\php4isapi.dll
[2006/02/13 10:26:37 | 001,069,056 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll
[2006/01/16 15:02:40 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\nets12.dll
[2006/01/08 21:25:10 | 000,982,990 | ---- | C] () -- C:\Program Files\FreecorderSetup.exe
[2005/12/17 16:39:46 | 000,002,600 | ---- | C] () -- C:\Documents and Settings\john\Application Data\Hewlett-PackardHP PSC 1500 series1134832924_PROTOCOL.log
[2005/12/17 16:39:46 | 000,000,575 | ---- | C] () -- C:\Documents and Settings\john\Application Data\Hewlett-PackardHP PSC 1500 series1134832924_UI.log
[2005/12/17 16:39:46 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2005/12/17 16:39:46 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\john\Application Data\Hewlett-PackardHP PSC 1500 series1134832924_API.log
[2005/12/17 16:07:07 | 000,014,291 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2005/12/10 04:06:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/12/10 04:06:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/12/10 04:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/12/10 04:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/12/10 04:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/12/10 04:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/12/10 04:06:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/10/08 17:16:30 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2005/10/08 17:16:30 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2005/10/08 17:16:07 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2005/10/08 17:16:07 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2005/10/08 17:16:05 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2005/10/07 11:26:23 | 000,353,298 | ---- | C] () -- C:\Program Files\LimeWireWin.exe
[2005/10/07 08:57:37 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2005/09/21 19:39:46 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI
[2005/09/14 14:56:08 | 001,713,436 | ---- | C] () -- C:\Program Files\LX32W32.exe
[2005/09/13 13:51:50 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2005/09/13 13:51:50 | 000,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2005/09/13 08:51:14 | 002,855,080 | ---- | C] () -- C:\Program Files\aawsepersonal.exe
[2005/09/10 16:59:44 | 000,000,900 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/09 20:23:29 | 000,007,744 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/09/09 09:56:23 | 000,133,120 | ---- | C] () -- C:\Documents and Settings\john\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/09 07:00:22 | 000,003,682 | ---- | C] () -- C:\WINDOWS\System32\hpphgfk.drv
[2005/09/09 07:00:22 | 000,003,298 | ---- | C] () -- C:\WINDOWS\System32\fepfij.drv
[2005/09/09 07:00:22 | 000,003,250 | ---- | C] () -- C:\WINDOWS\pojfnje.drv
[2005/09/09 07:00:22 | 000,002,658 | ---- | C] () -- C:\WINDOWS\jlegjea.drv
[2005/09/09 07:00:22 | 000,002,002 | ---- | C] () -- C:\WINDOWS\eagnf.drv
[2005/09/09 07:00:22 | 000,001,746 | ---- | C] () -- C:\WINDOWS\fneahp.drv
[2005/09/09 07:00:22 | 000,000,132 | ---- | C] () -- C:\WINDOWS\System32\lllllg.sys
[2005/09/08 13:55:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2005/09/08 13:55:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2005/09/08 12:36:01 | 000,000,136 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/09/08 12:13:31 | 000,000,257 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2005/09/08 10:00:22 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/06/11 11:47:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\fpprintmon.dll
[2004/10/03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/03/26 23:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/14 12:58:04 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2002/11/14 12:58:04 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2002/11/14 12:58:02 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2002/11/14 12:58:02 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2002/11/14 12:58:02 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2001/07/06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2006/01/18 18:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010/05/22 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/04/30 09:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2005/09/08 12:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/06/18 21:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2006/12/26 14:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2010/09/08 20:29:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki
[2005/12/19 08:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NETg
[2010/02/13 11:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/14 11:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2006/04/30 20:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Alien Skin
[2010/05/02 11:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\AVG9
[2008/06/18 21:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Dynamic
[2008/12/20 19:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\EmailNotifier
[2009/12/25 16:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\GARMIN
[2006/01/28 15:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\GlobalSCAPE
[2006/12/26 14:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\HotSync
[2007/09/16 16:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\IBP
[2008/01/25 11:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Image Zone Express
[2005/09/08 13:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Leadertech
[2010/01/30 20:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Megaupload
[2009/07/30 20:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\MP3Rocket
[2006/07/16 14:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\MySQL
[2006/01/31 17:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Opera
[2009/07/23 20:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\SiteClasses
[2008/06/18 21:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Sites
[2010/04/30 08:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\System Tweaker
[2010/02/14 11:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Trusteer
[2010/02/13 11:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\john\Application Data\Uniblue
[2010/05/27 19:58:47 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2010/09/08 20:03:23 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2008/12/17 21:09:36 | 000,002,566 | ---- | M] () -- C:\additdiag.txt
[2005/09/07 22:11:46 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/25 13:49:13 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2005/09/07 22:11:46 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/06/17 16:12:08 | 000,001,424 | ---- | M] () -- C:\INSTALL.LOG
[2005/09/07 22:11:46 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/30 09:27:42 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2005/09/07 22:11:46 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/02/11 14:32:49 | 000,000,097 | ---- | M] () -- C:\my.cnf
[2009/03/21 17:16:14 | 000,000,007 | ---- | M] () -- C:\NOTACER.ID
[2005/09/13 08:10:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/02/15 19:11:52 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/08 19:59:39 | 4023,386,112 | -HS- | M] () -- C:\pagefile.sys
[2005/09/29 19:51:50 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[1999/06/25 10:55:30 | 000,149,504 | ---- | M] () -- C:\UNWISE.EXE

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2005/09/07 22:58:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/09/07 22:58:05 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/09/07 22:58:05 | 000,421,888 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-25 21:46:57

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >

ComboFix 10-09-14.05 - john 15/09/2010 20:38:55.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2559.1902 [GMT 1:00]
Running from: c:\documents and settings\john\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\NETg
c:\documents and settings\All Users\Application Data\NETg\netg.ini
c:\windows\system32\AutoRun.inf
c:\windows\system32\Cache
c:\windows\winmain32

.
((((((((((((((((((((((((( Files Created from 2010-08-15 to 2010-09-15 )))))))))))))))))))))))))))))))
.

2010-09-15 16:22 . 2010-09-15 16:22 -------- d-----w- c:\windows\LastGood
2010-09-13 21:48 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-13 21:48 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-13 21:48 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-13 21:48 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-13 21:48 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-13 21:48 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-13 21:48 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-13 21:48 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-13 21:48 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-13 21:48 . 2010-09-13 21:48 -------- d-----w- c:\program files\Alwil Software
2010-09-13 21:48 . 2010-09-13 21:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-09-13 21:16 . 2010-09-13 21:16 -------- d-----w- C:\_OTL
2010-09-08 20:11 . 2010-09-08 20:12 -------- d-----w- c:\program files\ERUNT
2010-09-08 20:09 . 2010-09-08 20:09 791393 ----a-w- c:\program files\erunt-setup.exe
2010-09-08 18:30 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-08 18:29 . 2010-09-08 18:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-08 18:29 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-08 17:32 . 2010-09-08 17:32 446464 ----a-w- c:\program files\TFC.exe
2010-09-07 19:09 . 2010-09-07 19:09 -------- d-----w- c:\program files\Trend Micro
2010-09-07 19:09 . 2010-09-07 19:09 812344 ----a-w- c:\program files\HJTInstall.exe
2010-09-06 20:51 . 2008-04-13 23:12 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-09-06 20:51 . 2001-08-17 21:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-09-06 20:51 . 2008-04-13 23:12 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-09-06 20:51 . 2001-08-17 21:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-09-06 20:51 . 2001-08-17 21:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-09-06 20:50 . 2001-08-17 21:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-09-06 20:50 . 2001-08-17 11:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-09-06 20:50 . 2004-08-04 04:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-09-06 20:49 . 2004-08-04 04:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-09-06 20:49 . 2008-04-13 23:12 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2010-09-06 20:49 . 2008-04-13 17:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-09-06 20:47 . 2001-08-17 12:28 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2010-09-06 20:46 . 2001-08-17 12:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2010-09-06 20:45 . 2001-08-17 12:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2010-09-06 20:44 . 2001-08-17 11:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2010-09-06 20:43 . 2002-08-28 20:59 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys
2010-09-06 20:42 . 2008-04-13 17:45 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys
2010-09-06 20:41 . 2008-04-13 17:40 79104 -c--a-w- c:\windows\system32\dllcache\rocket.sys
2010-09-06 20:40 . 2001-08-17 21:36 35328 -c--a-w- c:\windows\system32\dllcache\psisload.dll
2010-09-06 20:39 . 2001-08-17 21:36 44544 -c--a-w- c:\windows\system32\dllcache\ovui2.dll
2010-09-06 20:38 . 2001-08-17 12:53 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-09-06 20:37 . 2008-04-13 17:46 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2010-09-06 20:37 . 2001-08-17 12:48 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2010-09-06 20:37 . 2001-08-17 13:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2010-09-06 20:37 . 2008-04-13 17:54 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2010-09-06 20:37 . 2001-08-17 13:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2010-09-06 20:37 . 2001-08-17 12:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2010-09-06 20:37 . 2008-04-13 17:46 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2010-09-06 20:36 . 2001-08-17 12:52 17280 -c--a-w- c:\windows\system32\dllcache\mraid35x.sys
2010-09-06 20:36 . 2008-04-13 17:46 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2010-09-06 20:36 . 2001-08-17 12:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-09-06 20:36 . 2001-08-17 12:52 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2010-09-06 20:36 . 2001-08-17 11:50 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2010-09-06 20:36 . 2001-08-17 13:56 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
2010-09-06 20:36 . 2008-04-13 17:41 26112 -c--a-w- c:\windows\system32\dllcache\memstpci.sys
2010-09-06 20:36 . 2001-08-17 21:36 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2010-09-06 20:36 . 2001-08-17 12:58 8320 -c--a-w- c:\windows\system32\dllcache\memcard.sys
2010-09-06 20:36 . 2001-08-17 11:12 164586 -c--a-w- c:\windows\system32\dllcache\mdgndis5.sys
2010-09-06 20:34 . 2008-04-13 23:11 253952 -c--a-w- c:\windows\system32\dllcache\kdsusd.dll
2010-09-06 20:34 . 2008-04-13 23:11 48640 -c--a-w- c:\windows\system32\dllcache\kdsui.dll
2010-09-06 20:34 . 2001-08-17 21:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2010-09-06 20:34 . 2001-08-17 21:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2010-09-06 20:34 . 2008-04-13 17:39 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-09-06 20:32 . 2001-08-17 21:36 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll
2010-09-06 20:31 . 2004-08-04 04:29 161020 -c--a-w- c:\windows\system32\dllcache\i81xnt5.sys
2010-09-06 20:30 . 2001-08-17 12:28 907456 -c--a-w- c:\windows\system32\dllcache\hcf_msft.sys
2010-09-06 20:29 . 2001-08-17 11:10 22090 -c--a-w- c:\windows\system32\dllcache\fem556n5.sys
2010-09-06 20:28 . 2001-08-17 11:12 19594 -c--a-w- c:\windows\system32\dllcache\e100isa4.sys
2010-09-06 20:27 . 2001-08-17 11:13 91305 -c--a-w- c:\windows\system32\dllcache\dimaint.sys
2010-09-06 20:26 . 2001-08-17 11:19 6912 -c--a-w- c:\windows\system32\dllcache\ctlfacem.sys
2010-09-06 20:25 . 2008-04-13 17:40 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-09-06 20:24 . 2001-08-17 12:51 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-09-06 20:23 . 2001-08-17 21:36 102400 -c--a-w- c:\windows\system32\dllcache\binlsvc.dll
2010-09-06 20:23 . 2008-04-13 17:46 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2010-09-06 20:23 . 2001-08-17 12:28 871388 -c--a-w- c:\windows\system32\dllcache\bcmdm.sys
2010-09-06 20:23 . 2001-08-17 11:11 26568 -c--a-w- c:\windows\system32\dllcache\bcm4e5.sys
2010-09-06 20:23 . 2001-08-17 11:11 66557 -c--a-w- c:\windows\system32\dllcache\bcm42u.sys
2010-09-06 20:23 . 2001-08-17 11:11 54271 -c--a-w- c:\windows\system32\dllcache\bcm42xx5.sys
2010-09-06 20:21 . 2001-08-17 12:47 6272 -c--a-w- c:\windows\system32\dllcache\apmbatt.sys
2010-09-06 20:20 . 2001-08-17 13:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-09-06 18:05 . 2010-09-06 18:05 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2010-09-06 17:49 . 2010-09-06 18:13 139775 ----a-w- c:\windows\hpoins15.dat
2010-09-06 17:49 . 2007-06-05 23:04 1039 ------w- c:\windows\hpomdl15.dat
2010-09-06 16:22 . 2010-09-06 16:22 -------- d-----w- c:\program files\Hewlett-Packard
2010-08-25 12:27 . 2010-08-25 12:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-15 19:50 . 2010-02-17 20:57 -------- d-----w- c:\documents and settings\john\Application Data\Skype
2010-09-15 17:06 . 2008-03-15 20:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Kontiki
2010-09-15 16:09 . 2010-02-17 21:02 -------- d-----w- c:\documents and settings\john\Application Data\skypePM
2010-09-13 21:45 . 2008-06-14 12:15 0 ----a-w- c:\documents and settings\john\Local Settings\Application Data\prvlcl.dat
2010-09-13 21:45 . 2008-12-07 13:19 0 ----a-w- c:\documents and settings\Guest\Local Settings\Application Data\prvlcl.dat
2010-09-09 16:06 . 2009-08-03 19:23 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-08 19:30 . 2010-09-08 19:30 53980 ----a-w- c:\program files\Extras.Txt
2010-09-08 19:30 . 2010-09-08 19:30 188632 ----a-w- c:\program files\OTL.Txt
2010-09-06 18:05 . 2005-12-17 15:22 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2010-08-06 21:36 . 2010-08-06 21:36 503808 ----a-w- c:\documents and settings\john\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1b21d3cf-n\msvcp71.dll
2010-08-06 21:36 . 2010-08-06 21:36 499712 ----a-w- c:\documents and settings\john\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1b21d3cf-n\jmc.dll
2010-08-06 21:36 . 2010-08-06 21:36 348160 ----a-w- c:\documents and settings\john\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1b21d3cf-n\msvcr71.dll
2010-08-06 21:36 . 2010-08-06 21:36 61440 ----a-w- c:\documents and settings\john\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-457fafdf-n\decora-sse.dll
2010-08-06 21:36 . 2010-08-06 21:36 12800 ----a-w- c:\documents and settings\john\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-457fafdf-n\decora-d3d.dll
2010-07-24 13:06 . 2010-07-24 13:06 73728 ----a-w- c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMR\16072\ncqo.exe
2010-07-24 13:06 . 2010-07-24 13:06 417792 ----a-w- c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMR\16072\RapportMR.dll
2010-07-15 10:40 . 2010-07-02 20:30 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-15 10:39 . 2010-07-15 10:39 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-15 10:39 . 2010-07-15 10:39 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe
2010-07-15 10:39 . 2010-07-15 10:39 84054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
2010-07-15 10:39 . 2010-07-15 10:39 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
2010-07-15 10:38 . 2010-07-02 20:30 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
2010-07-15 10:37 . 2010-07-02 20:30 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
2010-07-02 20:52 . 2010-07-02 20:52 35938 ----a-w- c:\windows\system32\unins000.dat
2010-07-02 20:52 . 2010-07-02 20:52 707682 ----a-w- c:\windows\system32\unins000.exe
2010-07-02 20:30 . 2010-07-02 20:30 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-07-02 20:30 . 2010-07-02 20:30 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
2010-07-02 20:29 . 2010-07-02 20:29 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
2010-07-02 20:29 . 2010-07-02 20:29 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
2010-07-02 20:29 . 2010-07-02 20:29 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
2010-07-02 20:29 . 2010-07-02 20:29 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-07-02 20:29 . 2010-07-02 20:29 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
2010-07-02 20:28 . 2010-07-02 20:28 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
2010-07-02 20:28 . 2010-07-02 20:28 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
2010-07-02 20:28 . 2010-07-02 20:28 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
2010-07-02 20:28 . 2010-07-02 20:28 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-07-02 20:28 . 2010-07-02 20:28 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-07-02 20:28 . 2010-07-02 20:28 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-07-02 20:28 . 2010-07-02 20:28 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-07-02 14:36 . 2010-06-18 14:36 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-01 11:07 . 2010-07-01 11:07 434176 ----a-w- c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\17053\RapportMS.dll
2010-06-30 12:31 . 2003-07-16 16:37 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 20:47 . 2010-06-28 20:47 61440 ----a-w- c:\documents and settings\Guest\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6f19a64e-n\decora-sse.dll
2010-06-28 20:47 . 2010-06-28 20:47 503808 ----a-w- c:\documents and settings\Guest\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3962be04-n\msvcp71.dll
2010-06-28 20:47 . 2010-06-28 20:47 12800 ----a-w- c:\documents and settings\Guest\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6f19a64e-n\decora-d3d.dll
2010-06-28 20:47 . 2010-06-28 20:47 499712 ----a-w- c:\documents and settings\Guest\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3962be04-n\jmc.dll
2010-06-28 20:47 . 2010-06-28 20:47 348160 ----a-w- c:\documents and settings\Guest\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3962be04-n\msvcr71.dll
2010-06-24 12:15 . 2005-06-17 22:49 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15 . 2004-08-04 07:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15 . 2003-07-16 16:20 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-23 13:44 . 2003-07-16 16:45 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 05:05 . 2010-06-23 05:05 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb502.tmp.exe
2010-06-21 15:27 . 2003-07-16 16:40 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2009-03-10 20:04 . 2009-03-10 19:58 5238880 ----a-w- c:\program files\MP3Rocket-Win.exe
2008-06-18 20:22 . 2008-06-18 20:21 7927552 ----a-w- c:\program files\aceftp3free.exe
2008-06-04 17:03 . 2008-06-04 17:02 47787248 ----a-w- c:\program files\avg_free_stf_en_8_100a1295.exe
2006-09-17 17:38 . 2006-09-17 17:38 2842 ----a-w- c:\program files\installtgz.zip
2006-09-17 17:37 . 2006-09-17 17:37 484992 ----a-w- c:\program files\agoracgi.tar
2006-01-08 20:25 . 2006-01-08 20:25 982990 ----a-w- c:\program files\FreecorderSetup.exe
2005-10-07 10:26 . 2005-10-07 10:26 353298 ----a-w- c:\program files\LimeWireWin.exe
2005-09-14 13:56 . 2005-09-14 13:56 1713436 ----a-w- c:\program files\LX32W32.exe
2005-09-13 07:51 . 2005-09-13 07:51 2855080 ----a-w- c:\program files\aawsepersonal.exe
2005-09-09 14:34 . 2005-09-09 14:34 20798256 ----a-w- c:\program files\AdbeRdr70_enu_full.exe
2005-09-09 06:05 . 2005-09-09 06:05 11802144 ----a-w- c:\program files\RealPlayer10-5GOLD.exe
1997-07-22 17:48 . 2006-11-07 20:42 2536883 ----a-w- c:\program files\LANZA.TBK
1997-04-14 13:26 . 2006-11-07 20:42 89952 ----a-w- c:\program files\TOOLS.SBK
1997-04-14 13:26 . 2006-11-07 20:42 27282 ----a-w- c:\program files\TB40MM.SBK
1997-04-14 13:26 . 2006-11-07 20:42 76950 ----a-w- c:\program files\SYSVIDEO.SBK
1997-04-14 13:26 . 2006-11-07 20:42 70392 ----a-w- c:\program files\SYSAUDIO.SBK
1997-04-14 13:26 . 2006-11-07 20:42 578564 ----a-w- c:\program files\SISTEMA.SBK
1997-04-14 13:26 . 2006-11-07 20:42 2935561 ----a-w- c:\program files\VIDEO.TBK
1997-04-14 13:25 . 2006-11-07 20:42 1955605 ----a-w- c:\program files\EDM.TBK
1997-04-14 13:24 . 2006-11-07 20:42 92903 ----a-w- c:\program files\BLOC.TBK
2008-05-08 11:24 . 2003-07-16 16:46 155648 --sha-r- c:\windows\system32\wscript.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kdx"="c:\program files\Kontiki\KHost.exe" [2008-02-27 1032376]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-05-08 81920]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-04-06 26102056]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-17 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2006-10-30 256576]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-03-15 122933]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"MMTray"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2001-11-30 90112]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-06-29 286720]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"nwiz"="nwiz.exe" [2005-12-10 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-12-10 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-21 202256]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-10 7311360]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-02-03 430080]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-10-10 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
HOTSYNCSHORTCUTNAME.lnk - c:\program files\Palm\Hotsync.exe [2004-6-9 471040]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Image Transfer.lnk - c:\program files\Sony Corporation\Image Transfer\SonyTray.exe [2005-9-13 73728]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
RealDownload.lnk - c:\program files\Real\RealDownload\Realdownload.exe [2005-9-9 20516]

[HKLM\~\startupfolder\C:^Documents and Settings^john^Start Menu^Programs^Startup^Palm Registration.lnk]
path=c:\documents and settings\john\Start Menu\Programs\Startup\Palm Registration.lnk
backup=c:\windows\pss\Palm Registration.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Dataceptor\\websvr.exe"=
"c:\\Program Files\\Apache Group\\Apache\\Apache.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Kontiki\\KService.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\XP Codec Pack\\filters\\ac3config.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13/09/2010 22:48 165584]
R1 RapportBuka;RapportBuka;c:\windows\system32\drivers\RapportBuka.sys [27/02/2010 18:49 390528]
R1 RapportKELL;RapportKELL;c:\program files\Trusteer\Rapport\bin\RapportKELL.sys [01/07/2010 12:07 59240]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [01/07/2010 12:07 166632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13/09/2010 22:48 17744]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [01/07/2010 12:07 840936]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [17/02/2010 21:57 135664]
S2 kazoo;Kazoo.sys PDIUSBD12 Bulk IO test driver;c:\windows\system32\drivers\Kazoo.sys [17/06/2007 15:50 113828]
S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]
S3 ComFiltr;Panda Anti-Dialer;\??\c:\windows\system32\DRIVERS\COMFiltr.sys --> c:\windows\system32\DRIVERS\COMFiltr.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 20:57]

2010-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 20:57]

2010-09-15 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 15:07]

2010-08-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-616249376-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 22:09]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.bbc.co.uk/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download Link Using Mega Manager...
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Name-Space Handler: ftp\RealDownload - {EBCDDA5E-2A68-11D3-8A43-0060083CFB9C} - c:\windows\system32\nzdd.dll
Name-Space Handler: http\RealDownload - {EBCDDA5E-2A68-11D3-8A43-0060083CFB9C} - c:\windows\system32\nzdd.dll
.
- - - - ORPHANS REMOVED - - - -

BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{A057A204-BACC-4D26-8287-79A187E26987} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-PayPal Shopping Cart - c:\program files\UninstallerData\Uninstall paypal.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-15 20:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\mysql\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\mysql\MySQL Server 5.0\my.ini\" MySQL"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-09-15 20:53:19
ComboFix-quarantined-files.txt 2010-09-15 19:53

Pre-Run: 25,977,991,168 bytes free
Post-Run: 26,067,132,416 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 4199BFF44E000E68F4BF5F2AF3FE02A1

#7
MariaCristina

Posted 15 September 2010 - 09:31 PM

Visiting Staff

Visiting Consultant
277 posts

Hello, johnnyHip

Unfortunately, you pasted the old OTL.txt, and this is not the one I expected to see.

Please, refer to STEP 3 above:
[quote name='MariaCristina]This log would be saved in C:\_OTL\MovedFiles folder' date=' named as date_time.log.[/quote']

This is the one I would like to see.

Please, copy and paste it in your next reply.

#8
johnnyHip

Posted 16 September 2010 - 11:43 AM

New Member

Topic Starter
Member
6 posts

Hi maria

I think this is the version of the log file you want.

Thanks

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Install5G deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RFX_auto_upgrade deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwtsn32.exe\ deleted successfully.
Item C:\WINDOWS\System32\wscript.exe is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe\ deleted successfully.
Item C:\WINDOWS\System32\wscript.exe is whitelisted and cannot be moved.
C:\Documents and Settings\john\Local Settings\Application Data\RRGvg moved successfully.
C:\Documents and Settings\All Users\Application Data\RRGvg moved successfully.
C:\Documents and Settings\john\Local Settings\Application Data\ISo1D077l moved successfully.
C:\Documents and Settings\All Users\Application Data\ISo1D077l moved successfully.
C:\Documents and Settings\john\Local Settings\Application Data\d0i4 moved successfully.
C:\Documents and Settings\All Users\Application Data\d0i4 moved successfully.
C:\WINDOWS\dirsaver.ini moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\secfile\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.vbs\\@|"VBSFile" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Edit\Command\\@|hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,4e,6f,74,65,70,61,64,2e,65,78,65,20,25,31,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBSFile\Shell\Print\Command\\@|hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,4e,6f,74,65,70,61,64,2e,65,78,65,20,2f,70,20,25,31,00 /E : value set successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: john
->Temp folder emptied: 3103588 bytes
->Temporary Internet Files folder emptied: 191481187 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1980 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1597845 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 225 bytes

Total Files Cleaned = 187.00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: john
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.11.0 log created on 09132010_221640

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\john\Local Settings\Temp\~DF632B.tmp not found!
File\Folder C:\Documents and Settings\john\Local Settings\Temp\~DF633A.tmp not found!
C:\Documents and Settings\john\Local Settings\Temp\~DFAEF1.tmp moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\XSWQR903\286120-regeditsys-missing-or-hidden-taskmanager-not-working[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\XSWQR903\room[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\XSWQR903\sydds[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\XSWQR903\xd_proxy[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\RLVDLG06\page__gopid__1900482[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\RLVDLG06\search[2].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\RLVDLG06\xd_proxy[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\MF6PT8ES\dxserver[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\MF6PT8ES\timeout[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\MF6PT8ES\u1=cp;u3=en;u2=sydds;u5=NA;u4=09-13-10;u7=implicit;u6=NA;u9=NA;u8=99601961;u18=574744;u19=574756;u20=574758;u21=574773;u22=574774;u23=582836;ord=5777787230619[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\434Y98QI\availability[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\434Y98QI\int[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\434Y98QI\like[1].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\Content.IE5\434Y98QI\like[2].htm moved successfully.
C:\Documents and Settings\john\Local Settings\Temporary Internet Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.

Registry entries deleted on Reboot...

#9
MariaCristina

Posted 21 September 2010 - 01:42 AM

Visiting Staff

Visiting Consultant
277 posts

Hello, johnnyHip.

My apologies about my delay. My little girl was a little sickly this weekend.

Is Task Manager working fine after those steps?

Please, download Kaspersky AVP Tool from one of these two links:
http://devbuilds.kas...builds/AVPTool/
http://dnl-us6.kaspe...builds/AVPTool/

Save it in your desktop.

Double-click the file and follow the prompts. Once it finish, open the folder Virus Removal Tool. It will be created in the same directory where you saved the setup file.

To run the tool, just double-click its shortcut Posted Image

Make sure these options are checked:

Computer
Local Disk (C:)

Also mark all the disks/removable drives that would/will appear under Local Disk, if exist.

Hit the Start button to begin the scan.

Be patient, it will take a while.

When the scan is complete, if it finds something it will ask you what to do. Click in Skip (we only want the log).

Note: Maybe you may have to click in Skip several times if the tool finds multiple files, so be patient. You may want to mark the checkbox "Apply to all objects", when you click in the "skip" option.

Obs: Maybe you may have to click in Skip several times if the tool finds multiple files, so be patient.

While running the scan, the button Scan will change to a red icon.

When the scan is complete, the button will change back to a green icon.

Click in Report button.

Then click the plus sign + next the last Autoscan from the list (the most recent), to expand it:

Posted Image

Click one time in Task Started to select it, hold the shift key and click in Task Completed to select this range.

Right-click in this selection, then click in Copy

Open Notepad, then go to menu Edit > paste

Name it as log.txt and save it in your desktop.

Copy all its contents and paste in your next reply.

After that, if you want to uninstall the tool:

Close all open windows and save all that you want.
Go to the folder Virus Removal Tool and run the file unins000.exe
Follow the prompts.

Your computer will be rebooted.

Let me know how your machine is running now.

#10
johnnyHip

Posted 23 September 2010 - 01:37 PM

New Member

Topic Starter
Member
6 posts

Maria
Hi there
I do hope all is well.
below is the result of the kaspersky virus removal tool. But not the OK events which is too big to copy.
My task manager is working again thanks

best regards
johnnyHip(a new hip)

Autoscan: completed 14875 days ago (events: 365874, objects: 364855, time: 03:45:41)
Result: OK (events: 360871)
Result: Archive (events: 3446)
Result: Packed (events: 1477)
Result: Not processed (events: 2)
22/09/2010 18:40:03 C:\pagefile.sys Object is locked
22/09/2010 21:03:55 C:\pagefile.sys Object is locked
Result: Password protected (events: 76)
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/Ad-Aware SE Default.skn
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/arrow1.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/arrow2.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bck1.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt11.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt12.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt13.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt21.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt22.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt23.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt31.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt32.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt33.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt41.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt42.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt43.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt51.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt52.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt53.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt61.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt62.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/checkbox1.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/checkbox2.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/checkbox3.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/checkbox4.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/defbtn1.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/defbtn2.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/defbtn3.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph1.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph2.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph3.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph4.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph5.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph6.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph7.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/main.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/preview.bmp
22/09/2010 20:17:33 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/sprite1.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/Ad-Aware SE Default.skn
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/arrow1.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/arrow2.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bck1.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt11.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt12.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt13.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt21.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt22.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt23.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt31.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt32.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt33.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt41.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt42.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt43.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt51.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt52.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt53.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt61.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/bt62.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/checkbox1.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/checkbox2.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/checkbox3.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/checkbox4.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/defbtn1.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/defbtn2.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/defbtn3.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph1.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph2.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph3.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph4.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph5.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph6.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/glyph7.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/main.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/preview.bmp
22/09/2010 21:16:09 C:\Program Files\aawsepersonal.exe/WISE0020.BIN/sprite1.bmp
Result: Task started (events: 1)
22/09/2010 18:39:41
Result: Task completed (events: 1)
22/09/2010 22:25:23

#11
MariaCristina

Posted 24 September 2010 - 08:07 PM

Visiting Staff

Visiting Consultant
277 posts

Hello, johnnyHip

Your log looks clean!

Temporally disable your antivirus protection.
Go to Start Menu > Run and type this line in bold bellow (or copy and paste it):

Combofix /uninstall

Once Combofix is successfully removed from your computer, re-enable your antivirus protection.

Run OTL.exe and click on Cleanup button.
You will be prompted to restart your computer. Allow it.

Now that your log looks clean, I have included bellow a number of recommendations regarding maintenance, in order to get your system running fine, and how to protect your computer against malware infections.

Maintenance
When you delete a file or uninstall a program, Windows frees the space it was occupying for new recordings. And when the operation is performed multiple times, your HD gets many empty spaces in the middle of occupied spaces.

In order to save a file, Windows puts in the first free space it finds. But often the new file does not fit in that space first found. In these cases, Windows records a part of the new file and looking for another space to save the rest of the file.

Thus, the new file or program is divided into several parts separated from each other: it is "fragmented". Consequence: when you have to open that file or program, Windows has to go from one place to another in search of hard disk from various parts, which makes opening the file slower.

Therefore, from time to time you need a disk defragmenter. Windows has a built-in defragmenter, but I suggest Puran Disc Defragmenter.

Just download it, install it and run it.

TFC - Temp File Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.

Security

Keep Windows updated by regularly checking their website at :
http://windowsupdate.microsoft.com/
This will ensure your computer has always the latest security updates available installed on your computer.
Malwarebytes' Anti-Malware - In its commercial version it offers realtime protection from spyware and trojans installation attempts and block access to known malicious IPs. In its free version, it has no real time protection, but you are allowed to manually update it and run a scan. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.
Make Internet Explorer more secure
- Click Start > Run
- Type Inetcpl.cpl & click OK
- Click on the Security tab
- Click Reset all zones to default level
- Make sure the Internet Zone is selected & Click Custom level
- In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
- Next Click OK, then Apply button and then OK to exit the Internet Properties page.
Update the Java.
Old Java versions have vulnerability what some malwares can use to infect your system.
- Download the last Java Runtime Environment (JRE) 6u21 version.
- Look for "Java Runtime Environment (JRE) 6update21".
- Click in the button Download JRE.
- Mark the option Accept License Agreement.
- The page will be refresh.
- Click in the link to download Windows Offline Installation, Multi-language jre-6u21-windows-i586.exe and save at your desktop.
- Close any open windows and programs (browsers mainly).
- Go to Control Panel > Add/Remove Programs and uninstall all the old Java versions.
  Old versions exemples:
  Java 2 Runtime Environment, SE v1.4.2
  J2SE Runtime Environment 5.0
  J2SE Runtime Environment 5.0 Update 6
- Select any item with the name "Java Runtime Environment (JRE ou J2SE)".
- Click in the button Remove or Change/Remove.
- Repeat it as many times as you need to remove each old Java version.
- When all the Java versions were removed, restart you computer.
- Now, go to your desktop, and run jre-6u21-windows-i586-p.exe to install the latest version.
Click here to update the Adobe Reader.
Old versions have vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.
Criminals constantly exploits flaws in popular programs, in order to redirect such program to execute some malicious file. Therefore it is imperative to keep ALL your programs always updated, especially the browser's components, such as Java, Flash and Shockwave player, pdf reader, media players's extensions and so on.
Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

For a tutorial on Firewalls and a listing of some available ones see the link below:

Understanding and Using Firewalls
I highly recommend these FireFox add-ons to keep your PC even more secure.
- NoScript - for blocking ads and other potential website attacks
- McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling
Take a good look at the following suggestions for malware prevention by reading Tony Klein’s article 'How Did I Get Infected In The First Place'
Here
Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
Worms USB: This kind of malware exploits a built-in Windows feature, called Autoplay (when you plug or insert some media in your CD drive or USB, it asks you what do you want to do). The Autoplay feature needs a file called autorun.inf to work. There are two procedures you can perform to reduce the risk of having your system infected:

Disable the Autoplay feature:
http://go.microsoft....?linkid=9741395

Keep a clean and protected autorun.inf file on all removable media and system partitions. This way, in case you plug your flash drive in some infected machine, the worm will not be able to override the pre-existent file. But it will be able to write a copy of its others malicious files, as .exe, .scr, .cmd, .pif. If you plug this flash drive in a clean machine and run some of such malicious file, that system will be infected as well. Be careful!

For Windows XP:

Download Flash_Disinfector.exe by sUBs and save it into your desktop.
- Insert all your removable devices in USBs (such as memory sticks from cell phones and cameras and flash drives). Save what you need, EXCEPT executable files, such as .exe, .pif, .cmd, .bat, .scr, .com, then format the removable devices, by My Computer window then right-click on desired drive icon and choose "Format" option.
- Double-click in Flash_Disinfector.exe.
- Follow the prompts.
- When its scan is complete, close the tool and unplug the removable devices.
For Windows Vista and 7:
http://research.pand...utorun-vaccine/
Again: Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

Thank you for your patience, and performing all of the procedures requested.

#12
johnnyHip

Posted 29 September 2010 - 12:16 PM

New Member

Topic Starter
Member
6 posts

Maria
I have completed the cleaning up of my computer with your instructions and support.Thank you for your help.
I now have a better idea and a web site to view that offers excellent advice.
regards JohnnyHip