I sent my email to you. Look your PM box.PM me your email addy and I'll send it to you or use YouSendit.com to get it to you.
Send me the file.
Edited by WhiteHat, 21 June 2012 - 12:13 PM.
Help with Win32/Olmarik.TDL4 trojan
Started by
KillThem
, Jun 18 2012 09:52 AM
#16
Posted 21 June 2012 - 11:51 AM
WhiteHat
-
- Retired Staff
-
- 1,925 posts
Trusted Helper
Send me the file.
#18
Posted 21 June 2012 - 04:26 PM
WhiteHat
-
- Retired Staff
-
- 1,925 posts
Trusted Helper
Email received.
I will submit my proposal fix and she must be approved first before I post here.
I will submit my proposal fix and she must be approved first before I post here.
#20
Posted 22 June 2012 - 12:16 PM
WhiteHat
-
- Retired Staff
-
- 1,925 posts
Trusted Helper
Hi KillThem,
Your computer have a hidden partition created by the TDL4 infection and we need to delete it.
Please, read all the instructions first.
# Step 1 #
Create a Windows 7 System Repair Disc
Note: the below can only be done if your machine has a a type of CD/R or DVD/R optical drive installed. Also depending on the exact type of OEM your machine has you may be unable to actually create a SRD.
For the next step, You will need a CD or an USB stick to burn a tool called GParted.
1. Preferably from a clean computer, please download the following: GParted Live
When you have the .ISO file downloaded, you need to create a bootable disk or flash drive with it, using a clean PC to do that. The .ISO file is a disk image. It should NOT be burned as a regular file. You need a program like BurnAware Free or ImgBurn that can burn an .ISO image. I think a CD is best as there is no way anything can write on it after it is made, but the USB may be more convenient and easier.
2. Now, please boot off of the newly created GParted CD. See How to Set BIOS to Boot from CDROM for information on how to boot from the CD.
You should arrive to the following screen:
Press the ENTER key
By default, "do not touch keymap" is highlighted. Leave this setting alone and press the ENTER key.
Next, choose your language and press the ENTER key. English is the default setting [33]
Once again, at this prompt, press the ENTER key.
You will now be taken to the main GUI screen below
According to your logs, the partition that you want to delete have 10 MB
Please select the partition of that size. Click the trash can icon to delete that partition, and then click Apply.
You should now be here confirming your actions:
After clicking Accept, you should be at the following screen:
Under "Flags", Right-click the 140.83 GB while in GParted and select Manage Flags
In the menu that pops up, place a check mark in boot like the picture below:
Now double-click the
button.
You should receive a small pop up like this:
Choose reboot and then press OK.
Your computer have a hidden partition created by the TDL4 infection and we need to delete it.
Please, read all the instructions first.
# Step 1 #
Create a Windows 7 System Repair Disc
Note: the below can only be done if your machine has a a type of CD/R or DVD/R optical drive installed. Also depending on the exact type of OEM your machine has you may be unable to actually create a SRD.
- Click on Start(Windows 7 Orb) >> Run...(or the Windows key and R together) to bring up the Run box, then copy/paste the following command into the box and click on OK:
recdisc.exe
- Allow the UAC(User Account Control) prompt via selecting Yes.
- You should now see a menu like the below:-
- Put a blank rewritable CD/DVD in your optical(CD/DVD) drive and then click on Create disc.
- Note: If a AutoPlay window pops up, just close it.
- When the SRD has been created you will see the below:-
- Now click on Close >> OK. Leave the disc in the drive as we will be using it shortly.
- You now have a Windows 7 System Repair Disc.
For the next step, You will need a CD or an USB stick to burn a tool called GParted.
1. Preferably from a clean computer, please download the following: GParted Live
When you have the .ISO file downloaded, you need to create a bootable disk or flash drive with it, using a clean PC to do that. The .ISO file is a disk image. It should NOT be burned as a regular file. You need a program like BurnAware Free or ImgBurn that can burn an .ISO image. I think a CD is best as there is no way anything can write on it after it is made, but the USB may be more convenient and easier.
2. Now, please boot off of the newly created GParted CD. See How to Set BIOS to Boot from CDROM for information on how to boot from the CD.
You should arrive to the following screen:
Press the ENTER key
By default, "do not touch keymap" is highlighted. Leave this setting alone and press the ENTER key.
Next, choose your language and press the ENTER key. English is the default setting [33]
Once again, at this prompt, press the ENTER key.
You will now be taken to the main GUI screen below
According to your logs, the partition that you want to delete have 10 MB
Please select the partition of that size. Click the trash can icon to delete that partition, and then click Apply.
You should now be here confirming your actions:
After clicking Accept, you should be at the following screen:
Under "Flags", Right-click the 140.83 GB while in GParted and select Manage Flags
In the menu that pops up, place a check mark in boot like the picture below:
Now double-click the
button.You should receive a small pop up like this:
Choose reboot and then press OK.
Edited by WhiteHat, 22 June 2012 - 12:17 PM.
#21
Posted 22 June 2012 - 01:45 PM
KillThem
- Topic Starter
-
- Member
-
- 20 posts
Member
Can the system repair disk be made from another PC?
#22
Posted 22 June 2012 - 03:00 PM
KillThem
- Topic Starter
-
- Member
-
- 20 posts
Member
Ok...I created a system repair disk from another PC (hopefully that will work) and I did the gpart as instructed above....now what?
#23
Posted 23 June 2012 - 11:14 AM
WhiteHat
-
- Retired Staff
-
- 1,925 posts
Trusted Helper
I will use another tool to see if the MBR is still infected.Ok...I created a system repair disk from another PC (hopefully that will work) and I did the gpart as instructed above....now what?
Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
#24
Posted 23 June 2012 - 11:37 AM
KillThem
- Topic Starter
-
- Member
-
- 20 posts
Member
I can't do this yet as my system won't boot yet. What am I supposed to do with the SYSTEM REPAIR DISK?
#25
Posted 24 June 2012 - 12:32 PM
WhiteHat
-
- Retired Staff
-
- 1,925 posts
Trusted Helper
The other computer is running Windows 7 32 bits? Because this will only work if the both computers are running the same OS.Ok...I created a system repair disk from another PC (hopefully that will work) and I did the gpart as instructed above....now what?
Insert the Windows Repair disc in the computer and boot from the CD.
See How to Set BIOS to Boot from CDROM for information on how to boot from the CD.
When you reboot you will see something like this. Click repair my computer
Select your operating system
Select Command prompt
At the command prompt type the following
- Bootrec.exe /FixMbr
- Bootrec.exe /Fixboot
Once finished type Exit
Reboot to normal windows and run aswMBR
#26
Posted 24 June 2012 - 02:31 PM
admin
-
- Community Leader
-
- 24,639 posts
Founder Geek
Pardon the interruption... Just want to let you know that I added .dat and .rar to the approved upload MIME types. Or in other words, there will be no more errors when trying to upload.
#27
Posted 24 June 2012 - 06:26 PM
KillThem
- Topic Starter
-
- Member
-
- 20 posts
Member
Pardon the interruption... Just want to let you know that I added .dat and .rar to the approved upload MIME types. Or in other words, there will be no more errors when trying to upload.
Thank you Sir!
#28
Posted 24 June 2012 - 06:29 PM
KillThem
- Topic Starter
-
- Member
-
- 20 posts
Member
aswMBR Log:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-24 18:35:18
-----------------------------
18:35:18.695 OS Version: Windows 6.1.7601 Service Pack 1
18:35:18.695 Number of processors: 2 586 0x170A
18:35:18.696 ComputerName: ELENAPC UserName:
18:36:09.315 Initialize success
18:37:17.350 AVAST engine defs: 12062401
18:37:31.425 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:37:31.428 Disk 0 Vendor: ST916041 0003 Size: 152627MB BusType: 3
18:37:32.129 Disk 0 MBR read successfully
18:37:32.135 Disk 0 MBR scan
18:37:32.150 Disk 0 Windows 7 default MBR code
18:37:32.154 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 86 MB offset 63
18:37:32.184 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8318 MB offset 178176
18:37:32.223 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 144212 MB offset 17213440
18:37:32.326 Disk 0 scanning sectors +312561328
18:37:32.456 Disk 0 scanning C:\Windows\system32\drivers
18:38:06.522 Service scanning
18:38:45.050 Modules scanning
18:39:01.950 Disk 0 trace - called modules:
18:39:01.980 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll dxgkrnl.sys igdkmd32.sys dxgmms1.sys
18:39:01.985 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87038aa0]
18:39:01.990 3 CLASSPNP.SYS[8ccde59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x861f1028]
18:39:07.373 AVAST engine scan C:\Windows
18:39:12.539 AVAST engine scan C:\Windows\system32
18:44:24.817 AVAST engine scan C:\Windows\system32\drivers
18:44:44.382 AVAST engine scan C:\Users\Bill Goodwin
18:52:43.339 File: C:\Users\Bill Goodwin\AppData\Local\Temp\purzidphwppqlaviqmd.exe **INFECTED** Win32:Malware-gen
19:24:48.132 AVAST engine scan C:\ProgramData
19:31:22.272 Scan finished successfully
20:27:47.465 Disk 0 MBR has been saved successfully to "C:\Users\Bill Goodwin\Desktop\MBR.dat"
20:27:47.472 The log file has been saved successfully to "C:\Users\Bill Goodwin\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-24 18:35:18
-----------------------------
18:35:18.695 OS Version: Windows 6.1.7601 Service Pack 1
18:35:18.695 Number of processors: 2 586 0x170A
18:35:18.696 ComputerName: ELENAPC UserName:
18:36:09.315 Initialize success
18:37:17.350 AVAST engine defs: 12062401
18:37:31.425 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:37:31.428 Disk 0 Vendor: ST916041 0003 Size: 152627MB BusType: 3
18:37:32.129 Disk 0 MBR read successfully
18:37:32.135 Disk 0 MBR scan
18:37:32.150 Disk 0 Windows 7 default MBR code
18:37:32.154 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 86 MB offset 63
18:37:32.184 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8318 MB offset 178176
18:37:32.223 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 144212 MB offset 17213440
18:37:32.326 Disk 0 scanning sectors +312561328
18:37:32.456 Disk 0 scanning C:\Windows\system32\drivers
18:38:06.522 Service scanning
18:38:45.050 Modules scanning
18:39:01.950 Disk 0 trace - called modules:
18:39:01.980 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll dxgkrnl.sys igdkmd32.sys dxgmms1.sys
18:39:01.985 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87038aa0]
18:39:01.990 3 CLASSPNP.SYS[8ccde59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x861f1028]
18:39:07.373 AVAST engine scan C:\Windows
18:39:12.539 AVAST engine scan C:\Windows\system32
18:44:24.817 AVAST engine scan C:\Windows\system32\drivers
18:44:44.382 AVAST engine scan C:\Users\Bill Goodwin
18:52:43.339 File: C:\Users\Bill Goodwin\AppData\Local\Temp\purzidphwppqlaviqmd.exe **INFECTED** Win32:Malware-gen
19:24:48.132 AVAST engine scan C:\ProgramData
19:31:22.272 Scan finished successfully
20:27:47.465 Disk 0 MBR has been saved successfully to "C:\Users\Bill Goodwin\Desktop\MBR.dat"
20:27:47.472 The log file has been saved successfully to "C:\Users\Bill Goodwin\Desktop\aswMBR.txt"
#29
Posted 25 June 2012 - 09:35 AM
WhiteHat
-
- Retired Staff
-
- 1,925 posts
Trusted Helper
Hi KillThem,
# Step 1 #
Download TFC to your desktop
# Step 2 #
Please download Farbar Service Scanner and run it on the computer.
# Step 1 #
Download TFC to your desktop
- Open the file and close any other windows.
- It will close all programs itself when run, make sure to let it run uninterrupted.
- Click the Start button to begin the process. The program should not take long to finish its job
- Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
# Step 2 #
- Run the OTL.exe. Make sure all other windows are closed and to let it run uninterrupted.
- Select All Users
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open one notepad windows contains OTL.Txt. This is saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of this file and post him in your topic
Please download Farbar Service Scanner and run it on the computer.
- Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
- Press "Scan".
- It will create a log (FSS.txt) in the same directory the tool is run.
- Please copy and paste the log to your reply.
#30
Posted 25 June 2012 - 10:25 AM
KillThem
- Topic Starter
-
- Member
-
- 20 posts
Member
OTL.txt
OTL logfile created on: 6/25/2012 12:07:42 PM - Run 2
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Bill Goodwin\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.46 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 66.72% Memory free
6.91 Gb Paging File | 5.65 Gb Available in Paging File | 81.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.83 Gb Total Space | 44.60 Gb Free Space | 31.67% Space Free | Partition Type: NTFS
Drive E: | 8.12 Gb Total Space | 4.88 Gb Free Space | 60.09% Space Free | Partition Type: NTFS
Computer Name: ELENAPC | User Name: Bill Goodwin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/18 15:55:22 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Bill Goodwin\Desktop\OTL.com
PRC - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/03/21 11:28:16 | 017,834,888 | ---- | M] (InternetCalls) -- C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2011/09/22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2011/06/24 00:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 08:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research in Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/28 16:21:29 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009/10/28 18:59:46 | 000,057,344 | ---- | M] () -- C:\Program Files\Informatica Secure Agent\infaagent.exe
PRC - [2009/10/21 14:58:56 | 000,086,016 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\fjscan32\FiWiaChecker.exe
PRC - [2009/09/03 02:09:42 | 000,024,576 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/08/28 01:29:16 | 000,286,720 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\fjscan32\ERG\FTErGuid.exe
PRC - [2009/08/14 14:30:56 | 000,015,872 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
PRC - [2009/08/07 07:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/08/05 07:38:48 | 004,562,944 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
PRC - [2009/08/05 07:38:48 | 000,026,112 | ---- | M] () -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
PRC - [2009/08/05 07:38:42 | 003,086,848 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
PRC - [2009/07/27 14:18:02 | 000,134,656 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2009/07/16 14:13:34 | 001,245,472 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
PRC - [2009/07/16 14:10:22 | 000,382,752 | ---- | M] (Dell Inc.) -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
PRC - [2009/07/08 16:45:34 | 000,131,072 | ---- | M] (FUJITSU LIMITED) -- C:\Windows\twain_32\fjscan32\FjtwMkup.exe
PRC - [2009/06/29 16:44:38 | 000,458,844 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/06/29 16:44:38 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8f542503f95f21b\stacsv.exe
PRC - [2009/06/24 22:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/19 18:57:40 | 000,249,856 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/06/11 23:46:46 | 000,656,384 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
PRC - [2009/06/11 20:43:08 | 001,622,016 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2009/05/15 19:33:40 | 001,803,512 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2009/04/27 15:40:26 | 000,293,968 | ---- | M] (Dell Inc.) -- c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
PRC - [2009/04/07 10:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/02/01 04:15:38 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/02/01 02:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/12/09 23:54:40 | 000,143,360 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe
PRC - [2008/11/24 17:56:46 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/10/14 22:38:56 | 000,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PRC - [2008/10/02 12:23:16 | 000,546,288 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2007/10/16 19:58:38 | 000,045,056 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe
PRC - [2007/04/27 07:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
PRC - [2007/04/27 01:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2007/03/08 16:23:04 | 000,045,056 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\fjscan32\FJTWMKSV.exe
PRC - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/16 13:23:53 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/06/16 13:21:35 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/16 13:21:27 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/06/16 13:20:41 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/16 13:20:33 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/16 13:20:11 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/06/16 13:20:07 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/06/16 13:20:06 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/06/16 13:19:56 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/12/12 16:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/11/12 02:40:28 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Status Lib\1.6.320.13950__f25c74fcad379103\Status Lib.dll
MOD - [2009/11/12 02:40:28 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\StatusInterfaces\1.6.320.13949__4ca2a925deedf37d\StatusInterfaces.dll
MOD - [2009/08/05 07:38:40 | 000,055,808 | ---- | M] () -- C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
MOD - [2009/07/27 14:15:32 | 000,249,856 | ---- | M] () -- C:\Windows\System32\wxvault.dll
MOD - [2009/06/03 14:07:50 | 000,010,752 | ---- | M] () -- C:\Windows\System32\Wavx_ESC_Logging.dll
MOD - [2009/03/12 16:45:32 | 000,135,168 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2009/02/27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/11/21 14:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
MOD - [2008/11/12 15:24:40 | 000,004,608 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010/02/25 04:00:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/28 16:21:29 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/28 18:59:46 | 000,057,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Informatica Secure Agent\infaagent.exe -- (InformaticaSecureAgent)
SRV - [2009/09/03 02:09:42 | 000,024,576 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/08/07 07:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/08/05 07:38:48 | 000,026,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2009/07/23 22:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/16 14:10:22 | 000,382,752 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/29 16:44:38 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8f542503f95f21b\stacsv.exe -- (STacSV)
SRV - [2009/06/11 20:43:08 | 001,622,016 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2009/06/03 14:15:24 | 001,019,904 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2009/05/15 19:33:40 | 001,803,512 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009/04/27 15:40:26 | 000,293,968 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32)
SRV - [2008/11/12 15:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/04/27 07:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2007/04/27 01:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2007/03/08 16:23:04 | 000,045,056 | ---- | M] (PFU LIMITED) [Auto | Running] -- C:\Windows\twain_32\fjscan32\FJTWMKSV.exe -- (FJTWMKSV)
SRV - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
========== Driver Services (SafeList) ==========
DRV - File not found [File_System | On_Demand | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\PCTINDIS5.SYS -- (PCTINDIS5)
DRV - [2011/08/09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011/08/04 09:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2011/08/04 09:20:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2011/08/04 09:20:38 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2011/08/04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011/05/18 08:09:04 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/11/19 13:53:48 | 000,026,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2009/08/05 07:38:48 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2009/07/29 17:46:24 | 000,212,528 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/07/27 14:17:56 | 000,200,192 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2009/07/13 20:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 20:14:49 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 19:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpials.sys -- (acpials)
DRV - [2009/07/04 22:37:08 | 000,038,400 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rixdpe86.sys -- (rixdpcie)
DRV - [2009/07/02 12:50:16 | 000,047,104 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rimspe86.sys -- (rimspci)
DRV - [2009/06/30 23:28:28 | 000,049,152 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\risdpe86.sys -- (risdpcie)
DRV - [2009/06/29 16:44:38 | 000,408,576 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/06/25 20:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/25 20:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/06/25 20:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009/05/26 15:12:36 | 000,122,368 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2009/05/11 13:55:12 | 000,084,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\basp.sys -- (Blfp)
DRV - [2008/06/04 16:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2008/01/10 17:59:44 | 000,142,976 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swumx80.sys -- (SWUMX80) Sierra Wireless USB MUX Driver (UMTS80)
DRV - [2008/01/10 17:58:48 | 000,165,248 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8u80.sys -- (SWNC8U80) Sierra Wireless MUX NDIS Driver (UMTS80)
DRV - [2007/04/27 07:40:00 | 000,090,688 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\sentinel.sys -- (Sentinel)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0C31152B-D90D-49D6-BBBE-66D54BAEDDC9}
IE - HKLM\..\SearchScopes\{0C31152B-D90D-49D6-BBBE-66D54BAEDDC9}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USREL/1
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://g.msn.com/USREL/1
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\..\SearchScopes,DefaultScope = {7FEEE531-E0FD-45AE-A83A-209ECF27D803}
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\..\SearchScopes\{22D5E096-940A-CE47-CCFF-72BC315B9667}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\..\SearchScopes\{7FEEE531-E0FD-45AE-A83A-209ECF27D803}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?..._date=20111111"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..keyword.URL: "http://www.bing.com/...te=20111111&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/15 12:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/15 12:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/04/25 20:17:05 | 000,000,000 | ---D | M]
[2010/11/28 17:49:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bill Goodwin\AppData\Roaming\mozilla\Extensions
[2012/06/15 12:27:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bill Goodwin\AppData\Roaming\mozilla\Firefox\Profiles\u8wobhi3.default\extensions
[2011/11/10 21:12:27 | 000,001,945 | ---- | M] () -- C:\Users\Bill Goodwin\AppData\Roaming\Mozilla\Firefox\Profiles\u8wobhi3.default\searchplugins\bing-zugo.xml
[2012/06/15 12:23:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/15 12:34:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/13 20:49:14 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/16 06:42:53 | 000,002,252 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/16 06:42:53 | 000,002,040 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/04/24 23:58:29 | 000,001,211 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\System32\Msdxm6.ocx (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DellControlPoint] c:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [FiWIA Service Checker] C:\Windows\twain_32\fjscan32\FiWiaChecker.exe (PFU LIMITED)
O4 - HKLM..\Run: [FJTWAIN Setup] C:\Windows\Twain_32\fjscan32\FjtwMkup.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [FtLnSOP_setup] C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe (PFU LIMITED)
O4 - HKLM..\Run: [FTPWRENV] C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe (PFU LIMITED)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006..\Run: [InternetCalls] C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe (InternetCalls)
O4 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006..\Run: [WorkForce 610(Network)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006..\Run: [WorkForce 610(Network) (Copy 1)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Bill Goodwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://idoccorp.web...ex/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=724 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{338D2B99-B9DB-4F62-9489-7D7E40204079}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A4E7DB5-B6ED-423F-9B6F-DD8C27095DBD}: DhcpNameServer = 209.183.33.23 209.183.35.23
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\System32\Msdxm6.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/25 11:50:54 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Bill Goodwin\Desktop\TFC.exe
[2012/06/24 20:25:45 | 000,000,000 | -HSD | C] -- C:\Boot
[2012/06/19 23:02:30 | 000,000,000 | ---D | C] -- C:\Users\Bill Goodwin\Desktop\iPod Photo Cache
[2012/06/19 17:51:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/18 15:55:11 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Bill Goodwin\Desktop\OTL.com
[2012/06/18 12:56:11 | 000,000,000 | ---D | C] -- C:\Users\Bill Goodwin\Desktop\BDparty
[2012/06/18 11:45:20 | 000,000,000 | ---D | C] -- C:\Users\Bill Goodwin\Desktop\RK_Quarantine
[2012/06/18 11:42:07 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Bill Goodwin\Desktop\aswMBR.exe
[2012/06/18 10:24:03 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bill Goodwin\Desktop\TDSSKiller.exe
[2012/06/18 10:11:25 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/06/18 10:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/06/18 10:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/06/16 00:12:28 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/16 00:12:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/16 00:12:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/16 00:12:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/16 00:12:26 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/16 00:12:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/16 00:12:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/15 21:12:08 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/06/15 21:12:06 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/06/15 21:11:52 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/06/15 21:11:51 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/06/15 21:11:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/06/15 21:11:37 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/15 21:09:39 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/06/15 11:53:31 | 000,000,000 | ---D | C] -- C:\Users\Bill Goodwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery
[2012/06/13 14:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/13 14:43:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/13 14:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/05/28 21:36:06 | 000,000,000 | ---D | C] -- C:\Users\Bill Goodwin\Desktop\LOS ANGELES May, 2012
[2 C:\Users\Bill Goodwin\Desktop\*.tmp files -> C:\Users\Bill Goodwin\Desktop\*.tmp -> ]
[1 C:\Users\Bill Goodwin\Documents\*.tmp files -> C:\Users\Bill Goodwin\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/25 12:13:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2148102757-2534434147-107223858-1000UA.job
[2012/06/25 12:04:53 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/25 12:04:53 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/25 12:04:01 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/25 11:57:45 | 000,000,000 | ---- | M] () -- C:\Users\Bill Goodwin\AppData\Local\WavXMapDrive.bat
[2012/06/25 11:57:11 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/25 11:56:48 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/06/25 11:56:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/25 11:56:38 | 2783,313,920 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/25 11:50:55 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Bill Goodwin\Desktop\TFC.exe
[2012/06/25 01:13:57 | 000,000,512 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\MBR.dat
[2012/06/25 01:13:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2148102757-2534434147-107223858-1000Core.job
[2012/06/22 16:12:48 | 000,636,084 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/22 16:12:48 | 000,111,626 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/19 20:40:00 | 000,089,649 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\photo.JPG
[2012/06/19 17:53:59 | 000,000,362 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/06/18 16:14:46 | 000,080,384 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\MBRCheck.exe
[2012/06/18 15:55:22 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Bill Goodwin\Desktop\OTL.com
[2012/06/18 11:33:02 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Bill Goodwin\Desktop\aswMBR.exe
[2012/06/18 11:17:09 | 002,109,032 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\tdsskiller.zip
[2012/06/18 10:43:41 | 001,521,152 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\RogueKiller.exe
[2012/06/18 10:13:50 | 000,881,475 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\SecurityCheck.exe
[2012/06/18 10:11:10 | 000,001,076 | ---- | M] () -- C:\Users\Bill Goodwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/18 10:10:57 | 000,000,896 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\NTREGOPT.lnk
[2012/06/18 10:10:57 | 000,000,877 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\ERUNT.lnk
[2012/06/17 00:27:15 | 402,911,915 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/06/16 13:18:41 | 003,779,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/15 15:15:16 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bill Goodwin\Desktop\TDSSKiller.exe
[2012/06/15 12:51:20 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/06/15 12:51:20 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/06/13 14:44:30 | 000,001,755 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/11 23:25:35 | 000,158,113 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\qdvsdgh6f6oqbtcme5j0.jpg
[2012/05/30 22:34:22 | 000,148,405 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\487392_4003413533261_36300172_1n.jpg
[2012/05/30 21:59:07 | 000,130,702 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\487392_4003413533261_36300172_n.jpg
[2 C:\Users\Bill Goodwin\Desktop\*.tmp files -> C:\Users\Bill Goodwin\Desktop\*.tmp -> ]
[1 C:\Users\Bill Goodwin\Documents\*.tmp files -> C:\Users\Bill Goodwin\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/06/25 11:45:34 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/06/24 22:29:08 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012/06/24 20:27:47 | 000,000,512 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\MBR.dat
[2012/06/19 20:40:00 | 000,089,649 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\photo.JPG
[2012/06/18 16:15:12 | 000,080,384 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\MBRCheck.exe
[2012/06/18 11:17:02 | 002,109,032 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\tdsskiller.zip
[2012/06/18 10:43:41 | 001,521,152 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\RogueKiller.exe
[2012/06/18 10:13:50 | 000,881,475 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\SecurityCheck.exe
[2012/06/18 10:11:10 | 000,001,076 | ---- | C] () -- C:\Users\Bill Goodwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/18 10:10:57 | 000,000,896 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\NTREGOPT.lnk
[2012/06/18 10:10:57 | 000,000,877 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\ERUNT.lnk
[2012/06/14 00:37:04 | 000,158,113 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\qdvsdgh6f6oqbtcme5j0.jpg
[2012/06/13 14:44:30 | 000,001,755 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/30 22:00:13 | 000,148,405 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\487392_4003413533261_36300172_1n.jpg
[2012/05/30 21:56:47 | 000,130,702 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\487392_4003413533261_36300172_n.jpg
[2012/02/07 12:13:25 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2012/02/06 15:27:06 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2012/02/06 15:27:06 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2012/02/06 15:27:06 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2012/02/06 15:27:06 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2012/02/06 15:27:06 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2012/02/06 15:27:06 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2012/02/06 15:27:06 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2012/02/06 15:27:06 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2012/02/06 15:27:06 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2012/02/06 15:27:06 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2012/02/06 15:27:06 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2012/02/06 15:27:06 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2012/02/06 15:27:06 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2012/02/06 15:27:06 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2012/02/06 15:27:06 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2012/02/06 15:27:06 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011/11/10 21:12:44 | 000,723,294 | ---- | C] () -- C:\Windows\unins000.exe
[2011/11/10 21:12:44 | 000,139,999 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/09 21:33:22 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2011/09/27 14:17:19 | 000,000,000 | ---- | C] () -- C:\Windows\Vcdem32p.INI
[2011/09/27 13:41:21 | 000,000,692 | ---- | C] () -- C:\Windows\pixcache.ini
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi60Fex0C0A.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi60fex0419.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi60Fex0410.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi60Fex040C.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi60Fex0407.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex0C0A.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex0419.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex0410.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex040C.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex0409.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex0407.dll
[2011/09/27 13:35:00 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi60Fex0409.dll
[2011/09/27 13:35:00 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5110ex0411.dll
[2011/09/27 13:35:00 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi60Fex0804.dll
[2011/09/27 13:35:00 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi60Fex0411.dll
[2011/09/27 13:35:00 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5110ex0804.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0C0A.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0419.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0416.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0410.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex040C.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0409.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0407.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0C0A.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0419.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0416.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0410.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex040C.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0409.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0407.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5750ex0C0A.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5750ex0419.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5750ex0410.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5750ex040C.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5750ex0407.dll
[2011/09/27 13:34:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6225ex0412.dll
[2011/09/27 13:34:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6225ex0411.dll
[2011/09/27 13:34:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6125ex0412.dll
[2011/09/27 13:34:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6125ex0411.dll
[2011/09/27 13:34:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5750ex0409.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6225ex0804.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6225ex0404.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6125ex0804.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6125ex0404.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5750ex0804.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5750ex0411.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex0C0A.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex0419.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex0416.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex0410.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex040C.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex0407.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5650ex0C0A.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5650ex0410.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5650ex040C.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5650ex0407.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex0C0A.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex0419.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex0410.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex040C.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex0409.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex0407.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5900ex0412.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5900ex0411.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5900ex0409.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5650ex0419.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5650ex0409.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5220ex0412.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5220ex0411.dll
[2011/09/27 13:34:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5900ex0804.dll
[2011/09/27 13:34:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5900ex0404.dll
[2011/09/27 13:34:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5650ex0804.dll
[2011/09/27 13:34:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5650ex0411.dll
[2011/09/27 13:34:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5220ex0804.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex0C0A.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex0419.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex0410.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex040C.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex0409.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex0407.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex0C0A.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex0419.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex0410.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex040C.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex0409.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex0407.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex0C0A.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex0419.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex0410.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex040C.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex0409.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex0407.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5530ex0412.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5530ex0411.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi55302ex0412.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi55302ex0411.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5120ex0412.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5120ex0411.dll
[2011/09/27 13:34:57 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5530ex0804.dll
[2011/09/27 13:34:57 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi55302ex0804.dll
[2011/09/27 13:34:57 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5120ex0804.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex0C0A.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex0419.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex0416.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex0410.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex040C.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex0407.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex0C0A.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex0419.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex0416.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex0410.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex040C.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex0407.dll
[2011/09/27 13:34:56 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6750ex0409.dll
[2011/09/27 13:34:56 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6670ex0409.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6750ex0804.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6750ex0412.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6750ex0411.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6750ex0404.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6670ex0804.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6670ex0412.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6670ex0411.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6670ex0404.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex0C0A.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex0419.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex0416.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex0410.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex040C.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex0407.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex0C0A.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex0419.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex0410.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex040C.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex0409.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex0407.dll
[2011/09/27 13:34:55 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6770ex0409.dll
[2011/09/27 13:34:55 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6230Tex0412.dll
[2011/09/27 13:34:55 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6230Tex0411.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6770ex0804.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6770ex0412.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6770ex0411.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6770ex0404.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6230Tex0804.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6230Tex0404.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex0C0A.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex0419.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex0410.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex040C.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex0409.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex0407.dll
[2011/09/27 13:34:54 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6130Tex0412.dll
[2011/09/27 13:34:54 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6130Tex0411.dll
[2011/09/27 13:34:54 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6130Tex0804.dll
[2011/09/27 13:34:54 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6130Tex0404.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0C0A.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0419.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0416.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0410.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex040C.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0409.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0407.dll
[2011/09/27 13:34:53 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6130ex0412.dll
[2011/09/27 13:34:53 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6130ex0411.dll
[2011/09/27 13:34:53 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6130ex0804.dll
[2011/09/27 13:34:53 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6130ex0404.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0C0A.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0419.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0416.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0410.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex040C.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0409.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0407.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0C0A.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0419.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0416.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0410.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex040C.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0409.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0407.dll
[2011/09/27 13:34:52 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6240ex0412.dll
[2011/09/27 13:34:52 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6240ex0411.dll
[2011/09/27 13:34:52 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6140ex0412.dll
[2011/09/27 13:34:52 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6140ex0411.dll
[2011/09/27 13:34:52 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6240ex0804.dll
[2011/09/27 13:34:52 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6240ex0404.dll
[2011/09/27 13:34:52 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6140ex0804.dll
[2011/09/27 13:34:52 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6140ex0404.dll
[2011/09/27 13:34:51 | 000,000,712 | R--- | C] () -- C:\Windows\FJTWSTI.INI
[2011/09/27 10:09:45 | 000,000,628 | ---- | C] () -- C:\Windows\kofax200.ini
[2011/09/27 10:09:39 | 000,000,035 | ---- | C] () -- C:\Windows\setscan.ini
[2011/08/27 11:06:01 | 000,000,023 | ---- | C] () -- C:\Windows\bo9840cd.ini
[2011/05/25 17:19:40 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010/11/28 17:49:15 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/11/28 12:40:51 | 000,000,000 | ---- | C] () -- C:\Users\Bill Goodwin\AppData\Local\WavXMapDrive.bat
========== Files - Unicode (All) ==========
[2012/06/15 12:34:54 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\???) -- C:\Users\Bill Goodwin\Documents\РВП
[2012/06/15 12:27:48 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\?????) -- C:\Users\Bill Goodwin\Documents\Почта
[2012/03/26 12:54:19 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\????????????) -- C:\Users\Bill Goodwin\Documents\Поздравления
[2012/02/09 12:52:34 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Desktop\???????????????) -- C:\Users\Bill Goodwin\Desktop\Трудоустройство
[2012/02/04 13:22:36 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\???????? ???? ???? ????) -- C:\Users\Bill Goodwin\Documents\Гостевая виза Мама Папа
[2012/01/15 20:03:49 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\???????) -- C:\Users\Bill Goodwin\Documents\Рецепты
[2012/01/15 20:03:49 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\Разное
[2012/01/15 20:03:48 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\РАБОТА
[2012/01/15 20:03:46 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\?????_? ?????????????) -- C:\Users\Bill Goodwin\Documents\Почта_в Невинномысске
[2012/01/15 20:03:13 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\Письма
[2012/01/15 20:03:13 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??? ???????) -- C:\Users\Bill Goodwin\Documents\Мои подписи
[2012/01/15 20:03:13 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\? ???????) -- C:\Users\Bill Goodwin\Documents\О бизнесе
[2012/01/15 20:03:11 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??? ?????????) -- C:\Users\Bill Goodwin\Documents\Мои Документы
[2012/01/15 20:03:06 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\????? ?????? ????? ??????????) -- C:\Users\Bill Goodwin\Documents\Карты Москвы Метро Посольство
[2012/01/15 20:03:06 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\????) -- C:\Users\Bill Goodwin\Documents\Мама
[2012/01/15 20:03:05 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??????? ????? ???????? 165-216) -- C:\Users\Bill Goodwin\Documents\Домовая книга Калинина 165-216
[2012/01/15 20:03:05 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??????? ????? - ???????? 169 ??-24) -- C:\Users\Bill Goodwin\Documents\Домовая книга - Калинина 169 кв-24
[2012/01/15 20:03:04 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\?????????? ??? ????) -- C:\Users\Bill Goodwin\Documents\Докуцменты для Визы
[2012/01/15 20:03:01 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\???? ?? ??????. ???? ????????) -- C:\Users\Bill Goodwin\Documents\Докс по задолж. Моск интернет
[2012/01/15 20:03:00 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??? ??????????? ? ?????????? ??????????) -- C:\Users\Bill Goodwin\Documents\Для регистрации и временного проживания
[2011/12/09 19:29:43 | 000,011,408 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????? ?????????.docx) -- C:\Users\Bill Goodwin\Documents\Рецепт оленятины.docx
[2011/12/09 19:29:42 | 000,011,408 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????? ?????????.docx) -- C:\Users\Bill Goodwin\Documents\Рецепт оленятины.docx
[2010/12/28 12:33:46 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Desktop\???????????????) -- C:\Users\Bill Goodwin\Desktop\Трудоустройство
[2010/05/29 10:12:02 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\???????? ???? ???? ????) -- C:\Users\Bill Goodwin\Documents\Гостевая виза Мама Папа
[2010/05/21 10:14:26 | 000,105,984 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\Основа лечения Акни.doc
[2010/05/21 10:09:03 | 000,056,320 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??????? ? ?? ????..doc) -- C:\Users\Bill Goodwin\Documents\Тазорак и др инфа..doc
[2010/05/19 22:22:57 | 000,026,624 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??????? ??? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Подарки для Невинки.doc
[2010/04/19 14:31:26 | 000,000,162 | -H-- | M] ()(C:\Users\Bill Goodwin\Documents\~$???? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\~$нова лечения Акни.doc
[2010/04/19 14:31:26 | 000,000,162 | -H-- | C] ()(C:\Users\Bill Goodwin\Documents\~$???? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\~$нова лечения Акни.doc
[2010/03/12 11:04:52 | 000,031,744 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????????? ??? ???????????.doc) -- C:\Users\Bill Goodwin\Documents\Информация для приглашения.doc
[2010/03/02 15:46:49 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\???? ?? ??????. ???? ????????) -- C:\Users\Bill Goodwin\Documents\Докс по задолж. Моск интернет
[2009/11/28 12:16:59 | 005,263,215 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\????????????? ??? ???????? ???????????.pdf) -- C:\Users\Bill Goodwin\Documents\Обязательство для Частного приглашения.pdf
[2009/11/28 12:16:59 | 000,119,646 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????.jpg) -- C:\Users\Bill Goodwin\Documents\Паспорт.jpg
[2009/11/28 12:16:59 | 000,105,984 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\Основа лечения Акни.doc
[2009/11/28 12:16:59 | 000,056,320 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??????? ? ?? ????..doc) -- C:\Users\Bill Goodwin\Documents\Тазорак и др инфа..doc
[2009/11/28 12:16:59 | 000,055,296 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????.doc) -- C:\Users\Bill Goodwin\Documents\Сылки.doc
[2009/11/28 12:16:59 | 000,040,448 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Объемная стрижка.doc
[2009/11/28 12:16:59 | 000,032,768 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\????????????? ???????? ??? ???.doc) -- C:\Users\Bill Goodwin\Documents\Тренировочный комплекс для ног.doc
[2009/11/28 12:16:59 | 000,031,232 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?? ????.doc) -- C:\Users\Bill Goodwin\Documents\На сайт.doc
[2009/11/28 12:16:59 | 000,029,696 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?? ????_1.doc) -- C:\Users\Bill Goodwin\Documents\На сайт_1.doc
[2009/11/28 12:16:59 | 000,026,624 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??????? ??? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Подарки для Невинки.doc
[2009/11/28 12:16:59 | 000,025,088 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????????? ??????.doc) -- C:\Users\Bill Goodwin\Documents\Паспортные данные.doc
[2009/11/28 12:16:59 | 000,022,528 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??????? ????, ????, ??????.doc) -- C:\Users\Bill Goodwin\Documents\Размеры Мамы, Папы, Сереги.doc
[2009/11/28 12:16:59 | 000,020,992 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Оплата квартиры.doc
[2009/11/28 12:16:59 | 000,020,480 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???? ????.doc) -- C:\Users\Bill Goodwin\Documents\Стих англ.doc
[2009/11/28 12:16:59 | 000,018,944 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????.xls) -- C:\Users\Bill Goodwin\Documents\Свадьба.xls
[2009/11/28 12:16:58 | 000,681,984 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??????? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Молитва Господня.doc
[2009/11/28 12:16:58 | 000,100,864 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????? ????????? ??????.doc) -- C:\Users\Bill Goodwin\Documents\Билеты Вашингтон Москва.doc
[2009/11/28 12:16:58 | 000,055,296 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????? PROMT10000.std) -- C:\Users\Bill Goodwin\Documents\Документ PROMT10000.std
[2009/11/28 12:16:58 | 000,044,032 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?? ??????????? 1 ?? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Из Шереметьево 1 до Внуково.doc
[2009/11/28 12:16:58 | 000,040,960 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??? ?????? ????? ? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Все сейчас знают и понимают.doc
[2009/11/28 12:16:58 | 000,031,744 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????????? ??? ???????????.doc) -- C:\Users\Bill Goodwin\Documents\Информация для приглашения.doc
[2009/11/28 12:16:58 | 000,031,744 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????.doc) -- C:\Users\Bill Goodwin\Documents\Доктора.doc
[2009/11/28 12:16:58 | 000,031,232 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????? PROMT1.std) -- C:\Users\Bill Goodwin\Documents\Документ PROMT1.std
[2009/11/28 12:16:58 | 000,030,208 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???? ??? ?????. ???????????.doc) -- C:\Users\Bill Goodwin\Documents\Доки для частн. приглашения.doc
[2009/11/28 12:16:58 | 000,029,184 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\? ????? 1.doc) -- C:\Users\Bill Goodwin\Documents\В загсе 1.doc
[2009/11/28 12:16:58 | 000,027,136 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????????_1??????????.doc) -- C:\Users\Bill Goodwin\Documents\Заявление_1Ставрополь.doc
[2009/11/28 12:16:58 | 000,026,624 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????????_1.doc) -- C:\Users\Bill Goodwin\Documents\Заявление_1.doc
[2009/11/28 12:16:58 | 000,024,576 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\????????? ?? ???.doc) -- C:\Users\Bill Goodwin\Documents\Директору ГУ ЦЗН.doc
[2009/11/28 12:16:58 | 000,022,016 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\Депутату Краевой Думы.doc
[2009/11/28 12:16:58 | 000,019,968 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Дни Рождения.doc
[2009/11/28 12:16:53 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\???????) -- C:\Users\Bill Goodwin\Documents\Рецепты
[2009/11/28 12:16:52 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\Разное
[2009/11/28 12:16:52 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\???) -- C:\Users\Bill Goodwin\Documents\РВП
[2009/11/28 12:16:49 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\РАБОТА
[2009/11/28 12:16:48 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\?????_? ?????????????) -- C:\Users\Bill Goodwin\Documents\Почта_в Невинномысске
[2009/11/28 12:15:21 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\????????????) -- C:\Users\Bill Goodwin\Documents\Поздравления
[2009/11/28 12:15:21 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\?????) -- C:\Users\Bill Goodwin\Documents\Почта
[2009/11/28 12:15:17 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\Письма
[2009/11/28 12:15:16 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??? ???????) -- C:\Users\Bill Goodwin\Documents\Мои подписи
[2009/11/28 12:15:16 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\? ???????) -- C:\Users\Bill Goodwin\Documents\О бизнесе
[2009/11/28 12:15:13 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??? ?????????) -- C:\Users\Bill Goodwin\Documents\Мои Документы
[2009/11/28 12:15:08 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\????? ?????? ????? ??????????) -- C:\Users\Bill Goodwin\Documents\Карты Москвы Метро Посольство
[2009/11/28 12:15:08 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\????) -- C:\Users\Bill Goodwin\Documents\Мама
[2009/11/28 12:15:07 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??????? ????? ???????? 165-216) -- C:\Users\Bill Goodwin\Documents\Домовая книга Калинина 165-216
[2009/11/28 12:15:07 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??????? ????? - ???????? 169 ??-24) -- C:\Users\Bill Goodwin\Documents\Домовая книга - Калинина 169 кв-24
[2009/11/28 12:15:01 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\?????????? ??? ????) -- C:\Users\Bill Goodwin\Documents\Докуцменты для Визы
[2009/11/28 12:15:01 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??? ??????????? ? ?????????? ??????????) -- C:\Users\Bill Goodwin\Documents\Для регистрации и временного проживания
[2009/06/24 17:15:15 | 000,019,968 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Дни Рождения.doc
[2009/03/19 22:30:09 | 000,032,768 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\????????????? ???????? ??? ???.doc) -- C:\Users\Bill Goodwin\Documents\Тренировочный комплекс для ног.doc
[2009/02/06 22:15:35 | 000,029,696 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?? ????_1.doc) -- C:\Users\Bill Goodwin\Documents\На сайт_1.doc
[2009/02/02 00:23:33 | 000,031,232 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?? ????.doc) -- C:\Users\Bill Goodwin\Documents\На сайт.doc
[2008/12/09 01:52:08 | 000,031,232 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????? PROMT1.std) -- C:\Users\Bill Goodwin\Documents\Документ PROMT1.std
[2008/11/21 17:16:13 | 000,031,744 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????.doc) -- C:\Users\Bill Goodwin\Documents\Доктора.doc
[2008/11/17 18:58:12 | 000,030,208 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???? ??? ?????. ???????????.doc) -- C:\Users\Bill Goodwin\Documents\Доки для частн. приглашения.doc
[2008/11/09 12:36:03 | 000,022,528 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??????? ????, ????, ??????.doc) -- C:\Users\Bill Goodwin\Documents\Размеры Мамы, Папы, Сереги.doc
[2008/10/05 14:11:32 | 000,100,864 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????? ????????? ??????.doc) -- C:\Users\Bill Goodwin\Documents\Билеты Вашингтон Москва.doc
[2008/10/04 10:04:53 | 000,040,448 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Объемная стрижка.doc
[2008/09/27 00:28:04 | 000,044,032 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?? ??????????? 1 ?? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Из Шереметьево 1 до Внуково.doc
[2008/07/25 10:11:34 | 000,020,992 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Оплата квартиры.doc
[2008/04/23 09:31:58 | 000,027,136 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????????_1??????????.doc) -- C:\Users\Bill Goodwin\Documents\Заявление_1Ставрополь.doc
[2008/04/05 14:05:52 | 000,026,624 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????????_1.doc) -- C:\Users\Bill Goodwin\Documents\Заявление_1.doc
[2008/02/26 07:21:59 | 000,024,576 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\????????? ?? ???.doc) -- C:\Users\Bill Goodwin\Documents\Директору ГУ ЦЗН.doc
[2008/01/10 03:11:24 | 000,119,646 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????.jpg) -- C:\Users\Bill Goodwin\Documents\Паспорт.jpg
[2007/12/19 05:48:26 | 000,025,088 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????????? ??????.doc) -- C:\Users\Bill Goodwin\Documents\Паспортные данные.doc
[2007/10/25 14:59:14 | 005,263,215 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\????????????? ??? ???????? ???????????.pdf) -- C:\Users\Bill Goodwin\Documents\Обязательство для Частного приглашения.pdf
[2007/09/08 06:51:12 | 000,020,480 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???? ????.doc) -- C:\Users\Bill Goodwin\Documents\Стих англ.doc
[2007/08/20 15:32:30 | 000,055,296 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????? PROMT10000.std) -- C:\Users\Bill Goodwin\Documents\Документ PROMT10000.std
[2007/08/13 04:34:37 | 000,022,016 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\Депутату Краевой Думы.doc
[2007/04/09 13:52:10 | 000,055,296 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????.doc) -- C:\Users\Bill Goodwin\Documents\Сылки.doc
[2007/01/07 17:38:30 | 000,040,960 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??? ?????? ????? ? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Все сейчас знают и понимают.doc
[2006/12/05 07:30:26 | 000,681,984 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??????? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Молитва Господня.doc
[2006/10/21 02:40:30 | 000,018,944 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????.xls) -- C:\Users\Bill Goodwin\Documents\Свадьба.xls
[2006/09/03 13:03:38 | 000,029,184 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\? ????? 1.doc) -- C:\Users\Bill Goodwin\Documents\В загсе 1.doc
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB49837$] -> Error: Cannot create file handle -> Unknown point type
< End of report >
OTL logfile created on: 6/25/2012 12:07:42 PM - Run 2
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Bill Goodwin\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.46 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 66.72% Memory free
6.91 Gb Paging File | 5.65 Gb Available in Paging File | 81.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.83 Gb Total Space | 44.60 Gb Free Space | 31.67% Space Free | Partition Type: NTFS
Drive E: | 8.12 Gb Total Space | 4.88 Gb Free Space | 60.09% Space Free | Partition Type: NTFS
Computer Name: ELENAPC | User Name: Bill Goodwin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/18 15:55:22 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Bill Goodwin\Desktop\OTL.com
PRC - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/03/21 11:28:16 | 017,834,888 | ---- | M] (InternetCalls) -- C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2011/09/22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2011/06/24 00:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 08:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research in Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/28 16:21:29 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009/10/28 18:59:46 | 000,057,344 | ---- | M] () -- C:\Program Files\Informatica Secure Agent\infaagent.exe
PRC - [2009/10/21 14:58:56 | 000,086,016 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\fjscan32\FiWiaChecker.exe
PRC - [2009/09/03 02:09:42 | 000,024,576 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/08/28 01:29:16 | 000,286,720 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\fjscan32\ERG\FTErGuid.exe
PRC - [2009/08/14 14:30:56 | 000,015,872 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
PRC - [2009/08/07 07:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/08/05 07:38:48 | 004,562,944 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
PRC - [2009/08/05 07:38:48 | 000,026,112 | ---- | M] () -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
PRC - [2009/08/05 07:38:42 | 003,086,848 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
PRC - [2009/07/27 14:18:02 | 000,134,656 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2009/07/16 14:13:34 | 001,245,472 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
PRC - [2009/07/16 14:10:22 | 000,382,752 | ---- | M] (Dell Inc.) -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
PRC - [2009/07/08 16:45:34 | 000,131,072 | ---- | M] (FUJITSU LIMITED) -- C:\Windows\twain_32\fjscan32\FjtwMkup.exe
PRC - [2009/06/29 16:44:38 | 000,458,844 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/06/29 16:44:38 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8f542503f95f21b\stacsv.exe
PRC - [2009/06/24 22:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/19 18:57:40 | 000,249,856 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/06/11 23:46:46 | 000,656,384 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
PRC - [2009/06/11 20:43:08 | 001,622,016 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2009/05/15 19:33:40 | 001,803,512 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2009/04/27 15:40:26 | 000,293,968 | ---- | M] (Dell Inc.) -- c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
PRC - [2009/04/07 10:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/02/01 04:15:38 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/02/01 02:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/12/09 23:54:40 | 000,143,360 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe
PRC - [2008/11/24 17:56:46 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/10/14 22:38:56 | 000,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PRC - [2008/10/02 12:23:16 | 000,546,288 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2007/10/16 19:58:38 | 000,045,056 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe
PRC - [2007/04/27 07:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
PRC - [2007/04/27 01:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2007/03/08 16:23:04 | 000,045,056 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\fjscan32\FJTWMKSV.exe
PRC - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/16 13:23:53 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/06/16 13:21:35 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/16 13:21:27 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/06/16 13:20:41 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/16 13:20:33 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/16 13:20:11 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/06/16 13:20:07 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/06/16 13:20:06 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/06/16 13:19:56 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/12/12 16:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/11/12 02:40:28 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Status Lib\1.6.320.13950__f25c74fcad379103\Status Lib.dll
MOD - [2009/11/12 02:40:28 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\StatusInterfaces\1.6.320.13949__4ca2a925deedf37d\StatusInterfaces.dll
MOD - [2009/08/05 07:38:40 | 000,055,808 | ---- | M] () -- C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
MOD - [2009/07/27 14:15:32 | 000,249,856 | ---- | M] () -- C:\Windows\System32\wxvault.dll
MOD - [2009/06/03 14:07:50 | 000,010,752 | ---- | M] () -- C:\Windows\System32\Wavx_ESC_Logging.dll
MOD - [2009/03/12 16:45:32 | 000,135,168 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2009/02/27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/11/21 14:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
MOD - [2008/11/12 15:24:40 | 000,004,608 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010/02/25 04:00:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/28 16:21:29 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/28 18:59:46 | 000,057,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Informatica Secure Agent\infaagent.exe -- (InformaticaSecureAgent)
SRV - [2009/09/03 02:09:42 | 000,024,576 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/08/07 07:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/08/05 07:38:48 | 000,026,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2009/07/23 22:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/16 14:10:22 | 000,382,752 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/29 16:44:38 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8f542503f95f21b\stacsv.exe -- (STacSV)
SRV - [2009/06/11 20:43:08 | 001,622,016 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2009/06/03 14:15:24 | 001,019,904 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2009/05/15 19:33:40 | 001,803,512 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009/04/27 15:40:26 | 000,293,968 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32)
SRV - [2008/11/12 15:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/04/27 07:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2007/04/27 01:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2007/03/08 16:23:04 | 000,045,056 | ---- | M] (PFU LIMITED) [Auto | Running] -- C:\Windows\twain_32\fjscan32\FJTWMKSV.exe -- (FJTWMKSV)
SRV - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
========== Driver Services (SafeList) ==========
DRV - File not found [File_System | On_Demand | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\PCTINDIS5.SYS -- (PCTINDIS5)
DRV - [2011/08/09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011/08/04 09:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2011/08/04 09:20:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2011/08/04 09:20:38 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2011/08/04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011/05/18 08:09:04 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/11/19 13:53:48 | 000,026,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2009/08/05 07:38:48 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2009/07/29 17:46:24 | 000,212,528 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/07/27 14:17:56 | 000,200,192 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2009/07/13 20:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 20:14:49 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 19:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpials.sys -- (acpials)
DRV - [2009/07/04 22:37:08 | 000,038,400 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rixdpe86.sys -- (rixdpcie)
DRV - [2009/07/02 12:50:16 | 000,047,104 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rimspe86.sys -- (rimspci)
DRV - [2009/06/30 23:28:28 | 000,049,152 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\risdpe86.sys -- (risdpcie)
DRV - [2009/06/29 16:44:38 | 000,408,576 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/06/25 20:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/25 20:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/06/25 20:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009/05/26 15:12:36 | 000,122,368 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2009/05/11 13:55:12 | 000,084,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\basp.sys -- (Blfp)
DRV - [2008/06/04 16:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2008/01/10 17:59:44 | 000,142,976 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swumx80.sys -- (SWUMX80) Sierra Wireless USB MUX Driver (UMTS80)
DRV - [2008/01/10 17:58:48 | 000,165,248 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8u80.sys -- (SWNC8U80) Sierra Wireless MUX NDIS Driver (UMTS80)
DRV - [2007/04/27 07:40:00 | 000,090,688 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\sentinel.sys -- (Sentinel)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0C31152B-D90D-49D6-BBBE-66D54BAEDDC9}
IE - HKLM\..\SearchScopes\{0C31152B-D90D-49D6-BBBE-66D54BAEDDC9}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USREL/1
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://g.msn.com/USREL/1
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\..\SearchScopes,DefaultScope = {7FEEE531-E0FD-45AE-A83A-209ECF27D803}
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\..\SearchScopes\{22D5E096-940A-CE47-CCFF-72BC315B9667}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\..\SearchScopes\{7FEEE531-E0FD-45AE-A83A-209ECF27D803}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?..._date=20111111"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..keyword.URL: "http://www.bing.com/...te=20111111&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/15 12:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/15 12:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/04/25 20:17:05 | 000,000,000 | ---D | M]
[2010/11/28 17:49:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bill Goodwin\AppData\Roaming\mozilla\Extensions
[2012/06/15 12:27:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bill Goodwin\AppData\Roaming\mozilla\Firefox\Profiles\u8wobhi3.default\extensions
[2011/11/10 21:12:27 | 000,001,945 | ---- | M] () -- C:\Users\Bill Goodwin\AppData\Roaming\Mozilla\Firefox\Profiles\u8wobhi3.default\searchplugins\bing-zugo.xml
[2012/06/15 12:23:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/15 12:34:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/13 20:49:14 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/16 06:42:53 | 000,002,252 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/16 06:42:53 | 000,002,040 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/04/24 23:58:29 | 000,001,211 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\System32\Msdxm6.ocx (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DellControlPoint] c:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [FiWIA Service Checker] C:\Windows\twain_32\fjscan32\FiWiaChecker.exe (PFU LIMITED)
O4 - HKLM..\Run: [FJTWAIN Setup] C:\Windows\Twain_32\fjscan32\FjtwMkup.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [FtLnSOP_setup] C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe (PFU LIMITED)
O4 - HKLM..\Run: [FTPWRENV] C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe (PFU LIMITED)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006..\Run: [InternetCalls] C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe (InternetCalls)
O4 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006..\Run: [WorkForce 610(Network)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006..\Run: [WorkForce 610(Network) (Copy 1)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Bill Goodwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2148102757-2534434147-107223858-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://idoccorp.web...ex/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=724 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{338D2B99-B9DB-4F62-9489-7D7E40204079}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A4E7DB5-B6ED-423F-9B6F-DD8C27095DBD}: DhcpNameServer = 209.183.33.23 209.183.35.23
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\System32\Msdxm6.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/25 11:50:54 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Bill Goodwin\Desktop\TFC.exe
[2012/06/24 20:25:45 | 000,000,000 | -HSD | C] -- C:\Boot
[2012/06/19 23:02:30 | 000,000,000 | ---D | C] -- C:\Users\Bill Goodwin\Desktop\iPod Photo Cache
[2012/06/19 17:51:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/18 15:55:11 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Bill Goodwin\Desktop\OTL.com
[2012/06/18 12:56:11 | 000,000,000 | ---D | C] -- C:\Users\Bill Goodwin\Desktop\BDparty
[2012/06/18 11:45:20 | 000,000,000 | ---D | C] -- C:\Users\Bill Goodwin\Desktop\RK_Quarantine
[2012/06/18 11:42:07 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Bill Goodwin\Desktop\aswMBR.exe
[2012/06/18 10:24:03 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bill Goodwin\Desktop\TDSSKiller.exe
[2012/06/18 10:11:25 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/06/18 10:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/06/18 10:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/06/16 00:12:28 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/16 00:12:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/16 00:12:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/16 00:12:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/16 00:12:26 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/16 00:12:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/16 00:12:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/15 21:12:08 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/06/15 21:12:06 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/06/15 21:11:52 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/06/15 21:11:51 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/06/15 21:11:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/06/15 21:11:37 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/15 21:09:39 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/06/15 11:53:31 | 000,000,000 | ---D | C] -- C:\Users\Bill Goodwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery
[2012/06/13 14:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/13 14:43:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/13 14:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/05/28 21:36:06 | 000,000,000 | ---D | C] -- C:\Users\Bill Goodwin\Desktop\LOS ANGELES May, 2012
[2 C:\Users\Bill Goodwin\Desktop\*.tmp files -> C:\Users\Bill Goodwin\Desktop\*.tmp -> ]
[1 C:\Users\Bill Goodwin\Documents\*.tmp files -> C:\Users\Bill Goodwin\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/25 12:13:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2148102757-2534434147-107223858-1000UA.job
[2012/06/25 12:04:53 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/25 12:04:53 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/25 12:04:01 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/25 11:57:45 | 000,000,000 | ---- | M] () -- C:\Users\Bill Goodwin\AppData\Local\WavXMapDrive.bat
[2012/06/25 11:57:11 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/25 11:56:48 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/06/25 11:56:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/25 11:56:38 | 2783,313,920 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/25 11:50:55 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Bill Goodwin\Desktop\TFC.exe
[2012/06/25 01:13:57 | 000,000,512 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\MBR.dat
[2012/06/25 01:13:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2148102757-2534434147-107223858-1000Core.job
[2012/06/22 16:12:48 | 000,636,084 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/22 16:12:48 | 000,111,626 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/19 20:40:00 | 000,089,649 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\photo.JPG
[2012/06/19 17:53:59 | 000,000,362 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/06/18 16:14:46 | 000,080,384 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\MBRCheck.exe
[2012/06/18 15:55:22 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Bill Goodwin\Desktop\OTL.com
[2012/06/18 11:33:02 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Bill Goodwin\Desktop\aswMBR.exe
[2012/06/18 11:17:09 | 002,109,032 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\tdsskiller.zip
[2012/06/18 10:43:41 | 001,521,152 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\RogueKiller.exe
[2012/06/18 10:13:50 | 000,881,475 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\SecurityCheck.exe
[2012/06/18 10:11:10 | 000,001,076 | ---- | M] () -- C:\Users\Bill Goodwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/18 10:10:57 | 000,000,896 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\NTREGOPT.lnk
[2012/06/18 10:10:57 | 000,000,877 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\ERUNT.lnk
[2012/06/17 00:27:15 | 402,911,915 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/06/16 13:18:41 | 003,779,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/15 15:15:16 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bill Goodwin\Desktop\TDSSKiller.exe
[2012/06/15 12:51:20 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/06/15 12:51:20 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/06/13 14:44:30 | 000,001,755 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/11 23:25:35 | 000,158,113 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\qdvsdgh6f6oqbtcme5j0.jpg
[2012/05/30 22:34:22 | 000,148,405 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\487392_4003413533261_36300172_1n.jpg
[2012/05/30 21:59:07 | 000,130,702 | ---- | M] () -- C:\Users\Bill Goodwin\Desktop\487392_4003413533261_36300172_n.jpg
[2 C:\Users\Bill Goodwin\Desktop\*.tmp files -> C:\Users\Bill Goodwin\Desktop\*.tmp -> ]
[1 C:\Users\Bill Goodwin\Documents\*.tmp files -> C:\Users\Bill Goodwin\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/06/25 11:45:34 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/06/24 22:29:08 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012/06/24 20:27:47 | 000,000,512 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\MBR.dat
[2012/06/19 20:40:00 | 000,089,649 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\photo.JPG
[2012/06/18 16:15:12 | 000,080,384 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\MBRCheck.exe
[2012/06/18 11:17:02 | 002,109,032 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\tdsskiller.zip
[2012/06/18 10:43:41 | 001,521,152 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\RogueKiller.exe
[2012/06/18 10:13:50 | 000,881,475 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\SecurityCheck.exe
[2012/06/18 10:11:10 | 000,001,076 | ---- | C] () -- C:\Users\Bill Goodwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/18 10:10:57 | 000,000,896 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\NTREGOPT.lnk
[2012/06/18 10:10:57 | 000,000,877 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\ERUNT.lnk
[2012/06/14 00:37:04 | 000,158,113 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\qdvsdgh6f6oqbtcme5j0.jpg
[2012/06/13 14:44:30 | 000,001,755 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/30 22:00:13 | 000,148,405 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\487392_4003413533261_36300172_1n.jpg
[2012/05/30 21:56:47 | 000,130,702 | ---- | C] () -- C:\Users\Bill Goodwin\Desktop\487392_4003413533261_36300172_n.jpg
[2012/02/07 12:13:25 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2012/02/06 15:27:06 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2012/02/06 15:27:06 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2012/02/06 15:27:06 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2012/02/06 15:27:06 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2012/02/06 15:27:06 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2012/02/06 15:27:06 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2012/02/06 15:27:06 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2012/02/06 15:27:06 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2012/02/06 15:27:06 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2012/02/06 15:27:06 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2012/02/06 15:27:06 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2012/02/06 15:27:06 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2012/02/06 15:27:06 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2012/02/06 15:27:06 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2012/02/06 15:27:06 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2012/02/06 15:27:06 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011/11/10 21:12:44 | 000,723,294 | ---- | C] () -- C:\Windows\unins000.exe
[2011/11/10 21:12:44 | 000,139,999 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/09 21:33:22 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2011/09/27 14:17:19 | 000,000,000 | ---- | C] () -- C:\Windows\Vcdem32p.INI
[2011/09/27 13:41:21 | 000,000,692 | ---- | C] () -- C:\Windows\pixcache.ini
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi60Fex0C0A.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi60fex0419.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi60Fex0410.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi60Fex040C.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi60Fex0407.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex0C0A.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex0419.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex0410.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex040C.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex0409.dll
[2011/09/27 13:35:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5110ex0407.dll
[2011/09/27 13:35:00 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi60Fex0409.dll
[2011/09/27 13:35:00 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5110ex0411.dll
[2011/09/27 13:35:00 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi60Fex0804.dll
[2011/09/27 13:35:00 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi60Fex0411.dll
[2011/09/27 13:35:00 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5110ex0804.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0C0A.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0419.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0416.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0410.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex040C.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0409.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6225ex0407.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0C0A.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0419.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0416.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0410.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex040C.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0409.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6125ex0407.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5750ex0C0A.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5750ex0419.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5750ex0410.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5750ex040C.dll
[2011/09/27 13:34:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5750ex0407.dll
[2011/09/27 13:34:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6225ex0412.dll
[2011/09/27 13:34:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6225ex0411.dll
[2011/09/27 13:34:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6125ex0412.dll
[2011/09/27 13:34:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6125ex0411.dll
[2011/09/27 13:34:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5750ex0409.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6225ex0804.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6225ex0404.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6125ex0804.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6125ex0404.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5750ex0804.dll
[2011/09/27 13:34:59 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5750ex0411.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex0C0A.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex0419.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex0416.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex0410.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex040C.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5900ex0407.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5650ex0C0A.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5650ex0410.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5650ex040C.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5650ex0407.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex0C0A.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex0419.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex0410.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex040C.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex0409.dll
[2011/09/27 13:34:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5220ex0407.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5900ex0412.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5900ex0411.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5900ex0409.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5650ex0419.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5650ex0409.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5220ex0412.dll
[2011/09/27 13:34:58 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5220ex0411.dll
[2011/09/27 13:34:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5900ex0804.dll
[2011/09/27 13:34:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5900ex0404.dll
[2011/09/27 13:34:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5650ex0804.dll
[2011/09/27 13:34:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5650ex0411.dll
[2011/09/27 13:34:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5220ex0804.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex0C0A.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex0419.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex0410.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex040C.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex0409.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5530ex0407.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex0C0A.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex0419.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex0410.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex040C.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex0409.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi55302ex0407.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex0C0A.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex0419.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex0410.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex040C.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex0409.dll
[2011/09/27 13:34:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi5120ex0407.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5530ex0412.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5530ex0411.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi55302ex0412.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi55302ex0411.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5120ex0412.dll
[2011/09/27 13:34:57 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi5120ex0411.dll
[2011/09/27 13:34:57 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5530ex0804.dll
[2011/09/27 13:34:57 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi55302ex0804.dll
[2011/09/27 13:34:57 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi5120ex0804.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex0C0A.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex0419.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex0416.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex0410.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex040C.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6750ex0407.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex0C0A.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex0419.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex0416.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex0410.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex040C.dll
[2011/09/27 13:34:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6670ex0407.dll
[2011/09/27 13:34:56 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6750ex0409.dll
[2011/09/27 13:34:56 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6670ex0409.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6750ex0804.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6750ex0412.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6750ex0411.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6750ex0404.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6670ex0804.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6670ex0412.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6670ex0411.dll
[2011/09/27 13:34:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6670ex0404.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex0C0A.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex0419.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex0416.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex0410.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex040C.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6770ex0407.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex0C0A.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex0419.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex0410.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex040C.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex0409.dll
[2011/09/27 13:34:55 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6230Tex0407.dll
[2011/09/27 13:34:55 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6770ex0409.dll
[2011/09/27 13:34:55 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6230Tex0412.dll
[2011/09/27 13:34:55 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6230Tex0411.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6770ex0804.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6770ex0412.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6770ex0411.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6770ex0404.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6230Tex0804.dll
[2011/09/27 13:34:55 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6230Tex0404.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex0C0A.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex0419.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex0410.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex040C.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex0409.dll
[2011/09/27 13:34:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130Tex0407.dll
[2011/09/27 13:34:54 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6130Tex0412.dll
[2011/09/27 13:34:54 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6130Tex0411.dll
[2011/09/27 13:34:54 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6130Tex0804.dll
[2011/09/27 13:34:54 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6130Tex0404.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0C0A.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0419.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0416.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0410.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex040C.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0409.dll
[2011/09/27 13:34:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6130ex0407.dll
[2011/09/27 13:34:53 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6130ex0412.dll
[2011/09/27 13:34:53 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6130ex0411.dll
[2011/09/27 13:34:53 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6130ex0804.dll
[2011/09/27 13:34:53 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6130ex0404.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0C0A.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0419.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0416.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0410.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex040C.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0409.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6240ex0407.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0C0A.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0419.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0416.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0410.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex040C.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0409.dll
[2011/09/27 13:34:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\fi6140ex0407.dll
[2011/09/27 13:34:52 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6240ex0412.dll
[2011/09/27 13:34:52 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6240ex0411.dll
[2011/09/27 13:34:52 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6140ex0412.dll
[2011/09/27 13:34:52 | 000,036,864 | ---- | C] () -- C:\Windows\System32\fi6140ex0411.dll
[2011/09/27 13:34:52 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6240ex0804.dll
[2011/09/27 13:34:52 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6240ex0404.dll
[2011/09/27 13:34:52 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6140ex0804.dll
[2011/09/27 13:34:52 | 000,032,768 | ---- | C] () -- C:\Windows\System32\fi6140ex0404.dll
[2011/09/27 13:34:51 | 000,000,712 | R--- | C] () -- C:\Windows\FJTWSTI.INI
[2011/09/27 10:09:45 | 000,000,628 | ---- | C] () -- C:\Windows\kofax200.ini
[2011/09/27 10:09:39 | 000,000,035 | ---- | C] () -- C:\Windows\setscan.ini
[2011/08/27 11:06:01 | 000,000,023 | ---- | C] () -- C:\Windows\bo9840cd.ini
[2011/05/25 17:19:40 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010/11/28 17:49:15 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/11/28 12:40:51 | 000,000,000 | ---- | C] () -- C:\Users\Bill Goodwin\AppData\Local\WavXMapDrive.bat
========== Files - Unicode (All) ==========
[2012/06/15 12:34:54 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\???) -- C:\Users\Bill Goodwin\Documents\РВП
[2012/06/15 12:27:48 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\?????) -- C:\Users\Bill Goodwin\Documents\Почта
[2012/03/26 12:54:19 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\????????????) -- C:\Users\Bill Goodwin\Documents\Поздравления
[2012/02/09 12:52:34 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Desktop\???????????????) -- C:\Users\Bill Goodwin\Desktop\Трудоустройство
[2012/02/04 13:22:36 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\???????? ???? ???? ????) -- C:\Users\Bill Goodwin\Documents\Гостевая виза Мама Папа
[2012/01/15 20:03:49 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\???????) -- C:\Users\Bill Goodwin\Documents\Рецепты
[2012/01/15 20:03:49 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\Разное
[2012/01/15 20:03:48 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\РАБОТА
[2012/01/15 20:03:46 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\?????_? ?????????????) -- C:\Users\Bill Goodwin\Documents\Почта_в Невинномысске
[2012/01/15 20:03:13 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\Письма
[2012/01/15 20:03:13 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??? ???????) -- C:\Users\Bill Goodwin\Documents\Мои подписи
[2012/01/15 20:03:13 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\? ???????) -- C:\Users\Bill Goodwin\Documents\О бизнесе
[2012/01/15 20:03:11 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??? ?????????) -- C:\Users\Bill Goodwin\Documents\Мои Документы
[2012/01/15 20:03:06 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\????? ?????? ????? ??????????) -- C:\Users\Bill Goodwin\Documents\Карты Москвы Метро Посольство
[2012/01/15 20:03:06 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\????) -- C:\Users\Bill Goodwin\Documents\Мама
[2012/01/15 20:03:05 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??????? ????? ???????? 165-216) -- C:\Users\Bill Goodwin\Documents\Домовая книга Калинина 165-216
[2012/01/15 20:03:05 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??????? ????? - ???????? 169 ??-24) -- C:\Users\Bill Goodwin\Documents\Домовая книга - Калинина 169 кв-24
[2012/01/15 20:03:04 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\?????????? ??? ????) -- C:\Users\Bill Goodwin\Documents\Докуцменты для Визы
[2012/01/15 20:03:01 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\???? ?? ??????. ???? ????????) -- C:\Users\Bill Goodwin\Documents\Докс по задолж. Моск интернет
[2012/01/15 20:03:00 | 000,000,000 | ---D | M](C:\Users\Bill Goodwin\Documents\??? ??????????? ? ?????????? ??????????) -- C:\Users\Bill Goodwin\Documents\Для регистрации и временного проживания
[2011/12/09 19:29:43 | 000,011,408 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????? ?????????.docx) -- C:\Users\Bill Goodwin\Documents\Рецепт оленятины.docx
[2011/12/09 19:29:42 | 000,011,408 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????? ?????????.docx) -- C:\Users\Bill Goodwin\Documents\Рецепт оленятины.docx
[2010/12/28 12:33:46 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Desktop\???????????????) -- C:\Users\Bill Goodwin\Desktop\Трудоустройство
[2010/05/29 10:12:02 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\???????? ???? ???? ????) -- C:\Users\Bill Goodwin\Documents\Гостевая виза Мама Папа
[2010/05/21 10:14:26 | 000,105,984 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\Основа лечения Акни.doc
[2010/05/21 10:09:03 | 000,056,320 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??????? ? ?? ????..doc) -- C:\Users\Bill Goodwin\Documents\Тазорак и др инфа..doc
[2010/05/19 22:22:57 | 000,026,624 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??????? ??? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Подарки для Невинки.doc
[2010/04/19 14:31:26 | 000,000,162 | -H-- | M] ()(C:\Users\Bill Goodwin\Documents\~$???? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\~$нова лечения Акни.doc
[2010/04/19 14:31:26 | 000,000,162 | -H-- | C] ()(C:\Users\Bill Goodwin\Documents\~$???? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\~$нова лечения Акни.doc
[2010/03/12 11:04:52 | 000,031,744 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????????? ??? ???????????.doc) -- C:\Users\Bill Goodwin\Documents\Информация для приглашения.doc
[2010/03/02 15:46:49 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\???? ?? ??????. ???? ????????) -- C:\Users\Bill Goodwin\Documents\Докс по задолж. Моск интернет
[2009/11/28 12:16:59 | 005,263,215 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\????????????? ??? ???????? ???????????.pdf) -- C:\Users\Bill Goodwin\Documents\Обязательство для Частного приглашения.pdf
[2009/11/28 12:16:59 | 000,119,646 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????.jpg) -- C:\Users\Bill Goodwin\Documents\Паспорт.jpg
[2009/11/28 12:16:59 | 000,105,984 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\Основа лечения Акни.doc
[2009/11/28 12:16:59 | 000,056,320 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??????? ? ?? ????..doc) -- C:\Users\Bill Goodwin\Documents\Тазорак и др инфа..doc
[2009/11/28 12:16:59 | 000,055,296 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????.doc) -- C:\Users\Bill Goodwin\Documents\Сылки.doc
[2009/11/28 12:16:59 | 000,040,448 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Объемная стрижка.doc
[2009/11/28 12:16:59 | 000,032,768 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\????????????? ???????? ??? ???.doc) -- C:\Users\Bill Goodwin\Documents\Тренировочный комплекс для ног.doc
[2009/11/28 12:16:59 | 000,031,232 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?? ????.doc) -- C:\Users\Bill Goodwin\Documents\На сайт.doc
[2009/11/28 12:16:59 | 000,029,696 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?? ????_1.doc) -- C:\Users\Bill Goodwin\Documents\На сайт_1.doc
[2009/11/28 12:16:59 | 000,026,624 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??????? ??? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Подарки для Невинки.doc
[2009/11/28 12:16:59 | 000,025,088 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????????? ??????.doc) -- C:\Users\Bill Goodwin\Documents\Паспортные данные.doc
[2009/11/28 12:16:59 | 000,022,528 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??????? ????, ????, ??????.doc) -- C:\Users\Bill Goodwin\Documents\Размеры Мамы, Папы, Сереги.doc
[2009/11/28 12:16:59 | 000,020,992 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Оплата квартиры.doc
[2009/11/28 12:16:59 | 000,020,480 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???? ????.doc) -- C:\Users\Bill Goodwin\Documents\Стих англ.doc
[2009/11/28 12:16:59 | 000,018,944 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????.xls) -- C:\Users\Bill Goodwin\Documents\Свадьба.xls
[2009/11/28 12:16:58 | 000,681,984 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??????? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Молитва Господня.doc
[2009/11/28 12:16:58 | 000,100,864 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????? ????????? ??????.doc) -- C:\Users\Bill Goodwin\Documents\Билеты Вашингтон Москва.doc
[2009/11/28 12:16:58 | 000,055,296 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????? PROMT10000.std) -- C:\Users\Bill Goodwin\Documents\Документ PROMT10000.std
[2009/11/28 12:16:58 | 000,044,032 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?? ??????????? 1 ?? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Из Шереметьево 1 до Внуково.doc
[2009/11/28 12:16:58 | 000,040,960 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??? ?????? ????? ? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Все сейчас знают и понимают.doc
[2009/11/28 12:16:58 | 000,031,744 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????????? ??? ???????????.doc) -- C:\Users\Bill Goodwin\Documents\Информация для приглашения.doc
[2009/11/28 12:16:58 | 000,031,744 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????.doc) -- C:\Users\Bill Goodwin\Documents\Доктора.doc
[2009/11/28 12:16:58 | 000,031,232 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????? PROMT1.std) -- C:\Users\Bill Goodwin\Documents\Документ PROMT1.std
[2009/11/28 12:16:58 | 000,030,208 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???? ??? ?????. ???????????.doc) -- C:\Users\Bill Goodwin\Documents\Доки для частн. приглашения.doc
[2009/11/28 12:16:58 | 000,029,184 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\? ????? 1.doc) -- C:\Users\Bill Goodwin\Documents\В загсе 1.doc
[2009/11/28 12:16:58 | 000,027,136 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????????_1??????????.doc) -- C:\Users\Bill Goodwin\Documents\Заявление_1Ставрополь.doc
[2009/11/28 12:16:58 | 000,026,624 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\?????????_1.doc) -- C:\Users\Bill Goodwin\Documents\Заявление_1.doc
[2009/11/28 12:16:58 | 000,024,576 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\????????? ?? ???.doc) -- C:\Users\Bill Goodwin\Documents\Директору ГУ ЦЗН.doc
[2009/11/28 12:16:58 | 000,022,016 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\???????? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\Депутату Краевой Думы.doc
[2009/11/28 12:16:58 | 000,019,968 | ---- | C] ()(C:\Users\Bill Goodwin\Documents\??? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Дни Рождения.doc
[2009/11/28 12:16:53 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\???????) -- C:\Users\Bill Goodwin\Documents\Рецепты
[2009/11/28 12:16:52 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\Разное
[2009/11/28 12:16:52 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\???) -- C:\Users\Bill Goodwin\Documents\РВП
[2009/11/28 12:16:49 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\РАБОТА
[2009/11/28 12:16:48 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\?????_? ?????????????) -- C:\Users\Bill Goodwin\Documents\Почта_в Невинномысске
[2009/11/28 12:15:21 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\????????????) -- C:\Users\Bill Goodwin\Documents\Поздравления
[2009/11/28 12:15:21 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\?????) -- C:\Users\Bill Goodwin\Documents\Почта
[2009/11/28 12:15:17 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??????) -- C:\Users\Bill Goodwin\Documents\Письма
[2009/11/28 12:15:16 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??? ???????) -- C:\Users\Bill Goodwin\Documents\Мои подписи
[2009/11/28 12:15:16 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\? ???????) -- C:\Users\Bill Goodwin\Documents\О бизнесе
[2009/11/28 12:15:13 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??? ?????????) -- C:\Users\Bill Goodwin\Documents\Мои Документы
[2009/11/28 12:15:08 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\????? ?????? ????? ??????????) -- C:\Users\Bill Goodwin\Documents\Карты Москвы Метро Посольство
[2009/11/28 12:15:08 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\????) -- C:\Users\Bill Goodwin\Documents\Мама
[2009/11/28 12:15:07 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??????? ????? ???????? 165-216) -- C:\Users\Bill Goodwin\Documents\Домовая книга Калинина 165-216
[2009/11/28 12:15:07 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??????? ????? - ???????? 169 ??-24) -- C:\Users\Bill Goodwin\Documents\Домовая книга - Калинина 169 кв-24
[2009/11/28 12:15:01 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\?????????? ??? ????) -- C:\Users\Bill Goodwin\Documents\Докуцменты для Визы
[2009/11/28 12:15:01 | 000,000,000 | ---D | C](C:\Users\Bill Goodwin\Documents\??? ??????????? ? ?????????? ??????????) -- C:\Users\Bill Goodwin\Documents\Для регистрации и временного проживания
[2009/06/24 17:15:15 | 000,019,968 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Дни Рождения.doc
[2009/03/19 22:30:09 | 000,032,768 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\????????????? ???????? ??? ???.doc) -- C:\Users\Bill Goodwin\Documents\Тренировочный комплекс для ног.doc
[2009/02/06 22:15:35 | 000,029,696 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?? ????_1.doc) -- C:\Users\Bill Goodwin\Documents\На сайт_1.doc
[2009/02/02 00:23:33 | 000,031,232 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?? ????.doc) -- C:\Users\Bill Goodwin\Documents\На сайт.doc
[2008/12/09 01:52:08 | 000,031,232 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????? PROMT1.std) -- C:\Users\Bill Goodwin\Documents\Документ PROMT1.std
[2008/11/21 17:16:13 | 000,031,744 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????.doc) -- C:\Users\Bill Goodwin\Documents\Доктора.doc
[2008/11/17 18:58:12 | 000,030,208 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???? ??? ?????. ???????????.doc) -- C:\Users\Bill Goodwin\Documents\Доки для частн. приглашения.doc
[2008/11/09 12:36:03 | 000,022,528 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??????? ????, ????, ??????.doc) -- C:\Users\Bill Goodwin\Documents\Размеры Мамы, Папы, Сереги.doc
[2008/10/05 14:11:32 | 000,100,864 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????? ????????? ??????.doc) -- C:\Users\Bill Goodwin\Documents\Билеты Вашингтон Москва.doc
[2008/10/04 10:04:53 | 000,040,448 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Объемная стрижка.doc
[2008/09/27 00:28:04 | 000,044,032 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?? ??????????? 1 ?? ???????.doc) -- C:\Users\Bill Goodwin\Documents\Из Шереметьево 1 до Внуково.doc
[2008/07/25 10:11:34 | 000,020,992 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Оплата квартиры.doc
[2008/04/23 09:31:58 | 000,027,136 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????????_1??????????.doc) -- C:\Users\Bill Goodwin\Documents\Заявление_1Ставрополь.doc
[2008/04/05 14:05:52 | 000,026,624 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????????_1.doc) -- C:\Users\Bill Goodwin\Documents\Заявление_1.doc
[2008/02/26 07:21:59 | 000,024,576 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\????????? ?? ???.doc) -- C:\Users\Bill Goodwin\Documents\Директору ГУ ЦЗН.doc
[2008/01/10 03:11:24 | 000,119,646 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????.jpg) -- C:\Users\Bill Goodwin\Documents\Паспорт.jpg
[2007/12/19 05:48:26 | 000,025,088 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????????? ??????.doc) -- C:\Users\Bill Goodwin\Documents\Паспортные данные.doc
[2007/10/25 14:59:14 | 005,263,215 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\????????????? ??? ???????? ???????????.pdf) -- C:\Users\Bill Goodwin\Documents\Обязательство для Частного приглашения.pdf
[2007/09/08 06:51:12 | 000,020,480 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???? ????.doc) -- C:\Users\Bill Goodwin\Documents\Стих англ.doc
[2007/08/20 15:32:30 | 000,055,296 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????? PROMT10000.std) -- C:\Users\Bill Goodwin\Documents\Документ PROMT10000.std
[2007/08/13 04:34:37 | 000,022,016 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????? ??????? ????.doc) -- C:\Users\Bill Goodwin\Documents\Депутату Краевой Думы.doc
[2007/04/09 13:52:10 | 000,055,296 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\?????.doc) -- C:\Users\Bill Goodwin\Documents\Сылки.doc
[2007/01/07 17:38:30 | 000,040,960 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??? ?????? ????? ? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Все сейчас знают и понимают.doc
[2006/12/05 07:30:26 | 000,681,984 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\??????? ????????.doc) -- C:\Users\Bill Goodwin\Documents\Молитва Господня.doc
[2006/10/21 02:40:30 | 000,018,944 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\???????.xls) -- C:\Users\Bill Goodwin\Documents\Свадьба.xls
[2006/09/03 13:03:38 | 000,029,184 | ---- | M] ()(C:\Users\Bill Goodwin\Documents\? ????? 1.doc) -- C:\Users\Bill Goodwin\Documents\В загсе 1.doc
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB49837$] -> Error: Cannot create file handle -> Unknown point type
< End of report >
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
