OTL logfile created on: 12/17/2012 4:21:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows Server 2003 Server 2003 R2 Edition Service Pack 2 (Version = 5.2.3790) - Type = NTDomainController
Internet Explorer (Version = 6.0.3790.3959)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.94 Gb Available Physical Memory | 73.46% Memory free
11.80 Gb Paging File | 10.86 Gb Available in Paging File | 91.99% Paging File free
Paging file location(s): c:\pagefile.sys 4096 4096d:\pagef [Binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30.28 Gb Total Space | 11.76 Gb Free Space | 38.84% Space Free | Partition Type: NTFS
Drive D: | 105.76 Gb Total Space | 89.54 Gb Free Space | 84.66% Space Free | Partition Type: NTFS
Computer Name: SRVR-DW | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/12/17 16:11:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2012/12/13 20:15:51 | 000,105,832 | ---- | M] (SurfRight B.V.) -- C:\Program Files\HitmanPro\hmpsched.exe
PRC - [2012/11/07 08:08:27 | 000,137,136 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2012/11/07 08:07:51 | 000,374,704 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/06/08 11:06:24 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2012/06/08 11:06:24 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2012/01/30 04:39:57 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dns.exe
PRC - [2010/01/31 07:01:28 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/10/01 00:22:42 | 000,131,072 | ---- | M] (Intuit, Inc.) -- C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe
PRC - [2008/09/29 08:07:00 | 000,143,088 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
PRC - [2008/09/29 08:07:00 | 000,124,240 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
PRC - [2008/09/29 08:07:00 | 000,067,904 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2008/09/29 08:07:00 | 000,062,800 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2008/09/29 08:07:00 | 000,026,672 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2008/09/29 08:07:00 | 000,019,456 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
PRC - [2008/03/14 04:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2007/02/17 06:03:53 | 000,792,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntfrs.exe
PRC - [2007/02/17 06:03:43 | 000,349,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lserver.exe
PRC - [2007/02/17 06:03:42 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ismserv.exe
PRC - [2007/02/17 06:03:39 | 001,053,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/17 06:03:35 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dfssvc.exe
PRC - [2004/07/09 19:01:00 | 001,658,880 | ---- | M] (Extended Systems, Inc.) -- D:\Extended Systems\Advantage\Server\ads.exe
========== Modules (No Company Name) ==========
MOD - [2012/11/14 13:33:35 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\d8ca3b9fefcda19eeecd55c239f504ba\System.Management.ni.dll
MOD - [2012/11/14 13:20:39 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\31b7eef43a23e7c6e93594be583f3d08\System.ServiceProcess.ni.dll
MOD - [2012/11/14 13:20:38 | 007,977,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll
MOD - [2012/11/14 13:20:29 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll
MOD - [2008/03/14 04:00:00 | 000,057,344 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll
MOD - [2006/12/11 13:12:04 | 000,176,235 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2005/08/22 15:38:16 | 003,264,512 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\cryptocme2.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - File not found [Disabled | Stopped] -- -- (UPS)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/12/15 12:58:36 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/13 20:15:51 | 000,105,832 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV - [2012/12/01 10:12:48 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/07 08:08:27 | 000,137,136 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2012/11/07 08:07:51 | 000,374,704 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/06/08 11:06:24 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2012/01/30 04:39:57 | 000,450,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dns.exe -- (DNS)
SRV - [2010/01/31 07:01:28 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/10/01 00:22:42 | 000,131,072 | ---- | M] (Intuit, Inc.) [On_Demand | Running] -- C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe -- (QuickBooksDB19)
SRV - [2009/10/01 00:22:42 | 000,131,072 | ---- | M] (Intuit, Inc.) [Disabled | Stopped] -- C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe -- (QuickBooksDB)
SRV - [2009/08/19 23:57:48 | 000,660,464 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/08/19 23:55:56 | 001,865,472 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Agent\agent.exe -- (AcronisAgent)
SRV - [2009/08/19 23:46:28 | 003,819,880 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Acronis\BackupAndRecovery\mms.exe -- (MMS)
SRV - [2008/09/29 08:07:00 | 000,143,088 | ---- | M] (McAfee, Inc.) [Auto | Paused] -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield)
SRV - [2008/09/29 08:07:00 | 000,067,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2008/09/29 08:07:00 | 000,062,800 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2008/09/29 08:07:00 | 000,019,456 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe -- (McAfeeEngineService)
SRV - [2008/08/08 21:10:46 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/03/14 04:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2007/02/17 06:04:02 | 000,071,168 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tssdis.exe -- (Tssdis)
SRV - [2007/02/17 06:03:58 | 000,067,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsopprov.exe -- (RSoPProv)
SRV - [2007/02/17 06:03:53 | 000,792,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ntfrs.exe -- (NtFrs)
SRV - [2007/02/17 06:03:43 | 000,349,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lserver.exe -- (TermServLicensing)
SRV - [2007/02/17 06:03:43 | 000,094,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\llssrv.exe -- (LicenseService)
SRV - [2007/02/17 06:03:42 | 000,040,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ismserv.exe -- (IsmServ)
SRV - [2007/02/17 06:03:35 | 000,164,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dfssvc.exe -- (Dfs)
SRV - [2007/01/12 07:51:30 | 000,508,848 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\system32\LMabcoms.exe -- (lmab_device)
SRV - [2006/09/13 11:57:22 | 000,045,056 | ---- | M] () [Disabled | Stopped] -- D:\Program Files\RD1000\Service\RDXmon.exe -- (RDXmon)
SRV - [2005/04/14 08:40:58 | 000,045,134 | ---- | M] (APC) [Disabled | Stopped] -- C:\Program Files\APC\PowerChute Business Edition\server\pbeserver.exe -- (APCPBEServer)
SRV - [2005/04/14 08:40:52 | 000,028,672 | ---- | M] (APC) [Disabled | Stopped] -- C:\Program Files\APC\PowerChute Business Edition\agent\pbeagent.exe -- (APCPBEAgent)
SRV - [2005/03/25 05:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\trksvr.dll -- (TrkSvr)
SRV - [2005/03/25 05:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sacsvr.dll -- (sacsvr)
SRV - [2004/07/09 19:01:00 | 001,658,880 | ---- | M] (Extended Systems, Inc.) [Auto | Running] -- D:\Extended Systems\Advantage\Server\ads.exe -- (Advantage)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (LicenseInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/12/16 10:07:15 | 000,035,144 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2012/11/07 08:07:53 | 000,083,912 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/06/08 11:06:24 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2012/06/08 11:06:24 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2011/07/22 08:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\Administrator\Local Settings\Temp\SAS_SelfExtract\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 13:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\Administrator\Local Settings\Temp\SAS_SelfExtract\saskutil.sys -- (SASKUTIL)
DRV - [2009/08/27 12:55:16 | 000,569,632 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2009/08/27 12:45:35 | 000,156,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2009/04/09 10:37:29 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/09/29 08:07:00 | 000,340,592 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2008/09/29 08:07:00 | 000,090,360 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2008/09/29 08:07:00 | 000,074,648 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2008/09/29 08:07:00 | 000,064,432 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2008/09/29 08:07:00 | 000,062,704 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2008/09/29 08:07:00 | 000,042,424 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007/06/07 10:24:04 | 000,031,480 | ---- | M] (Dell Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dcdbas32.sys -- (dcdbas)
DRV - [2007/06/07 10:19:26 | 000,010,104 | ---- | M] (Dell Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PowerEdge Diagnostics\oldiags\packages\portaccessor32.sys -- (PORTACCESSOR_1)
DRV - [2007/02/16 22:29:40 | 000,169,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wlbs.sys -- (WLBS)
DRV - [2007/02/16 22:06:42 | 000,072,704 | ---- | M] (Microsoft Corporation) [Kernel | Unavailable | Unknown] -- C:\WINDOWS\System32\drivers\sacdrv.sys -- (sacdrv)
DRV - [2007/02/16 21:51:18 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\dfs.sys -- (DfsDriver)
DRV - [2006/12/15 03:53:00 | 000,021,504 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\percsas.sys -- (percsas)
DRV - [2006/04/20 16:31:38 | 001,379,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/04/03 13:52:18 | 000,048,128 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bxnd52x.sys -- (l2nd)
DRV - [2006/01/19 10:12:22 | 000,067,072 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2005/03/24 18:25:38 | 000,049,664 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\symmpi.sys -- (symmpi)
DRV - [2005/03/24 18:06:56 | 000,113,664 | ---- | M] (Emulex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\lp6nds35.sys -- (lp6nds35)
DRV - [2005/03/24 18:05:10 | 000,027,648 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ipsraidn.sys -- (ipsraidn)
DRV - [2005/03/24 18:00:52 | 000,024,064 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dpti2o.sys -- (dpti2o)
DRV - [2005/03/24 17:58:22 | 000,018,432 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cpqcissm.sys -- (cpqcissm)
DRV - [2005/03/24 17:55:32 | 000,343,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mpad.sys -- (ati2mpad)
DRV - [2003/03/24 23:13:08 | 000,022,016 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dellcerc.sys -- (dellcerc)
DRV - [2003/03/24 23:13:06 | 000,069,632 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cpqfcalm.sys -- (cpqfcalm)
DRV - [2003/03/24 23:13:04 | 000,015,360 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cpqarry2.sys -- (cpqarry2)
DRV - [2003/03/24 23:05:22 | 000,221,696 | ---- | M] (Agilent Technologies) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\afcnt.sys -- (afcnt)
DRV - [2003/03/24 23:05:16 | 000,039,424 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\hpt3xx.sys -- (hpt3xx)
DRV - [2003/03/24 23:05:12 | 000,154,624 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ql2200.sys -- (ql2200)
DRV - [2003/03/24 23:05:12 | 000,130,560 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ql2100.sys -- (ql2100)
DRV - [2003/03/24 23:05:00 | 000,016,384 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cpqarray.sys -- (Cpqarray)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\dell\homepage\dellhome.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = C:\dell\homepage\dellhome.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.1.20121012015120
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/15 12:58:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012/11/09 15:01:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2012/12/15 12:23:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ri4n5enq.default\extensions
[2012/12/14 11:40:55 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ri4n5enq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/12/15 12:58:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/12/15 12:58:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/12/15 12:58:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012/12/15 12:58:33 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/12/15 12:58:36 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/19 22:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/19 22:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 6 U35 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2005/03/25 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - No CLSID value found.
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKCU..\Run: [] File not found
O4 - HKLM..\RunOnce: [1] C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ShowSuperHidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1354657713234 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1355438488843 (MUWebControl Class)
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} https://mail.cosinc....emote/msrdp.cab (Microsoft Terminal Services Client Control (redist))
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} https://www.officeally.com/XUpload.ocx (Persits Software XUpload)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dw2k3.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8433B5B6-9297-4B6B-8C36-5257D656F188}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\mhtml - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - File not found
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop BackupWallPaper: \windows\system32\DELLWALL.BMP
O29 - HKLM SecurityProviders - (pwdssp.dll) - C:\WINDOWS\System32\pwdssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/05/02 17:00:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/12/17 16:11:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012/12/16 10:50:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012/12/16 10:03:01 | 000,697,869 | ---- | C] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\FSS.exe
[2012/12/15 17:24:39 | 000,495,376 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\Administrator\Desktop\JRT.exe
[2012/12/15 17:17:40 | 022,681,528 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Administrator\Desktop\SUPERAntiSpyware.exe
[2012/12/15 13:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2012/12/15 12:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/12/15 12:21:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2012/12/15 12:20:57 | 000,000,000 | ---D | C] -- C:\JRT
[2012/12/15 11:59:16 | 000,752,213 | ---- | C] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\MiniToolBox.exe
[2012/12/14 11:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/12/14 01:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CompuClever
[2012/12/14 01:55:24 | 000,000,000 | ---D | C] -- C:\Program Files\CompuClever
[2012/12/14 01:40:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC1Data
[2012/12/13 20:08:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2012/12/12 21:45:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2012/12/12 21:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/12/12 21:45:34 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/12/12 21:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/12/12 13:50:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Avant Downloader
[2012/12/12 13:50:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Avant Profiles
[2012/12/12 13:46:20 | 000,141,337 | ---- | C] (Eicon Networks) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/12/12 13:46:16 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/12/12 13:45:32 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/12/12 13:45:05 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/12/12 13:44:24 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/12/12 13:43:45 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/12/12 13:43:42 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/12/12 13:43:39 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/12/12 13:43:35 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/12/12 13:43:32 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/12/12 13:43:29 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/12/12 13:43:13 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/12/12 13:43:07 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/12/12 13:43:04 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/12/12 13:43:03 | 000,127,488 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/12/12 13:42:51 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/12/12 13:42:48 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/12/12 13:42:16 | 000,233,472 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/12/12 13:42:14 | 000,064,512 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/12/12 13:42:11 | 000,283,616 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/12/12 13:42:07 | 000,019,456 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/12/12 13:41:37 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/12/12 13:41:33 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/12/12 13:41:30 | 000,036,892 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/12/12 13:41:14 | 000,091,646 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/12/12 13:41:11 | 000,094,879 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/12/12 13:41:04 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/12/12 13:40:33 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/12/12 13:40:30 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/12/12 13:40:05 | 000,020,480 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/12/12 13:40:01 | 000,026,240 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/12/12 13:40:00 | 000,028,160 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/12/12 13:39:49 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/12/12 13:39:46 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/12/12 13:39:43 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/12/12 13:39:41 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/12/12 13:39:38 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/12/12 13:39:35 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/12/12 13:39:32 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/12/12 13:39:00 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/12/12 13:38:54 | 000,079,872 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/12/12 13:38:41 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/12/12 13:38:38 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/12/12 13:38:27 | 000,018,432 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/12/12 13:37:37 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/12/12 13:37:34 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/12/12 13:37:31 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/12/12 13:37:14 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/12/12 13:37:11 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/12/12 13:37:08 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/12/12 13:36:41 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/12/12 13:36:36 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/12/12 13:36:33 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/12/12 13:36:25 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/12/12 13:36:23 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/12/12 13:36:20 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/12/12 13:36:18 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/12/12 13:36:15 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/12/12 13:36:13 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/12/12 13:36:05 | 000,074,752 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/12/12 13:36:04 | 000,013,824 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/12/12 13:36:02 | 000,023,040 | ---- | C] (Macronix International Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/12/12 13:36:02 | 000,022,016 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/12/12 13:35:59 | 000,024,064 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/12/12 13:35:04 | 000,171,935 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/12/12 13:34:50 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/12/12 13:34:50 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/12/12 13:34:47 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/12/12 13:34:39 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/12/12 13:34:38 | 000,018,944 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/12/12 13:33:49 | 000,617,600 | ---- | C] (Intersil Americas Inc.) -- C:\WINDOWS\System32\dllcache\islp2nds.sys
[2012/12/12 13:33:45 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/12/12 13:32:14 | 000,028,672 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/12/12 13:32:11 | 000,020,480 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/12/12 13:31:33 | 000,033,597 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/12/12 13:31:23 | 000,053,760 | ---- | C] (Brooktrout Technology) -- C:\WINDOWS\System32\dllcache\faxinit.exe
[2012/12/12 13:31:21 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/12/12 13:30:26 | 000,032,606 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/12/12 13:30:18 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/12/12 13:30:16 | 000,369,085 | ---- | C] (Eicon Networks) -- C:\WINDOWS\System32\dllcache\diwansrv.sys
[2012/12/12 13:30:15 | 000,282,140 | ---- | C] (Eicon Networks) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/12/12 13:30:14 | 000,040,990 | ---- | C] (Eicon Networks) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/12/12 13:30:13 | 000,034,334 | ---- | C] (Eicon Networks) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/12/12 13:30:12 | 000,006,686 | ---- | C] (Eicon Networks) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/12/12 13:30:10 | 000,094,140 | ---- | C] (Eicon Networks) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/12/12 13:29:51 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/12/12 13:29:51 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/12/12 13:29:49 | 000,021,632 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/12/12 13:29:34 | 000,047,616 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/12/12 13:29:33 | 000,096,256 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/12/12 13:29:32 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/12/12 13:29:31 | 000,250,880 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/12/12 13:29:31 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/12/12 13:29:19 | 000,021,376 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/12/12 13:29:02 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/12/12 13:29:01 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/12/12 13:29:01 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/12/12 13:29:00 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/12/12 13:28:58 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/12/12 13:28:57 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/12/12 13:28:56 | 000,035,132 | ---- | C] (CARDBUSs) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/12/12 13:28:55 | 000,034,304 | ---- | C] (Eicon Networks Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/12/12 13:28:54 | 000,186,736 | ---- | C] (Eicon Networks) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/12/12 13:28:40 | 000,254,464 | ---- | C] (Brooktrout Technology) -- C:\WINDOWS\System32\dllcache\btdlld.dll
[2012/12/12 13:28:39 | 000,010,880 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/12/12 13:28:38 | 000,060,032 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/12/12 13:28:38 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/12/12 13:28:37 | 000,012,288 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/12/12 13:28:36 | 000,006,656 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/12/12 13:28:35 | 000,039,424 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/12/12 13:28:35 | 000,003,712 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/12/12 13:28:33 | 000,046,080 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/12/12 13:28:32 | 000,049,664 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/12/12 13:28:32 | 000,040,960 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/12/12 13:28:30 | 000,022,528 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/12/12 13:28:30 | 000,004,608 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/12/12 13:28:29 | 000,012,416 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/12/12 13:28:28 | 000,022,016 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/12/12 13:28:28 | 000,003,456 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/12/12 13:28:27 | 000,013,824 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/12/12 13:28:26 | 000,023,040 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/12/12 13:28:23 | 000,073,728 | ---- | C] (Brooktrout Technology) -- C:\WINDOWS\System32\dllcache\bfaxtsp.tsp
[2012/12/12 13:28:22 | 000,188,416 | ---- | C] (Brooktrout Technology Inc.) -- C:\WINDOWS\System32\dllcache\bfaxsnp.dll
[2012/12/12 13:28:22 | 000,061,440 | ---- | C] (Brooktrout Technology) -- C:\WINDOWS\System32\dllcache\bfaxfsp.dll
[2012/12/12 13:28:21 | 000,077,824 | ---- | C] (Brooktrout Technology Inc.) -- C:\WINDOWS\System32\dllcache\bfaxdev.dll
[2012/12/12 13:28:21 | 000,054,400 | ---- | C] (Brooktrout Technology) -- C:\WINDOWS\System32\dllcache\bfax.sys
[2012/12/12 13:28:18 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/12/12 13:28:17 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/12/12 13:28:16 | 000,092,800 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/12/12 13:28:15 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/12/12 13:28:15 | 000,037,888 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/12/12 13:28:14 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/12/12 13:27:33 | 000,048,896 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/12/12 13:27:22 | 000,673,728 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/12/12 13:27:22 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/12/12 13:27:21 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/12/12 03:25:30 | 004,702,459 | ---- | C] (FileZilla Project) -- C:\Documents and Settings\Administrator\My Documents\FileZilla_3.6.0.2_win32-setup.exe
[2012/12/12 03:24:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\FileZilla
[2012/12/11 17:12:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2012/12/11 16:18:14 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012/12/05 07:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012/12/05 07:39:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2012/12/05 07:33:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\TuneUp
[2012/12/04 15:17:09 | 000,257,928 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2012/12/03 10:54:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2012/12/02 09:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2012/12/02 09:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2012/12/02 09:08:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Yahoo!
[2012/12/02 08:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\FCDownloadManager
[2012/12/01 09:10:37 | 000,000,000 | ---D | C] -- C:\BrotherFix
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/12/17 16:35:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/17 16:11:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012/12/17 16:00:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/17 13:47:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\Spyware X-terminator 2005 Update.job
[2012/12/17 03:00:00 | 000,000,498 | ---- | M] () -- C:\WINDOWS\tasks\Spyware X-terminator 2005 Scan.job
[2012/12/17 01:40:00 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\pc-dis-upd.job
[2012/12/17 01:33:32 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2012/12/16 17:23:18 | 000,065,536 | ---- | M] () -- C:\WINDOWS\NETLOGON.CHG
[2012/12/16 16:28:28 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/12/16 13:00:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/16 10:42:33 | 000,002,838 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/12/16 10:34:49 | 003,153,920 | ---- | M] () -- C:\secsetup.sdb
[2012/12/16 10:07:15 | 000,035,144 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2012/12/16 10:03:16 | 000,697,869 | ---- | M] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\FSS.exe
[2012/12/15 21:33:37 | 000,856,731 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\SecurityCheck.exe
[2012/12/15 21:24:58 | 000,510,632 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/12/15 21:24:58 | 000,088,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/12/15 21:19:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/15 21:17:21 | 000,989,467 | ---- | M] () -- C:\ads_err.dbf
[2012/12/15 20:59:47 | 000,545,819 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
[2012/12/15 17:24:43 | 000,495,376 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\Administrator\Desktop\JRT.exe
[2012/12/15 17:17:59 | 022,681,528 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Administrator\Desktop\SUPERAntiSpyware.exe
[2012/12/15 11:59:24 | 000,752,213 | ---- | M] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\MiniToolBox.exe
[2012/12/14 01:40:37 | 004,727,176 | ---- | M] (PC Cleaners) -- C:\WINDOWS\uninst.exe
[2012/12/13 20:55:02 | 000,000,230 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2012/12/13 15:55:06 | 000,000,308 | ---- | M] () -- C:\WINDOWS\System32\fixupdate.bat
[2012/12/12 22:07:54 | 000,208,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/12/12 22:02:51 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to HitmanPro.exe.lnk
[2012/12/12 03:25:46 | 004,702,459 | ---- | M] (FileZilla Project) -- C:\Documents and Settings\Administrator\My Documents\FileZilla_3.6.0.2_win32-setup.exe
[2012/12/11 17:09:13 | 000,000,468 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2012/12/11 15:48:54 | 000,000,182 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2012/12/05 07:51:18 | 000,001,994 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2012/12/04 21:11:11 | 010,765,163 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\census.cache
[2012/12/04 21:06:50 | 000,150,661 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ars.cache
[2012/12/03 15:26:40 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
[2012/12/01 09:18:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\IP_192.168.1.51
[2012/12/01 09:12:27 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Brother Net Fix.lnk
[2012/11/27 14:10:36 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/12/16 10:34:47 | 003,153,920 | ---- | C] () -- C:\secsetup.sdb
[2012/12/16 10:07:15 | 000,035,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2012/12/15 21:33:31 | 000,856,731 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\SecurityCheck.exe
[2012/12/15 20:59:38 | 000,545,819 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
[2012/12/15 12:55:13 | 000,000,900 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/15 12:55:13 | 000,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/14 01:40:40 | 000,000,422 | ---- | C] () -- C:\WINDOWS\tasks\pc-dis-upd.job
[2012/12/13 20:55:02 | 000,000,230 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2012/12/13 16:31:45 | 000,024,523 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2012/12/13 15:53:21 | 000,000,308 | ---- | C] () -- C:\WINDOWS\System32\fixupdate.bat
[2012/12/12 22:02:51 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to HitmanPro.exe.lnk
[2012/12/12 13:43:12 | 001,413,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tintlgs.imd
[2012/12/12 13:43:11 | 000,455,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tintlgl.imd
[2012/12/12 13:43:11 | 000,171,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tintlgc.imd
[2012/12/12 13:38:59 | 000,006,331 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rsess.vbs
[2012/12/12 13:38:52 | 000,026,417 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rfeed.vbs
[2012/12/12 13:38:52 | 000,010,571 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rexpire.vbs
[2012/12/12 13:38:50 | 000,011,781 | ---- | C] () -- C:\WINDOWS\System32\dllcache\regfilt.vbs
[2012/12/12 13:38:47 | 000,003,912 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rcancel.vbs
[2012/12/12 13:38:29 | 000,135,680 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/12/12 13:38:28 | 000,198,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/12/12 13:38:10 | 010,011,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgs.imd
[2012/12/12 13:38:09 | 000,733,292 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgr.imd
[2012/12/12 13:38:09 | 000,208,744 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgl.imd
[2012/12/12 13:38:08 | 001,004,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgix.imd
[2012/12/12 13:38:08 | 000,948,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgi.imd
[2012/12/12 13:38:08 | 000,867,242 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgdx.imd
[2012/12/12 13:38:07 | 000,825,038 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgd.imd
[2012/12/12 13:38:07 | 000,487,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsk.dic
[2012/12/12 13:38:07 | 000,188,140 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgc.imd
[2012/12/12 13:38:06 | 000,174,803 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsd.dic
[2012/12/12 13:38:06 | 000,117,248 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/12/12 13:35:36 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/12/12 13:33:30 | 000,061,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/12/12 13:33:19 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/12/12 13:33:17 | 000,034,604 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iisvdir.vbs
[2012/12/12 13:33:15 | 000,060,121 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iisftp.vbs
[2012/12/12 13:33:15 | 000,034,518 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iisext.vbs
[2012/12/12 13:33:15 | 000,032,887 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iisftpdr.vbs
[2012/12/12 13:33:14 | 000,035,074 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iisback.vbs
[2012/12/12 13:33:13 | 000,009,709 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IIS_iis_switch.vbs
[2012/12/12 13:32:16 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/12/12 13:29:18 | 000,001,849 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IIS_clusftp.vbs
[2012/12/12 13:29:18 | 000,001,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IIS_clusweb.vbs
[2012/12/12 13:29:11 | 000,409,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgu.imd
[2012/12/12 13:29:11 | 000,102,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlguc.imd
[2012/12/12 13:29:11 | 000,102,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgsi.imd
[2012/12/12 13:29:11 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgs.imd
[2012/12/12 13:29:10 | 000,427,138 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgie.imd
[2012/12/12 13:29:10 | 000,024,080 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgl.imd
[2012/12/12 13:29:09 | 000,543,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgb.imd
[2012/12/12 13:29:09 | 000,279,894 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgd.imd
[2012/12/12 13:29:08 | 000,462,929 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskdic.dic
[2012/12/12 13:29:08 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/12/12 13:28:06 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/12/12 13:28:06 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/12/12 13:28:06 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/12/12 13:28:05 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/12/12 13:28:04 | 000,017,536 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/12/12 13:28:03 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/12/12 13:28:03 | 000,017,536 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/12/12 13:28:02 | 000,050,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/12/12 13:28:01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/12/12 13:27:52 | 000,046,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/12/11 16:18:16 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012/12/05 07:51:18 | 000,001,994 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2012/12/04 21:11:11 | 010,765,163 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\census.cache
[2012/12/04 21:06:50 | 000,150,661 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ars.cache
[2012/12/03 15:26:40 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
[2012/12/01 09:18:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\IP_192.168.1.51
[2012/12/01 09:12:27 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Brother Net Fix.lnk
[2011/10/26 07:33:22 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/03/14 13:12:41 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2007/03/14 10:47:10 | 000,002,838 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
========== ZeroAccess Check ==========
[2005/05/02 16:57:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/10/26 20:10:30 | 001,520,128 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 03:02:57 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2007/02/17 06:03:19 | 000,278,016 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/09/28 21:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Acronis
[2012/12/12 13:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Avant Downloader
[2012/12/12 03:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FileZilla
[2012/10/03 13:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FinalMediaPlayer
[2009/08/27 13:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2008/12/01 13:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2012/12/14 01:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CompuClever
[2012/12/15 13:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2012/12/05 07:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2012/12/17 11:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2012/12/14 01:40:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC1Data
[2008/12/01 13:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 10
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\shdoclc.dll:SummaryInformation
< End of report >