Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Can not Scan by MBAM , also can not download other ANTI virus/malware&

Started by kavkav123 , Dec 25 2012 01:16 PM

  • Please log in to reply

#1
kavkav123
Posted 25 December 2012 - 01:16 PM

kavkav123

    New Member

  • Member
  • Pip
  • 1 posts
After not working Regular MBAM , I used Mbar and it is last report of it with Could not initialize database!!!
Also it does not let to download most of Anti virus/malware and I must use another computer to donload and USB flash to transfer.
Also I ran Sfc /scannow too.a
please help me , what can I do with it?
====================================================Mbar Report ====================================
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xffffffff8b895ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007f\
Lower Device Object: 0xffffffff8bcfecb0
Lower Device Driver Name: \Driver\arcsas\
Device already Exists: 0xffffffff89e3c460
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff8b897ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007e\
Lower Device Object: 0xffffffff8bd7ecb0
Lower Device Driver Name: \Driver\arcsas\
Device already Exists: 0xffffffff887550b8
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8bd81ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007d\
Lower Device Object: 0xffffffff8bd7fcb0
Lower Device Driver Name: \Driver\arcsas\
Device already Exists: 0xffffffff881d78e0
Initializing...
Done!
Could not initialize database
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8bd81ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8bcd6cd8, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff8bd81910, DeviceName: \Device\VSCSIDISK0\, DriverName: \Driver\dontgo\
DevicePointer: 0xffffffff8bcfbc68, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8bd81ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8bd7fcb0, DeviceName: \Device\0000007d\, DriverName: \Driver\arcsas\
------------ End ----------
Upper DeviceData: 0xffffffffe3f27478, 0xffffffff8bd81ab8, 0xffffffff8836e5d8
Lower DeviceData: 0xffffffffe4106b78, 0xffffffff8bd7fcb0, 0xffffffff881d78e0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\WINDOWS\system32\drivers...
The directory C:\WINDOWS\system32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5E338CBB

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 143107020
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Cannot scan MBR because MBAM is not initialized!
Disk Size: 73295462400 bytes
Sector size: 512 bytes

Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8b897ab8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8bcd5cd8, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff8bcfabb8, DeviceName: \Device\VSCSIDISK1\, DriverName: \Driver\dontgo\
DevicePointer: 0xffffffff8b897880, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8b897ab8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8bd7ecb0, DeviceName: \Device\0000007e\, DriverName: \Driver\arcsas\
------------ End ----------
Upper DeviceData: 0xffffffffe4d33e98, 0xffffffff8b897ab8, 0xffffffff88194ab8
Lower DeviceData: 0xffffffffe5c28660, 0xffffffff8bd7ecb0, 0xffffffff887550b8
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 36D67C9A

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition


**************************
====================================================End of Mbar Report ====================================



Then I removed Acronis True server then restart and it is my last OTL report:
====================================================OTL Report ====================================
OTL logfile created on: 12/25/2012 9:54:27 AM - Run 5
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows Server 2003 Server 2003 R2 Edition Service Pack 2 (Version = 5.2.3790) - Type = NTServer
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
5.00 Gb Paging File | 3.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): c:\pagefile.sys 1000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.24 Gb Total Space | 24.64 Gb Free Space | 36.11% Space Free | Partition Type: NTFS
Drive D: | 68.55 Gb Total Space | 37.30 Gb Free Space | 54.41% Space Free | Partition Type: NTFS
Drive E: | 79.09 Gb Total Space | 9.88 Gb Free Space | 12.49% Space Free | Partition Type: NTFS
Drive G: | 29.30 Gb Total Space | 20.80 Gb Free Space | 71.00% Space Free | Partition Type: NTFS
Drive H: | 85.94 Gb Total Space | 4.65 Gb Free Space | 5.41% Space Free | Partition Type: NTFS
Drive I: | 135.77 Gb Total Space | 36.95 Gb Free Space | 27.22% Space Free | Partition Type: NTFS
Drive J: | 68.36 Gb Total Space | 23.99 Gb Free Space | 35.09% Space Free | Partition Type: NTFS

Computer Name: SERVER90 | User Name: myusers | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/11 20:12:58 | 009,162,752 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
PRC - [2011/05/02 12:20:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2011/03/15 01:05:52 | 000,094,208 | ---- | M] (Adaptec Incorporated) -- C:\Program Files\Adaptec\Adaptec Storage Manager\StorServ.exe
PRC - [2010/04/13 11:07:20 | 000,167,936 | ---- | M] () -- C:\Program Files\SUPERMICRO\SDIII\NTService.exe
PRC - [2009/05/10 20:48:34 | 001,261,984 | ---- | M] (Microsoft ® Corporation) -- D:\Program Files\Microsoft ISA Server\wspsrv.exe
PRC - [2009/05/10 20:48:34 | 000,385,440 | ---- | M] (Microsoft ® Corporation) -- D:\Program Files\Microsoft ISA Server\mspadmin.exe
PRC - [2008/07/21 16:01:12 | 000,098,304 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Java\Tomcat 6.0\bin\tomcat6w.exe
PRC - [2008/07/17 00:14:24 | 000,546,816 | ---- | M] (JH Software ApS) -- C:\Program Files\Simple DNS Plus\sdnsmain.exe
PRC - [2008/07/10 01:49:38 | 040,999,448 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2008\MSSQL\Binn\sqlservr.exe
PRC - [2008/07/10 01:49:34 | 000,369,688 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2008\MSSQL\Binn\SQLAGENT.EXE
PRC - [2008/07/10 00:22:40 | 021,945,368 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft SQL Server\MSAS10.MSSQLSERVER2008\OLAP\bin\msmdsrv.exe
PRC - [2008/07/10 00:22:36 | 000,218,136 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
PRC - [2008/07/10 00:15:32 | 000,031,256 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2008\MSSQL\Binn\fdlauncher.exe
PRC - [2008/06/25 21:04:14 | 000,176,752 | ---- | M] (Microsoft ® Corporation) -- D:\Program Files\Microsoft ISA Server\W3Prefch.exe
PRC - [2008/06/25 21:04:04 | 000,113,264 | ---- | M] (Microsoft ® Corporation) -- D:\Program Files\Microsoft ISA Server\isastg.exe
PRC - [2007/02/18 04:00:00 | 001,053,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/18 04:00:00 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rqs.exe
PRC - [2007/02/18 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2007/02/18 04:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ADAM\dsamain.exe
PRC - [2007/02/18 04:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\w3wp.exe
PRC - [2006/09/27 11:56:22 | 000,622,592 | ---- | M] () -- C:\hc-603561\exes\HostingController.exe
PRC - [2005/11/22 15:06:14 | 000,685,048 | ---- | M] (RealVNC Ltd.) -- D:\Program Files\RealVNC\VNC4\winvnc4.exe
PRC - [2005/08/30 14:28:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\bmss.exe
PRC - [2005/08/30 14:28:32 | 000,067,072 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft ADS\bin\saagent.exe
PRC - [2005/05/13 13:15:22 | 000,233,472 | ---- | M] (Advanced Communications) -- C:\hc-603561\exes\HCSchedulerService.exe
PRC - [2005/05/03 20:42:56 | 000,323,584 | ---- | M] (Microsoft Corporation) -- d:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.exe
PRC - [2005/03/03 13:49:24 | 000,438,272 | ---- | M] (SmarterTools Inc.) -- D:\Program Files\SmarterTools\SmarterStats\Service\SSSvc.exe


========== Modules (SafeList) ==========

MOD - [2011/05/02 12:20:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2010/09/07 04:08:31 | 001,051,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.4770_x-ww_05FDF087\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WinHttpAutoProxySvc)
SRV - File not found [Auto | Stopped] -- -- (MsMpSvc)
SRV - [2012/12/22 11:51:19 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/22 05:17:51 | 000,170,408 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/05/11 20:12:58 | 009,162,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -- (MSSQLSERVER)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/03/15 01:05:52 | 000,094,208 | ---- | M] (Adaptec Incorporated) [Auto | Running] -- C:\Program Files\Adaptec\Adaptec Storage Manager\StorServ.exe -- (AdaptecStorageManagerAgent)
SRV - [2011/03/14 22:23:00 | 000,210,944 | ---- | M] (Adaptec Inc.) [On_Demand | Stopped] -- C:\Program Files\Adaptec\Adaptec Storage Manager\archwprv.exe -- (ArcHwPrv)
SRV - [2011/02/28 13:19:34 | 000,109,728 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service) Intel®
SRV - [2010/07/19 14:17:50 | 000,398,768 | ---- | M] (Array Networks, Inc.) [Disabled | Stopped] -- C:\Program Files\Array Networks\Common\8,4,0,353\arr_isrv.exe -- (Array_Utility_Service8.4.0.353)
SRV - [2010/07/19 14:17:38 | 000,259,504 | ---- | M] (Array Networks, Inc.) [Disabled | Stopped] -- C:\Program Files\Array Networks\Array SSL VPN\8,4,0,353\arr_srvs.exe -- (ArraySSL_VPN_Service8.4.0.353)
SRV - [2010/04/13 11:07:20 | 000,167,936 | ---- | M] () [Auto | Running] -- C:\Program Files\SUPERMICRO\SDIII\NTService.exe -- (SuperMicro Health Assistant)
SRV - [2009/05/10 20:48:34 | 001,261,984 | ---- | M] (Microsoft ® Corporation) [Auto | Running] -- D:\Program Files\Microsoft ISA Server\wspsrv.exe -- (fwsrv)
SRV - [2009/05/10 20:48:34 | 000,385,440 | ---- | M] (Microsoft ® Corporation) [Auto | Running] -- D:\Program Files\Microsoft ISA Server\mspadmin.exe -- (isactrl)
SRV - [2008/07/29 12:10:46 | 003,201,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2008/07/21 16:01:12 | 000,057,344 | ---- | M] (Apache Software Foundation) [Disabled | Stopped] -- C:\Program Files\java\Tomcat 6.0\bin\tomcat6.exe -- (Tomcat6)
SRV - [2008/07/17 00:14:24 | 000,546,816 | ---- | M] (JH Software ApS) [Auto | Running] -- C:\Program Files\Simple DNS Plus\sdnsmain.exe -- (sdnsplus)
SRV - [2008/07/10 01:49:38 | 040,999,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2008\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSQLSERVER2008) SQL Server (MSSQLSERVER2008)
SRV - [2008/07/10 01:49:34 | 000,369,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2008\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$MSSQLSERVER2008) SQL Server Agent (MSSQLSERVER2008)
SRV - [2008/07/10 01:22:18 | 001,106,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- D:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER2008\Reporting Services\ReportServer\bin\ReportingServicesService.exe -- (ReportServer$MSSQLSERVER2008) SQL Server Reporting Services (MSSQLSERVER2008)
SRV - [2008/07/10 00:22:40 | 021,945,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft SQL Server\MSAS10.MSSQLSERVER2008\OLAP\bin\msmdsrv.exe -- (MSOLAP$MSSQLSERVER2008) SQL Server Analysis Services (MSSQLSERVER2008)
SRV - [2008/07/10 00:22:36 | 000,218,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe -- (MsDtsServer100)
SRV - [2008/07/10 00:15:32 | 000,031,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2008\MSSQL\Binn\fdlauncher.exe -- (MSSQLFDLauncher$MSSQLSERVER2008) SQL Full-text Filter Daemon Launcher (MSSQLSERVER2008)
SRV - [2008/06/25 21:04:14 | 000,176,752 | ---- | M] (Microsoft ® Corporation) [Auto | Running] -- D:\Program Files\Microsoft ISA Server\W3Prefch.exe -- (isasched)
SRV - [2008/06/25 21:04:04 | 000,113,264 | ---- | M] (Microsoft ® Corporation) [Auto | Running] -- D:\Program Files\Microsoft ISA Server\isastg.exe -- (ISASTG)
SRV - [2007/02/18 04:00:00 | 000,792,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntfrs.exe -- (NtFrs)
SRV - [2007/02/18 04:00:00 | 000,216,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2007/02/18 04:00:00 | 000,164,864 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\dfssvc.exe -- (Dfs)
SRV - [2007/02/18 04:00:00 | 000,094,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\llssrv.exe -- (LicenseService)
SRV - [2007/02/18 04:00:00 | 000,071,168 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tssdis.exe -- (Tssdis)
SRV - [2007/02/18 04:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsopprov.exe -- (RSoPProv)
SRV - [2007/02/18 04:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\trksvr.dll -- (TrkSvr)
SRV - [2007/02/18 04:00:00 | 000,040,448 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ismserv.exe -- (IsmServ)
SRV - [2007/02/18 04:00:00 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rqs.exe -- (rqs)
SRV - [2007/02/18 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2007/02/18 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/02/18 04:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\sacsvr.dll -- (sacsvr)
SRV - [2007/02/18 04:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\ADAM\dsamain.exe -- (ADAM_ISASTGCTRL)
SRV - [2007/02/18 04:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\ADAM\dsamain.exe -- (ADAM_instance1)
SRV - [2006/09/27 11:56:22 | 000,622,592 | ---- | M] () [Auto | Running] -- C:\hc-603561\exes\HostingController.exe -- (HostingController)
SRV - [2006/09/25 12:53:52 | 000,344,064 | ---- | M] (Advanced Communications) [Disabled | Stopped] -- C:\hc-603561\exes\HCDiskQuota.exe -- (HCDiskQuotaService)
SRV - [2006/04/18 15:05:52 | 000,319,488 | ---- | M] (Advanced Communications) [Disabled | Stopped] -- C:\hc-603561\exes\HCSMTPService.exe -- (HCSMTP Service)
SRV - [2006/04/18 15:04:24 | 000,155,648 | ---- | M] (PJ Naughter) [Disabled | Stopped] -- C:\hc-603561\exes\HCPaymentService.exe -- (HCPaymentService)
SRV - [2005/11/22 15:06:14 | 000,685,048 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- D:\Program Files\RealVNC\VNC4\winvnc4.exe -- (WinVNC4)
SRV - [2005/08/30 14:28:32 | 000,067,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft ADS\bin\saagent.exe -- (ADSAdminAgent)
SRV - [2005/07/16 03:54:28 | 000,094,208 | ---- | M] ( ) [Disabled | Stopped] -- c:\Program Files\Shatter It\NC_Net\OUTPUT\NC_Net.exe -- (NC_Net)
SRV - [2005/05/13 13:15:22 | 000,233,472 | ---- | M] (Advanced Communications) [Auto | Running] -- C:\hc-603561\exes\HCSchedulerService.exe -- (HCSchedulerService)
SRV - [2005/05/03 20:42:56 | 000,323,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- d:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe -- (SQLSERVERAGENT)
SRV - [2005/03/03 13:49:24 | 000,438,272 | ---- | M] (SmarterTools Inc.) [Auto | Running] -- D:\Program Files\SmarterTools\SmarterStats\Service\SSSvc.exe -- (SSCollect)
SRV - [2004/10/12 21:10:54 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe -- (MSSEARCH)
SRV - [2002/08/13 10:46:10 | 000,081,920 | ---- | M] (Persits Software, Inc.) [Disabled | Stopped] -- C:\Program Files\IIS_Extensions\AspEmail45\EmailAgent\BIN\EmailAgent.exe -- (EmailAgent)


========== Driver Services (SafeList) ==========

DRV - [2012/12/24 00:16:12 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- D:\v\EmsisoftEmergencyKit\Run\a2ddax86.sys -- (A2DDA)
DRV - [2011/03/11 12:25:10 | 000,056,960 | ---- | M] (Citrix Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cvhdbus.sys -- (cvhdbus)
DRV - [2011/03/11 12:24:58 | 000,017,024 | ---- | M] (Citrix Systems, Inc.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\CFsDep.sys -- (CFsDep)
DRV - [2010/12/18 03:03:56 | 000,021,696 | ---- | M] (Almico Software) [Kernel | System | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010/11/08 13:04:26 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2010/08/18 10:21:26 | 000,025,088 | ---- | M] (SoftLayer, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SMMdrv.sys -- (SMMdrv) SoftLayer Mainboard Management Bus Driver (V)
DRV - [2010/01/18 22:22:22 | 000,010,496 | ---- | M] (SuperMicro Computer, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\smbus.sys -- (SMBus)
DRV - [2009/11/16 06:27:58 | 000,036,552 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\ioatdma.sys -- (ioatdma) Intel®
DRV - [2009/11/03 20:32:18 | 000,004,736 | ---- | M] (SuperMicro Computer, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\IsaIoNt.sys -- (ISAIONT)
DRV - [2009/05/10 20:48:32 | 000,419,744 | ---- | M] (Microsoft ® Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fweng.sys -- (Fweng)
DRV - [2008/07/10 01:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2007/07/26 16:25:46 | 000,021,504 | ---- | M] (STMicroelectronics, INC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\stm_tpm.sys -- (stmtpm)
DRV - [2007/03/14 18:36:00 | 000,082,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\3wareDrv.sys -- (3wareDrv)
DRV - [2007/02/18 04:00:00 | 000,169,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wlbs.sys -- (WLBS)
DRV - [2007/02/18 04:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ClusDisk.sys -- (ClusDisk)
DRV - [2007/02/18 04:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/02/18 04:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dfs.sys -- (DfsDriver)
DRV - [2007/02/16 18:18:04 | 000,343,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mpad.sys -- (ati2mpad)
DRV - [2006/12/15 12:25:00 | 000,019,456 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\msas2k3.sys -- (msas2k3)
DRV - [2006/03/17 01:17:00 | 000,053,248 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bchtsw32.sys -- (bchtsw32)
DRV - [2006/01/13 20:28:00 | 000,267,264 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aar81xx.sys -- (aar81xx)
DRV - [2004/06/29 12:25:26 | 000,007,680 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\DontGo.sys -- (dontgo)
DRV - [2003/11/05 06:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)
DRV - [2003/10/24 15:57:04 | 000,104,968 | ---- | M] (Internet Security Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RapDrv.sys -- (RapDrv)
DRV - [2003/03/24 21:16:00 | 000,140,288 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2003/02/25 18:26:44 | 000,024,344 | ---- | M] (Internet Security Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RapNet.sys -- (RapNet)
DRV - [2003/02/25 18:26:28 | 000,036,644 | ---- | M] (Internet Security Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RapFile.sys -- (RapFile)
DRV - [2000/11/12 07:14:18 | 000,003,908 | ---- | M] (SuperMicro Computer, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\memmapnt.sys -- (MemMapNt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/hardAdmin.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = res://iesetup.dll/hardAdmin.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/hardAdmin.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/hardAdmin.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = res://iesetup.dll/hardAdmin.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/hardAdmin.htm
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2150476757-1934398832-522589061-1017\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2150476757-1934398832-522589061-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-21-2150476757-1934398832-522589061-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-21-2150476757-1934398832-522589061-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2150476757-1934398832-522589061-5188\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-21-2150476757-1934398832-522589061-5188\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-21-2150476757-1934398832-522589061-5188\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-21-2150476757-1934398832-522589061-5188\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/31 00:15:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/06 22:17:05 | 000,000,000 | ---D | M]

[2009/04/16 01:25:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2012/12/24 16:59:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5gz1bm06.default\extensions
[2010/05/10 08:08:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5gz1bm06.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/12/22 05:05:17 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5gz1bm06.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2012/12/24 16:59:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/19 01:29:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/19 04:08:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/06 01:08:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/28 22:22:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/21 20:28:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/07/12 15:53:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

O1 HOSTS File: ([2010/08/19 03:22:30 | 000,264,358 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 9163 more lines...
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [ApacheTomcatMonitor] C:\Program Files\java\Tomcat 6.0\bin\tomcat6w.exe (Apache Software Foundation)
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2150476757-1934398832-522589061-1017..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\New Folder [2011/03/23 02:18:59 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Supero Doctor III Client.lnk = C:\Program Files\SUPERMICRO\SDIII\SuperoDoctor.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ShowSuperHidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLockedUserId = 3
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2150476757-1934398832-522589061-1017\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2150476757-1934398832-522589061-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O7 - HKU\S-1-5-21-2150476757-1934398832-522589061-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O7 - HKU\S-1-5-21-2150476757-1934398832-522589061-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O7 - HKU\S-1-5-21-2150476757-1934398832-522589061-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2150476757-1934398832-522589061-5188\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49b2-880A-1F7738E5A384} - D:\Program Files\Microsoft ISA Server\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2007/04/19 02:23:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/12/22 17:12:19 | 000,000,000 | R-SD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/12/22 17:12:19 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/12/22 17:12:19 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/12/22 17:12:19 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/12/22 17:12:19 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/12/22 17:12:19 | 000,000,000 | RHSD | M] - I:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2007/04/19 02:23:27 | 000,000,000 | ---- | M] () - J:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/12/22 17:12:19 | 000,000,000 | RHSD | M] - J:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /k:I *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files - Modified Within 30 Days ==========

[2012/12/25 09:59:00 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6308B427-5D34-4D0B-AC39-41DFBE332ADA}.job
[2012/12/25 09:51:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/25 09:50:01 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\Correct Mail Dns.job
[2012/12/25 09:46:46 | 000,010,193 | ---- | M] () -- C:\WINDOWS\System32\SuperD.ini
[2012/12/25 09:46:08 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\SetNetworkIPsattStartup.job
[2012/12/25 09:46:05 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\BlockMostActiveIPS.job
[2012/12/25 09:46:05 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\IIS-keep-Up.job
[2012/12/25 09:46:01 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/25 09:40:58 | 000,018,439 | ---- | M] () -- C:\WINDOWS\uedit32.INI
[2012/12/25 07:47:34 | 000,000,608 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\mbar.exe.lnk
[2012/12/25 05:00:00 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\ShadowCopyVolume{9f7af425-0876-11dd-a13a-0030487d4759}.job
[2012/12/24 22:48:06 | 000,001,673 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Information Services (IIS) Manager.lnk
[2012/12/24 22:10:43 | 000,879,472 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/12/24 22:10:43 | 000,233,336 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/12/24 21:31:27 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/12/24 21:05:43 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/12/24 21:05:43 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/24 17:18:02 | 000,000,466 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2012/12/24 17:15:02 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Mov-Win-Log.job
[2012/12/24 17:00:00 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\ShadowCopyVolume{9f7af421-0876-11dd-a13a-0030487d4759}.job
[2012/12/24 16:24:37 | 000,000,716 | RHS- | M] () -- C:\boot.ini
[2012/12/24 16:15:19 | 000,000,716 | RHS- | M] () -- C:\BOOT.BAK
[2012/12/24 16:13:03 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\Mov-Win-Log-MihanHost.job
[2012/12/24 15:55:15 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\FixFtpPerMitons.job
[2012/12/24 15:42:55 | 000,002,177 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ISA Server Management.lnk
[2012/12/24 15:31:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\tasks\DelTemporaryFiles.job
[2012/12/24 15:00:01 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\ShadowCopyVolume{a83038cc-0838-11dd-a667-806e6f6e6963}.job
[2012/12/24 13:01:39 | 000,000,468 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/12/24 12:57:42 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\zipMihanhostlogz.job
[2012/12/24 11:48:29 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/12/24 11:47:48 | 000,172,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/12/24 11:36:14 | 000,001,373 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Security Configuration Wizard.lnk
[2012/12/24 06:22:59 | 000,003,470 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/12/24 05:36:17 | 000,000,726 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/12/23 22:33:25 | 000,008,858 | ---- | M] () -- C:\WINDOWS\System32\SuperD.bak
[2012/12/23 15:35:20 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\SystemStateBackup.job
[2012/12/23 14:43:55 | 000,001,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Supero Doctor III Client.lnk
[2012/12/23 14:43:52 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Supero Doctor III for Local.url
[2012/12/23 14:43:51 | 000,000,635 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Supero Doctor III Client.lnk
[2012/12/23 13:41:23 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk
[2012/12/23 13:31:15 | 014,373,078 | ---- | M] () -- C:\Program Files\Microsoft Security Client.rar
[2012/12/23 13:00:22 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/12/22 17:07:40 | 000,000,010 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2012/12/22 14:05:00 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/12/22 11:51:18 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/12/22 11:51:18 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/12/22 11:51:15 | 015,728,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012/12/22 07:32:46 | 000,000,910 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Driver Genius Professional Edition.lnk
[2012/12/22 05:20:36 | 000,000,768 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/12/22 05:17:51 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll
[2012/12/22 05:17:51 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012/12/22 05:17:51 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/12/22 05:17:51 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/12/22 05:17:51 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/12/22 05:17:51 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/12/22 05:17:51 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/12/22 02:16:29 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/12/22 02:16:29 | 000,001,704 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/12/22 02:16:29 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[2012/12/21 13:50:08 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\Administrator\BlueScreenView.cfg
[2012/12/21 09:10:12 | 000,000,644 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to msconfig.exe.lnk
[2012/12/19 10:28:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/16 04:24:37 | 000,287,232 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012/12/16 04:24:37 | 000,287,232 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012/12/14 20:15:48 | 000,000,000 | ---- | M] () -- C:\t2hk.1
[2012/12/14 20:15:45 | 000,000,000 | ---- | M] () -- C:\t2hk
[2012/12/12 00:01:12 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/11/25 15:49:56 | 000,000,000 | ---- | M] () -- C:\t2ho.3
[2012/11/25 15:49:54 | 000,000,000 | ---- | M] () -- C:\t2ho.2
[993 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/25 07:47:23 | 000,000,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\mbar.exe.lnk
[2012/12/24 21:05:43 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/12/24 21:05:43 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/24 11:36:14 | 000,001,373 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Security Configuration Wizard.lnk
[2012/12/24 11:34:01 | 000,082,432 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2012/12/24 11:34:01 | 000,082,432 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2012/12/24 07:13:26 | 000,000,716 | RHS- | C] () -- C:\BOOT.BAK
[2012/12/24 05:36:17 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/12/24 05:36:17 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/12/23 22:33:25 | 000,008,858 | ---- | C] () -- C:\WINDOWS\System32\SuperD.bak
[2012/12/23 15:00:04 | 001,413,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tintlgs.imd
[2012/12/23 15:00:03 | 000,455,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tintlgl.imd
[2012/12/23 15:00:03 | 000,171,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tintlgc.imd
[2012/12/23 14:57:02 | 000,006,331 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rsess.vbs
[2012/12/23 14:56:58 | 000,026,417 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rfeed.vbs
[2012/12/23 14:56:58 | 000,012,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rgroup.vbs
[2012/12/23 14:56:58 | 000,010,571 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rexpire.vbs
[2012/12/23 14:56:57 | 000,011,781 | ---- | C] () -- C:\WINDOWS\System32\dllcache\regfilt.vbs
[2012/12/23 14:56:55 | 000,003,912 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rcancel.vbs
[2012/12/23 14:56:30 | 000,135,680 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/12/23 14:56:29 | 000,198,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/12/23 14:56:16 | 010,011,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgs.imd
[2012/12/23 14:56:14 | 000,733,292 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgr.imd
[2012/12/23 14:56:14 | 000,208,744 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgl.imd
[2012/12/23 14:56:13 | 001,004,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgix.imd
[2012/12/23 14:56:13 | 000,948,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgi.imd
[2012/12/23 14:56:12 | 000,867,242 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgdx.imd
[2012/12/23 14:56:12 | 000,825,038 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgd.imd
[2012/12/23 14:56:12 | 000,188,140 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlgc.imd
[2012/12/23 14:56:11 | 000,487,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsk.dic
[2012/12/23 14:56:11 | 000,174,803 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsd.dic
[2012/12/23 14:56:11 | 000,117,248 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/12/23 14:53:48 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/12/23 14:53:03 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/12/23 14:52:31 | 000,061,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/12/23 14:52:14 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/12/23 14:51:16 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/12/23 14:48:56 | 000,409,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgu.imd
[2012/12/23 14:48:56 | 000,102,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlguc.imd
[2012/12/23 14:48:56 | 000,102,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgsi.imd
[2012/12/23 14:48:55 | 000,543,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgb.imd
[2012/12/23 14:48:55 | 000,427,138 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgie.imd
[2012/12/23 14:48:55 | 000,279,894 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgd.imd
[2012/12/23 14:48:55 | 000,024,080 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgl.imd
[2012/12/23 14:48:55 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cintlgs.imd
[2012/12/23 14:48:54 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/12/23 14:48:53 | 000,462,929 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskdic.dic
[2012/12/23 14:48:08 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/12/23 14:48:08 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/12/23 14:48:08 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/12/23 14:48:07 | 000,017,536 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/12/23 14:48:07 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/12/23 14:48:06 | 000,050,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/12/23 14:48:06 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/12/23 14:48:06 | 000,017,536 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/12/23 14:48:05 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/12/23 14:48:00 | 000,046,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/12/23 14:43:55 | 000,001,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Supero Doctor III Client.lnk
[2012/12/23 14:43:52 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Supero Doctor III for Local.url
[2012/12/23 14:43:51 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\SDRES_ru.dll
[2012/12/23 14:43:51 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\SDRES.dll
[2012/12/23 14:43:51 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\SDRES_zhtw.dll
[2012/12/23 14:43:51 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\SDRES_zhcn.dll
[2012/12/23 14:43:51 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\sndmail.exe
[2012/12/23 14:43:51 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2012/12/23 14:43:51 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\omnithread_rt.dll
[2012/12/23 14:43:51 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2012/12/23 14:43:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SD3Service.exe
[2012/12/23 14:43:51 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\supermon.dll
[2012/12/23 14:43:51 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\SMBiosInfo.exe
[2012/12/23 14:43:51 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\StartCtl.exe
[2012/12/23 14:43:51 | 000,014,169 | ---- | C] () -- C:\WINDOWS\System32\drivers\SUPERBMC.SYS
[2012/12/23 14:43:51 | 000,012,063 | ---- | C] () -- C:\WINDOWS\System32\SuperDOpt.ini
[2012/12/23 14:43:51 | 000,003,238 | ---- | C] () -- C:\WINDOWS\System32\WinIo.sys
[2012/12/23 14:43:51 | 000,000,635 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Supero Doctor III Client.lnk
[2012/12/23 14:43:49 | 000,010,193 | ---- | C] () -- C:\WINDOWS\System32\SuperD.ini
[2012/12/23 14:43:49 | 000,004,761 | ---- | C] () -- C:\WINDOWS\System32\MEMDIMM.ini
[2012/12/23 14:34:43 | 000,121,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012/12/23 14:34:43 | 000,006,005 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2012/12/23 13:41:23 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk
[2012/12/23 13:31:10 | 014,373,078 | ---- | C] () -- C:\Program Files\Microsoft Security Client.rar
[2012/12/22 17:07:39 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2012/12/22 11:18:17 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/22 07:32:46 | 000,000,910 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Driver Genius Professional Edition.lnk
[2012/12/21 13:50:08 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Administrator\BlueScreenView.cfg
[2012/12/21 09:10:12 | 000,000,644 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to msconfig.exe.lnk
[2012/12/21 07:23:34 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2012/12/20 06:09:29 | 000,291,904 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/12/20 06:09:29 | 000,130,942 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/12/14 20:15:48 | 000,000,000 | ---- | C] () -- C:\t2hk.1
[2012/12/14 20:15:45 | 000,000,000 | ---- | C] () -- C:\t2hk
[2012/11/25 15:49:56 | 000,000,000 | ---- | C] () -- C:\t2ho.3
[2012/11/25 15:49:54 | 000,000,000 | ---- | C] () -- C:\t2ho.2
[2011/06/20 10:48:11 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\tccom.exe
[2011/05/03 20:02:16 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\setupnt.dll
[2011/01/23 13:40:11 | 000,000,466 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010/09/04 04:32:06 | 000,001,910 | ---- | C] () -- C:\Program Files\setup.inf
[2010/09/04 04:32:06 | 000,000,283 | ---- | C] () -- C:\Program Files\setup.rpt
[2010/04/15 09:07:51 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/02/08 07:33:04 | 000,359,320 | ---- | C] () -- C:\WINDOWS\System32\vfprintpthelper.dll
[2009/11/13 12:44:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tirf44.dat
[2009/04/13 06:00:46 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/13 02:59:08 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\mchInjDrv.sys
[2008/10/16 22:40:10 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/09/06 04:27:52 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\PUTTY.RND
[2008/08/21 16:05:30 | 000,004,100 | ---- | C] () -- C:\WINDOWS\System32\hdvirffo.dll
[2008/07/13 16:53:49 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\drivers\tmbi.sys
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/05/20 02:38:46 | 001,073,152 | ---- | C] () -- C:\WINDOWS\System32\libmysql_c.dll
[2008/05/16 08:24:04 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\SUPERDLL.DLL
[2008/05/03 16:38:32 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2008/04/30 19:57:38 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\aspSmartUploadUtil.dll
[2008/04/27 12:02:24 | 002,035,712 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll
[2008/04/22 13:29:52 | 000,305,888 | ---- | C] () -- C:\WINDOWS\NICCfg.dat
[2008/04/22 13:29:26 | 000,305,896 | ---- | C] () -- C:\WINDOWS\dhcpcfg.dat
[2008/04/21 21:58:13 | 000,018,439 | ---- | C] () -- C:\WINDOWS\uedit32.INI
[2008/04/17 13:03:51 | 000,249,856 | ---- | C] () -- C:\WINDOWS\libmySQL.dll
[2008/04/17 05:46:23 | 000,003,182 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/04/16 04:07:24 | 000,036,939 | ---- | C] () -- C:\WINDOWS\System32\insrepim.exe
[2008/04/14 03:22:25 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2008/04/13 16:43:29 | 000,000,070 | ---- | C] () -- C:\WINDOWS\my.ini
[2008/04/13 10:56:33 | 000,000,082 | ---- | C] () -- C:\WINDOWS\System32\hapi32.dll
[2008/04/13 10:55:33 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\mimepp_core.dll
[2008/04/13 10:55:33 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vbpasswd.dll
[2008/04/13 10:55:33 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\PASSWD.DLL
[2008/04/13 10:54:53 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\BINDCmd.exe
[2008/04/13 07:01:33 | 000,050,666 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2008/04/13 07:01:30 | 000,010,793 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2008/04/13 07:01:29 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2008/04/12 02:31:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/04/11 20:49:53 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2008/04/11 20:44:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\frontpg.ini
[2008/04/11 20:39:28 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icfutil.exe
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/06/06 16:58:30 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\ktzlib80.dll
[2007/04/19 05:38:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/04/19 03:43:09 | 000,082,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\3wareDrv.sys
[2007/04/19 02:28:35 | 000,002,048 | ---- | C] () -- C:\WINDOWS\bootstat.dat
[2007/04/19 02:19:54 | 000,021,160 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/04/18 20:58:48 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/04/18 20:57:41 | 000,172,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/02/18 04:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2007/02/18 04:00:00 | 000,879,472 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2007/02/18 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2007/02/18 04:00:00 | 000,275,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2007/02/18 04:00:00 | 000,233,336 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2007/02/18 04:00:00 | 000,216,006 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2007/02/18 04:00:00 | 000,179,577 | ---- | C] () -- C:\WINDOWS\System32\schema.ini
[2007/02/18 04:00:00 | 000,046,907 | ---- | C] () -- C:\WINDOWS\mib.bin
[2007/02/18 04:00:00 | 000,029,710 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2007/02/18 04:00:00 | 000,024,819 | ---- | C] () -- C:\WINDOWS\System32\ntdsctrs.ini
[2007/02/18 04:00:00 | 000,020,386 | ---- | C] () -- C:\WINDOWS\System32\ntfrsrep.ini
[2007/02/18 04:00:00 | 000,011,817 | ---- | C] () -- C:\WINDOWS\System32\iasperf.ini
[2007/02/18 04:00:00 | 000,011,030 | ---- | C] () -- C:\WINDOWS\System32\ipsecprf.ini
[2007/02/18 04:00:00 | 000,005,644 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/02/18 04:00:00 | 000,005,597 | ---- | C] () -- C:\WINDOWS\System32\ntfrscon.ini
[2007/02/18 04:00:00 | 000,004,725 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007/02/18 04:00:00 | 000,004,459 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2007/02/18 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/02/18 04:00:00 | 000,000,041 | ---- | C] () -- C:\WINDOWS\System32\mqtgsvc.exe.cfg
[1996/04/03 11:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

< End of report >
====================================================End Of OTL Report ====================================
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP